opencandy

[danielka1968]

Dobrý den. Můj antvirový program Microsoft security Essentials mi hlasi, ze pocitac je potencionalne nechranen.. Nalezl mi OPENCANDY. Zde je log z RSIT . Děkuji za pomoc Logfile of random's system information tool 1.09 (written by random/random)
Run by dana at 2013-01-04 21:58:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 307 GB (64%) free of 477 GB
Total RAM: 1791 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:36, on 4.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Iminent\IMBooster\imbooster.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Clownfish\Clownfish.exe
C:\Program Files\My Cute Buddy\myCuteBuddy.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\9X72XE1A\RSIT[1].exe
C:\Program Files\trend micro\dana.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" (file missing)
O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [GameXN GO] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /startup
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\dana\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [MyCuteBuddy] "C:\Program Files\My Cute Buddy\myCuteBuddy.exe" "file:///C:/Program Files/My Cute Buddy/Content/Cute Kitty/piticho.buddy" /m /u
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

--
End of file - 11666 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC5_AutoClean.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-507921405-1425521274-839522115-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-507921405-1425521274-839522115-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-0076-A76A-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ATU4\Passport.dll [2012-10-05 13000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
TBSB01620 Class - C:\Program Files\IMinent Toolbar\tbcore3.dll [2010-07-02 2607872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-12 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
IMinent WebBooster (BHO) - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll [2011-03-22 335336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-09-21 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll [2012-08-14 1002992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-12 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]
{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - IMinent Toolbar - C:\Program Files\IMinent Toolbar\tbcore3.dll [2010-07-02 2607872]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-09-21 192144]
{41545534-0076-A76A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\ATU4\Passport.dll [2012-10-05 13000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-07-28 19557480]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-06-06 1564872]
"ZSSnp211"=C:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]
"Domino"=C:\WINDOWS\Domino.exe [2006-08-18 49152]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"IMBooster"=C:\Program Files\Iminent\IMBooster\imbooster.exe [2011-03-30 1324008]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2012-10-05 1239040]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-08-30 139264]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-12 39408]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-06-24 941968]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-06-24 3373968]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-06-24 20880]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"GameXN GO"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe /startup []
"Facebook Update"=C:\Documents and Settings\dana\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Clownfish"=C:\Program Files\Clownfish\Clownfish.exe [2012-08-27 1121016]
"MyCuteBuddy"=C:\Program Files\My Cute Buddy\myCuteBuddy.exe [2012-10-23 2328064]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe [2012-06-06 1564872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
C:\WINDOWS\Domino.exe [2006-08-18 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-12 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZSSnp211]
C:\WINDOWS\ZSSnp211.exe [2007-04-06 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Documents and Settings\dana\Plocha\Martí\programy\aTube Catcher 2.0\yct.exe"="C:\Documents and Settings\dana\Plocha\Martí\programy\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Iminent\IMBooster\IMBooster.exe"="C:\Program Files\Iminent\IMBooster\IMBooster.exe:*:Enabled:IMBooster"
"C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe"="C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe:*:Enabled:MMServer"
"C:\Documents and Settings\dana\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\dana\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-01-04 21:58:07 ----D---- C:\Program Files\trend micro
2013-01-04 21:58:06 ----D---- C:\rsit
2013-01-04 10:51:14 ----D---- C:\WINDOWS\LastGood
2013-01-04 10:51:14 ----A---- C:\WINDOWS\system32\muweb.dll
2013-01-04 10:51:14 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-01-03 16:11:35 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-01-03 16:10:21 ----D---- C:\Program Files\Microsoft Security Client
2012-12-29 19:52:08 ----D---- C:\Documents and Settings\dana\Data aplikací\IObit
2012-12-29 19:51:54 ----D---- C:\Program Files\IObit
2012-12-29 19:46:01 ----D---- C:\Program Files\Lavalys
2012-12-28 13:23:29 ----H---- C:\WINDOWS\nsb2B.tmp
2012-12-21 14:40:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$
2012-12-12 08:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2012-12-12 08:36:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$
2012-12-12 08:36:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$
2012-12-12 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$
2012-12-12 08:35:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$

======List of files/folders modified in the last 1 month======

2013-01-04 21:58:07 ----RD---- C:\Program Files
2013-01-04 21:58:03 ----D---- C:\WINDOWS\Prefetch
2013-01-04 19:28:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-04 17:30:02 ----D---- C:\Nemazat
2013-01-04 17:02:32 ----D---- C:\WINDOWS\Temp
2013-01-04 10:51:14 ----HD---- C:\WINDOWS\inf
2013-01-04 10:51:14 ----D---- C:\WINDOWS\system32
2013-01-04 10:51:14 ----D---- C:\WINDOWS
2013-01-04 10:32:01 ----SD---- C:\WINDOWS\Tasks
2013-01-04 10:26:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-01-04 10:22:36 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-03 21:32:57 ----D---- C:\WINDOWS\system32\drivers
2013-01-03 16:45:59 ----D---- C:\Documents and Settings\dana\Data aplikací\OpenCandy
2013-01-03 16:10:45 ----SHD---- C:\WINDOWS\Installer
2013-01-03 16:10:45 ----SHD---- C:\Config.Msi
2013-01-03 16:10:34 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-01-03 16:10:14 ----SD---- C:\Documents and Settings\dana\Data aplikací\Microsoft
2013-01-03 16:07:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-01-03 15:22:40 ----D---- C:\Documents and Settings\dana\Data aplikací\vlc
2013-01-02 17:05:06 ----D---- C:\Program Files\Guitar Pro 5
2013-01-02 17:04:54 ----RSD---- C:\WINDOWS\Fonts
2012-12-28 13:25:01 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-12-22 14:31:48 ----D---- C:\Documents and Settings\dana\Data aplikací\ICQ
2012-12-21 14:40:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-12-21 14:40:13 ----HD---- C:\WINDOWS\$hf_mig$
2012-12-16 13:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll
2012-12-13 11:56:17 ----RD---- C:\Program Files\Skype
2012-12-13 11:56:11 ----D---- C:\Documents and Settings\dana\Data aplikací\Skype
2012-12-13 11:56:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-12-12 08:35:46 ----D---- C:\Program Files\Internet Explorer
2012-12-12 08:35:36 ----D---- C:\WINDOWS\ie8updates
2012-12-12 08:32:48 ----A---- C:\WINDOWS\system32\MRT.exe
2012-12-12 08:21:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-06 17:49:30 ----D---- C:\Documents and Settings\dana\Data aplikací\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-01 3452928]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-28 6108776]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 vvftav211;vvftav211; C:\WINDOWS\system32\drivers\vvftav211.sys [2007-12-10 480128]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2010-08-24 305312]
R3 ZSMC30x;USB PC Camera Service ZSMC30x; C:\WINDOWS\System32\Drivers\ZS211.sys [2007-12-13 1472000]
S1 cmjgfsvc;cmjgfsvc; \??\C:\WINDOWS\system32\drivers\cmjgfsvc.sys []
S1 cmrigbzu;cmrigbzu; \??\C:\WINDOWS\system32\drivers\cmrigbzu.sys []
S1 cuqqtmig;cuqqtmig; \??\C:\WINDOWS\system32\drivers\cuqqtmig.sys []
S1 dggjjdoe;dggjjdoe; \??\C:\WINDOWS\system32\drivers\dggjjdoe.sys []
S1 dnzejvco;dnzejvco; \??\C:\WINDOWS\system32\drivers\dnzejvco.sys []
S1 hzvezagg;hzvezagg; \??\C:\WINDOWS\system32\drivers\hzvezagg.sys []
S1 idlfjtis;idlfjtis; \??\C:\WINDOWS\system32\drivers\idlfjtis.sys []
S1 jgvhvxwg;jgvhvxwg; \??\C:\WINDOWS\system32\drivers\jgvhvxwg.sys []
S1 jhsievfp;jhsievfp; \??\C:\WINDOWS\system32\drivers\jhsievfp.sys []
S1 ojdwyugp;ojdwyugp; \??\C:\WINDOWS\system32\drivers\ojdwyugp.sys []
S1 reocefbv;reocefbv; \??\C:\WINDOWS\system32\drivers\reocefbv.sys []
S1 rgnhuxaz;rgnhuxaz; \??\C:\WINDOWS\system32\drivers\rgnhuxaz.sys []
S1 skvwhafq;skvwhafq; \??\C:\WINDOWS\system32\drivers\skvwhafq.sys []
S1 vfssilbe;vfssilbe; \??\C:\WINDOWS\system32\drivers\vfssilbe.sys []
S1 whgfvgwl;whgfvgwl; \??\C:\WINDOWS\system32\drivers\whgfvgwl.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-06-07 20032]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd;VideoCAM Eye; C:\WINDOWS\system32\DRIVERS\snpstd.sys []
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2010-12-21 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2010-12-21 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2010-12-21 123776]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-06-02 114280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2012-10-05 166600]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2011-01-20 217088]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-12 161768]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-01-28 632792]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-12 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-12 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-13 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-22 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

[vyosek]

Zdravim, pekny vecer preji a vitam vas u nas na foru

Vas log se studuje a pracuje se na nem .
Prosim o strpeni!

[vyosek]

OpenCandy je povazovan za spyware (druh skodlivych programu) a antivir by jej mel mazat

Krom toho tam mate spousty dalsich adware - nezadouci reklamni SW a toolbary (zpomalujici reklamni listy v prohlizecich)

A dale tam vidim i nejakou tu havet, no nejakou, celou zoo i s babkou pokladni

Vse se samozrejme pokusime odstranit a PC polecit, dodrzujte prosim me pokyny a pokud nebude neco jasneho, tak se ptejte...

Odinstalujte Advanced SystemCare 5 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[danielka1968]

Nevím, co je IOBit a kde to najít... jinak vkládám log
# AdwCleaner v2.104 - Logfile created 01/05/2013 at 11:20:26
# Updated 29/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : dana - DANA-PC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\dana\Dokumenty\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Found : C:\DOCUME~1\Dájuše\LOCALS~1\Temp\APN
Folder Found : C:\DOCUME~1\dana\LOCALS~1\Temp\APN
Folder Found : C:\DOCUME~1\dana\LOCALS~1\Temp\Iminent
Folder Found : C:\Documents and Settings\All Users\Data aplikací\APN
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Iminent
Folder Found : C:\Documents and Settings\All Users\Nabídka Start\Programy\Iminent
Folder Found : C:\Documents and Settings\Dájuše\Data aplikací\Toolbar4
Folder Found : C:\Documents and Settings\dana\Data aplikací\Iminent
Folder Found : C:\Documents and Settings\dana\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\dana\Data aplikací\Toolbar4
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\Iminent
Folder Found : C:\Program Files\IMinent toolbar
Folder Found : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\AskBarDis
Key Found : HKCU\Software\AppDataLow\AskToolbarInfo
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\TBSB01620
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
Key Found : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\Software\PIP
Key Found : HKU\S-1-5-21-507921405-1425521274-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

*************************

AdwCleaner[R1].txt - [15220 octets] - [05/01/2013 11:20:26]

########## EOF - C:\AdwCleaner[R1].txt - [15281 octets] ##########

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[danielka1968]

# AdwCleaner v2.104 - Logfile created 01/06/2013 at 15:47:51
# Updated 29/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : dana - DANA-PC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\dana\Plocha\Martí\programy\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\DOCUME~1\Dájuše\LOCALS~1\Temp\APN
Folder Deleted : C:\DOCUME~1\dana\LOCALS~1\Temp\APN
Folder Deleted : C:\DOCUME~1\dana\LOCALS~1\Temp\Iminent
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\APN
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Iminent
Folder Deleted : C:\Documents and Settings\All Users\Nabídka Start\Programy\Iminent
Folder Deleted : C:\Documents and Settings\Dájuše\Data aplikací\Toolbar4
Folder Deleted : C:\Documents and Settings\dana\Data aplikací\Iminent
Folder Deleted : C:\Documents and Settings\dana\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\dana\Data aplikací\Toolbar4
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\IMinent toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\TBSB01620
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\Software\PIP
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [15351 octets] - [05/01/2013 11:20:26]
AdwCleaner[R2].txt - [15412 octets] - [05/01/2013 11:21:26]
AdwCleaner[S1].txt - [12015 octets] - [06/01/2013 15:47:51]

########## EOF - C:\AdwCleaner[S1].txt - [12076 octets] ##########

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 20 az 25 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[danielka1968]

OTL 1.část:
OTL logfile created on: 6.1.2013 17:58:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dana\Plocha\Martí\programy
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,18% Memory free
3,60 Gb Paging File | 2,95 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 301,38 Gb Free Space | 64,71% Space Free | Partition Type: NTFS

Computer Name: DANA-PC | User Name: dana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.06 17:56:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dana\Plocha\Martí\programy\OTL.exe
PRC - [2012.10.23 17:01:56 | 002,328,064 | ---- | M] (My Cute Buddy) -- C:\Program Files\My Cute Buddy\myCuteBuddy.exe
PRC - [2012.09.12 22:02:58 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.09.12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012.09.12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.08.27 12:12:30 | 001,121,016 | ---- | M] (Bogdan Sharkov) -- C:\Program Files\Clownfish\Clownfish.exe
PRC - [2011.06.24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.06.24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.01.28 13:22:50 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011.01.20 02:59:18 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.06 10:06:58 | 000,057,344 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe
PRC - [2006.08.30 14:05:16 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.08.30 14:03:06 | 000,880,640 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2006.08.18 15:58:14 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe


========== Modules (No Company Name) ==========

MOD - [2012.11.14 14:28:03 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\88ae87c0af91d679bbeaaeeb1c4ab9c8\System.Management.ni.dll
MOD - [2012.11.14 14:26:05 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\06cf816caaf03dc1d3f8945e335c5105\System.Runtime.Remoting.ni.dll
MOD - [2012.11.14 14:25:53 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\f340d6d2f714f641ec63cc69f85eaa0d\System.Xaml.ni.dll
MOD - [2012.11.14 14:13:10 | 001,836,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\a07b3d488f0ec354d9b2778b645873a9\Microsoft.VisualBasic.ni.dll
MOD - [2012.11.14 14:12:01 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\b809681da85a58046cb39f268b6697ad\System.Web.ni.dll
MOD - [2012.11.14 14:09:25 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll
MOD - [2012.11.14 14:07:53 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\b5af2249e2d550f2752176a75c7a7656\Accessibility.ni.dll
MOD - [2012.11.14 12:54:47 | 018,000,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e7e541ea6001b032c801c05773b44622\PresentationFramework.ni.dll
MOD - [2012.11.14 12:54:26 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\d0ad071b17c23df135fe90b9f38f0570\PresentationCore.ni.dll
MOD - [2012.11.14 12:54:13 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\86a1cb7476fd99cd047055bec72bebf6\PresentationFramework.Luna.ni.dll
MOD - [2012.11.14 12:54:12 | 003,856,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\61c53f76cd398b33c852798f164163f9\WindowsBase.ni.dll
MOD - [2012.11.14 12:52:04 | 013,197,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a8319839729e0e30785fcb36fb13b440\System.Windows.Forms.ni.dll
MOD - [2012.11.14 12:51:36 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\586e41e15e1d44fe197b9d1cc5575f8c\System.Xml.ni.dll
MOD - [2012.11.14 12:51:31 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\c409feb9182d01c80872f2031d68053e\System.Configuration.ni.dll
MOD - [2012.11.14 12:51:26 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\c87e56bad0d9eae13b89a0e2bb0efc1f\System.Drawing.ni.dll
MOD - [2012.11.14 12:51:19 | 007,052,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\985109f2568f3251333dad29bc889421\System.Core.ni.dll
MOD - [2012.11.14 12:51:05 | 009,092,608 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\982a5b70d861cb34f85e041075d5112c\System.ni.dll
MOD - [2012.11.14 12:50:55 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012.11.14 12:47:47 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll
MOD - [2012.11.14 12:47:40 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll
MOD - [2012.11.14 12:47:25 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll
MOD - [2012.11.14 12:45:50 | 007,977,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll
MOD - [2012.11.14 12:45:36 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2012.11.14 12:43:09 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.12.31 21:25:26 | 000,055,816 | ---- | M] () -- C:\Documents and Settings\dana\Local Settings\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll
MOD - [2011.06.24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2010.10.02 14:35:04 | 001,691,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3257.27012__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010.10.02 14:35:04 | 000,466,944 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3257.27092__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.10.02 14:35:04 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3257.27115__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2010.10.02 14:35:04 | 000,278,528 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3257.26996__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:04 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3257.27013__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.10.02 14:35:04 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3257.27071__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:04 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3257.27050__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3257.27008__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.10.02 14:35:04 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3257.27037__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:04 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3257.27003__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:04 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3257.27108__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010.10.02 14:35:04 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3257.27108__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010.10.02 14:35:04 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3257.27112__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010.10.02 14:35:04 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3257.27108__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010.10.02 14:35:03 | 000,344,064 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3257.27056__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:03 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3257.27093__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:03 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3257.27012__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:03 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3257.27056__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.10.02 14:35:03 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3257.27003__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:03 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3257.27055__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:03 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3257.27012__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:02 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3257.27039__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:02 | 000,716,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3257.27004__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:02 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3257.27014__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:02 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3257.27033__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:02 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3257.27038__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:02 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3257.27065__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.10.02 14:35:02 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3257.27013__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:02 | 000,122,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3257.27048__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.10.02 14:35:02 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3257.27038__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:02 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3257.27037__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:02 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3257.27017__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:02 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3257.27038__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:02 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3257.27047__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:02 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3257.27049__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.10.02 14:35:02 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3218.28677__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.10.02 14:35:02 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3218.28672__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.10.02 14:35:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3218.28683__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.10.02 14:35:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.10.02 14:35:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3218.28685__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.10.02 14:35:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.10.02 14:35:02 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.10.02 14:35:01 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3218.28666__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.10.02 14:35:01 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.10.02 14:35:01 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3218.28702__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3218.28664__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.10.02 14:35:01 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3218.28665__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.10.02 14:35:01 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3218.28727__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.10.02 14:35:01 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3218.28687__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010.10.02 14:35:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3218.28672__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3218.28689__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3218.28686__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3218.28687__90ba9c70f846762e\DEM.OS.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3218.28688__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3218.28676__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.10.02 14:35:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.10.02 14:35:00 | 001,073,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3257.27000__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.10.02 14:35:00 | 000,532,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3257.27080__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010.10.02 14:35:00 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3257.27008__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.10.02 14:35:00 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3257.27085__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.10.02 14:35:00 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3257.26994__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.10.02 14:35:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3257.27084__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.10.02 14:35:00 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3257.26995__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.10.02 14:35:00 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.10.02 14:35:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3257.27101__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.10.02 14:35:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.10.02 14:35:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3218.28675__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.10.02 14:35:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3218.28672__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.10.02 14:35:00 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3218.28685__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3218.28686__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.10.02 14:35:00 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3218.28686__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.10.02 14:35:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.10.02 14:35:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3218.28695__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.10.02 14:35:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3218.28685__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.10.02 14:35:00 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2010.10.02 14:35:00 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3218.28678__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.10.02 14:35:00 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2010.10.02 14:35:00 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2010.10.02 14:35:00 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3257.27109__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2010.10.02 14:35:00 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3257.26994__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.10.02 14:34:59 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3257.26994__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010.10.02 14:34:59 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3257.26992__90ba9c70f846762e\APM.Server.dll
MOD - [2010.10.02 14:34:59 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3257.26993__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.10.02 14:34:59 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.10.02 14:34:59 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3257.27085__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.30 13:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.04.14 04:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.08.18 15:58:14 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe


========== Services (SafeList) ==========

SRV - [2012.12.12 08:21:16 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.12 22:02:58 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.09.12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.01.28 13:22:50 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011.01.20 02:59:18 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\whgfvgwl.sys -- (whgfvgwl)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\vfssilbe.sys -- (vfssilbe)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snpstd.sys -- (snpstd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\skvwhafq.sys -- (skvwhafq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\rgnhuxaz.sys -- (rgnhuxaz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\reocefbv.sys -- (reocefbv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ojdwyugp.sys -- (ojdwyugp)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\jhsievfp.sys -- (jhsievfp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\jgvhvxwg.sys -- (jgvhvxwg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\idlfjtis.sys -- (idlfjtis)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ibaigsmb.sys -- (ibaigsmb)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\hzvezagg.sys -- (hzvezagg)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\dnzejvco.sys -- (dnzejvco)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\dggjjdoe.sys -- (dggjjdoe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cuqqtmig.sys -- (cuqqtmig)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cmrigbzu.sys -- (cmrigbzu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cmjgfsvc.sys -- (cmjgfsvc)
DRV - [2011.06.07 11:13:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011.06.02 06:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.06.02 06:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.06.02 06:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.06.02 06:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.01.20 02:59:18 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.12.21 06:55:02 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010.12.21 06:55:02 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.12.21 06:55:02 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010.12.21 06:55:02 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010.12.21 06:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010.12.21 06:55:02 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010.12.21 06:55:02 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010.08.24 08:33:18 | 000,305,312 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2010.07.28 11:27:36 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.12.15 13:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 13:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 13:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.09.15 10:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2008.12.01 10:13:42 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.12.13 09:17:58 | 001,472,000 | ---- | M] (ZSMC.Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZS211.sys -- (ZSMC30x)
DRV - [2007.12.10 17:15:34 | 000,480,128 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vvftav211.sys -- (vvftav211)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7ADFA_cs
IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes\{88018A6B-44FD-4B07-AF9F-A554635C38A5}: "URL" = http://www.bing.com/search?FORM=NP24DF& ... -SearchBox
IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



========== Chrome ==========

CHR - homepage: http://eu.ask.com/?l=dis&o=APN10462cr&g ... 2012-11-27
CHR - default_search_provider: Ask Search (Enabled)
CHR - default_search_provider: search_url = http://asksearch.ask.com/redirect?clien ... earchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc= ... earchTerms}
CHR - homepage: http://eu.ask.com/?l=dis&o=APN10462cr&g ... 2012-11-27
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\dana\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\dana\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Click to call with Skype = C:\Documents and Settings\dana\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\

O1 HOSTS File: ([1980.01.01 01:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\Toolbar\WebBrowser: (no name) - {41545534-0076-A76A-76A7-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe ()
O4 - HKLM..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe (ZSMCSNAP)
O4 - HKU\S-1-5-21-507921405-1425521274-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-507921405-1425521274-839522115-1003..\Run: [Clownfish] C:\Program Files\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\S-1-5-21-507921405-1425521274-839522115-1003..\Run: [GameXN GO] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /startup File not found
O4 - HKU\S-1-5-21-507921405-1425521274-839522115-1003..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-507921405-1425521274-839522115-1003..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-507921405-1425521274-839522115-1003..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-507921405-1425521274-839522115-1003..\Run: [MyCuteBuddy] C:\Program Files\My Cute Buddy\myCuteBuddy.exe (My Cute Buddy)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1425521274-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.91.144.100 212.80.67.98
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0BE2D204-7A7B-4D94-80F0-425ECB8C3EE8}: DhcpNameServer = 93.91.144.100 212.80.67.98
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.02 12:21:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{62ea8a75-9757-11e1-b1ce-001c25e7c879}\Shell - "" = AutoRun
O33 - MountPoints2\{62ea8a75-9757-11e1-b1ce-001c25e7c879}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.01.06 15:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dana\Plocha\vaánoce20012
[2013.01.04 21:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.04 21:58:06 | 000,000,000 | ---D | C] -- C:\rsit
[2013.01.04 10:51:14 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013.01.04 10:51:14 | 000,017,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013.01.03 16:11:35 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013.01.03 16:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.01.02 17:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Guitar Pro 5
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[103 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.01.06 18:01:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.06 17:44:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.06 17:21:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.01.06 15:59:07 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.01.06 15:53:26 | 000,508,614 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.01.06 15:53:26 | 000,502,544 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.01.06 15:53:26 | 000,096,286 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.01.06 15:53:26 | 000,083,454 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.01.06 15:49:43 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.06 15:49:13 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 15:49:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.05 18:17:16 | 1459,926,016 | ---- | M] () -- C:\Documents and Settings\dana\Plocha\LadĂ­me!(Pitch-Perfect)-2012-CZ-Titulky.avi
[2013.01.03 16:26:28 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2013.01.03 16:11:08 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013.01.03 16:07:26 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.01.03 09:03:29 | 000,248,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.02 17:05:06 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\dana\Plocha\Guitar Pro 5.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[103 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.06 18:01:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.05 18:15:21 | 1459,926,016 | ---- | C] () -- C:\Documents and Settings\dana\Plocha\LadĂ­me!(Pitch-Perfect)-2012-CZ-Titulky.avi
[2013.01.03 16:27:58 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.01.03 16:26:28 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2013.01.03 16:11:08 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2013.01.03 16:10:45 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
[2013.01.02 17:03:33 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\dana\Plocha\Guitar Pro 5.lnk
[2012.05.11 19:15:11 | 000,645,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.02.15 09:06:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.31 21:55:24 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2011.12.30 20:49:20 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.12.30 20:49:20 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.12.25 19:34:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2011.12.25 19:24:15 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PrintsService
[2011.12.25 19:24:15 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PrintingModule
[2011.12.25 19:24:15 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Printers
[2011.12.25 19:24:15 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\dana\Data aplikací\PreferencePane
[2011.12.25 19:24:15 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\dana\Data aplikací\Pop Kit
[2011.12.25 19:24:15 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\dana\Data aplikací\Pop Flute
[2011.12.25 19:24:15 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2011.12.25 19:24:15 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2011.12.25 19:24:15 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2011.12.25 19:24:15 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Sampler Files
[2011.12.25 19:24:15 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Sample Delay
[2011.12.25 19:24:15 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Rock Kit
[2011.10.24 16:01:32 | 000,000,197 | ---- | C] () -- C:\WINDOWS\liskulka.ini
[2011.10.15 21:38:12 | 002,721,658 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-507921405-1425521274-839522115-1003-0.dat
[2011.10.15 21:38:11 | 000,245,170 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.06.07 11:13:38 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011.05.19 14:43:07 | 001,448,614 | ---- | C] () -- C:\Program Files\wrar400.exe
[2011.05.19 07:22:40 | 056,923,744 | ---- | C] () -- C:\Program Files\setup_av_free.exe
[2011.05.09 18:06:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\Domino.exe
[2011.04.28 15:35:26 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011.04.28 15:35:23 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2010.10.10 19:16:48 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\dana\default.pls
[2010.10.10 14:24:38 | 000,131,072 | ---- | C] () -- C:\Documents and Settings\dana\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010.10.02 14:33:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[danielka1968]

OTL 2. část:
========== LOP Check ==========

[2013.01.03 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.12.25 19:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2013.01.06 15:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.04.11 18:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2011.12.26 11:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2011.12.31 21:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2012.12.28 13:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.12.25 19:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2010.10.02 14:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\GHISLER
[2012.12.22 14:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\ICQ
[2008.04.11 18:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\IObit
[2011.12.25 19:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Nikon
[2010.11.07 11:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\PhotoScape
[2012.01.13 19:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Registry Mechanic
[2011.12.31 21:21:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Samsung
[2012.05.09 07:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Telefónica Móviles
[2012.04.07 08:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dájuše\Data aplikací\PhotoScape

========== Purity Check ==========



========== Custom Scans ==========

< >
[2010.10.02 12:19:49 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.10.02 14:22:02 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.10.12 14:46:31 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.10.12 14:46:31 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.16 18:38:44 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.01.03 16:27:58 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

< >

< MD5 for: ATAPI.SYS >
[1980.01.01 01:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[1980.01.01 01:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[1980.01.01 01:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[1980.01.01 01:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[1980.01.01 01:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[1980.01.01 01:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[1980.01.01 01:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2011.05.04 09:43:07 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[1980.01.01 01:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[1980.01.01 01:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 10:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 11:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[1980.01.01 01:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[1980.01.01 01:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[1980.01.01 01:00:00 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2005.05.25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[1980.01.01 01:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[1980.01.01 01:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[103 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[15 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[73 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\Com\*.tmp files -> C:\WINDOWS\system32\Com\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.03.29 12:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Adobe
[2011.02.02 20:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Ahead
[2012.08.17 15:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Apple Computer
[2011.12.25 19:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\ArcSoft
[2010.10.02 14:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\ATI
[2012.12.06 17:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\dvdcss
[2010.10.02 14:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\GHISLER
[2010.10.12 14:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Google
[2012.12.22 14:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\ICQ
[2010.10.02 14:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Identities
[2011.05.09 18:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\InstallShield
[2008.04.11 18:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\IObit
[2010.10.11 07:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Macromedia
[2013.01.03 16:10:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\dana\Data aplikací\Microsoft
[2010.11.01 20:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Mozilla
[2011.10.16 14:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Nero
[2011.12.25 19:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Nikon
[2010.11.07 11:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\PhotoScape
[2012.01.13 19:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Registry Mechanic
[2011.12.31 21:21:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Samsung
[2012.12.13 11:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Skype
[2011.06.26 19:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\skypePM
[2012.09.12 22:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Sun
[2012.05.09 07:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\Telefónica Móviles
[2013.01.03 15:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\vlc
[2011.05.19 14:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2011.12.25 19:25:45 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\dana\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.01.06 17:21:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.01.06 15:49:13 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 17:44:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.01.06 15:59:07 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.10.02 13:01:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.10.02 13:01:18 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.10.02 13:01:18 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.06 15:53:26 | 000,096,286 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.01.06 15:53:26 | 000,083,454 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.01.06 15:53:26 | 000,502,544 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.01.06 15:53:26 | 000,508,614 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.01.06 15:53:26 | 001,208,060 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.01.06 15:49:43 | 000,002,228 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.08.30 14:05:16 | 000,139,264 | ---- | M] (Nero AG)
"KiesHelper" = C:\Program Files\Samsung\Kies\KiesHelper.exe /s -- [2011.06.24 15:54:30 | 000,941,968 | ---- | M] (Samsung)
"KiesTrayAgent" = C:\Program Files\Samsung\Kies\KiesTrayAgent.exe -- [2011.06.24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.)
"KiesPDLR" = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2011.06.24 15:54:46 | 000,020,880 | ---- | M] ()
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"GameXN GO" = "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /startup
"Clownfish" = "C:\Program Files\Clownfish\Clownfish.exe" -- [2012.08.27 12:12:30 | 001,121,016 | ---- | M] (Bogdan Sharkov)
"MyCuteBuddy" = "C:\Program Files\My Cute Buddy\myCuteBuddy.exe" "file:///C:/Program Files/My Cute Buddy/Content/Cute Kitty/piticho.buddy" /m /u -- [2012.10.23 17:01:56 | 002,328,064 | ---- | M] (My Cute Buddy)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.12.05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) MD5=2D08AC1443FFA7FBED9A5EA5FD49AEB3 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.06 18:01:22 | 000,000,512 | ---- | M] () MD5=A1D3140D47671E15D36C8F2EF59A26BB -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >
[2007.01.26 23:51:52 | 000,094,208 | ---- | M] () -- \Documents and Settings\dana\Plocha\Dájinka\GuitarPro5\V2\Keygen.exe

< *loader* /s >
[2012.06.11 15:35:12 | 000,008,787 | ---- | M] () -- \Documents and Settings\Dájuše\Local Settings\Temporary Internet Files\Content.IE5\6A79Y5LL\ajax-loader[1].gif
[2012.12.16 09:01:59 | 000,009,427 | ---- | M] () -- \Documents and Settings\Dájuše\Local Settings\Temporary Internet Files\Content.IE5\VFY87UV2\ajax-loader[1].gif
[2012.11.27 18:18:15 | 000,000,122 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\3VCUFA6X\tr-dogus.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2013.01.04 17:46:55 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\07IR6MZD\loader[1]
[2013.01.06 17:33:36 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\07IR6MZD\loader[2]
[2013.01.05 13:32:27 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\0FT3JUJZ\loader[2]
[2013.01.06 17:28:48 | 000,001,849 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\12N13WGF\loader-white-bg[1].gif
[2013.01.05 13:34:15 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\1CRT1QCT\loader[1]
[2013.01.04 17:11:39 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\8M1CK6XR\loader[3]
[2013.01.04 11:08:33 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\9X72XE1A\loader[4]
[2013.01.05 13:32:17 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\9X72XE1A\loader[5]
[2013.01.04 17:46:59 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\BG5NEBUT\loader[1]
[2013.01.05 11:29:42 | 000,000,905 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\BG5NEBUT\TooltipLoader[1].css
[2013.01.04 21:36:47 | 000,000,694 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\BT71JOVX\ajax-preloader-bg[1].gif
[2013.01.04 11:08:33 | 000,004,410 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\BT71JOVX\gameLoader[1].js
[2013.01.04 17:39:07 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\BT71JOVX\loader[1]
[2013.01.02 19:47:15 | 000,003,932 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\E64F9WLZ\loader[1].gif
[2013.01.04 17:42:22 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\F4LZYG6E\loader[1]
[2013.01.04 21:35:18 | 000,000,694 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\FR91XFZ0\ajax-preloader-bg[1].gif
[2013.01.04 21:35:42 | 000,000,694 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\FR91XFZ0\ajax-preloader-bg[2].gif
[2013.01.05 14:18:29 | 000,000,723 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\FR91XFZ0\loader[1].gif
[2013.01.06 11:59:34 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\HKY2XM31\loader[1]
[2013.01.04 20:04:33 | 000,010,453 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\HKY2XM31\loader[1].gif
[2013.01.06 17:28:48 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\HKY2XM31\loader[2]
[2013.01.06 17:28:51 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\HKY2XM31\loader[3]
[2013.01.06 11:00:58 | 000,101,090 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\I7T15901\cssloader-5fab85a6015a[1].css
[2013.01.06 11:00:58 | 000,073,014 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\I7T15901\jsloader-41b44a03db9e[1].js
[2013.01.06 17:07:12 | 000,000,673 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\I7T15901\loader.white[1].gif
[2013.01.04 19:22:55 | 000,016,516 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\I7T15901\preloader[1].gif
[2013.01.06 11:01:26 | 000,003,776 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\I7ZHG0J7\Advert.Advantage.Reloader[1].js
[2013.01.06 17:11:43 | 000,003,951 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\I7ZHG0J7\ajax-loader4[1].gif
[2013.01.04 17:36:38 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\I7ZHG0J7\loader[3]
[2013.01.04 21:35:48 | 000,000,694 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\M12SSXC8\ajax-preloader-bg[1].gif
[2013.01.04 17:11:45 | 000,004,011 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\M12SSXC8\loader[1]
[2013.01.04 10:38:31 | 000,001,332 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\M12SSXC8\preloader[1].gif
[2013.01.05 11:29:42 | 000,014,290 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\M12SSXC8\TooltipLoader[1].js
[2013.01.06 17:29:14 | 000,001,317 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\NUH3LUTF\GeewaRuntimeDefaultLoader[1].swf
[2013.01.06 17:28:48 | 000,002,110 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\NUH3LUTF\loader[1].gif
[2013.01.04 11:46:46 | 000,009,427 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\U0B0YRCX\ajax-loader[1].gif
[2013.01.04 21:35:34 | 000,000,694 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\U0B0YRCX\ajax-preloader-bg[1].gif
[2013.01.04 20:05:10 | 000,000,668 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\VI3C1W2W\loader.black[1].gif
[2013.01.04 10:25:49 | 000,002,105 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\VI3C1W2W\loader.min[1].js
[2013.01.04 21:36:34 | 000,000,694 | ---- | M] () -- \Documents and Settings\dana\Local Settings\Temporary Internet Files\Content.IE5\WRTCCKCT\ajax-preloader-bg[1].gif
[2012.11.27 17:36:26 | 000,001,763 | ---- | M] () -- \Documents and Settings\dana\Plocha\Martí\programy\MP3 Downloader.lnk
[2006.07.14 09:39:46 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 05:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 03:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2010.11.03 21:49:08 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.11.03 21:49:08 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.11.03 21:49:08 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.11.03 21:49:08 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.13 21:36:08 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.18 13:27:14 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.18 13:27:14 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.06.06 14:01:16 | 000,029,824 | ---- | M] () -- \Program Files\PlayMillion\euc\loader.swf
[2012.10.17 10:36:52 | 000,016,989 | ---- | M] () -- \Program Files\PlayMillion\euc\UGameLoader.euc
[2011.06.23 11:43:38 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.06.24 15:54:44 | 000,131,984 | ---- | M] () -- \Program Files\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[1980.01.01 01:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[3 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

[danielka1968]

EXTRAS:
OTL Extras logfile created on: 6.1.2013 17:58:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dana\Plocha\Martí\programy
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,18% Memory free
3,60 Gb Paging File | 2,95 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 301,38 Gb Free Space | 64,71% Space Free | Partition Type: NTFS

Computer Name: DANA-PC | User Name: dana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-507921405-1425521274-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Documents and Settings\dana\Plocha\Martí\programy\aTube Catcher 2.0\yct.exe" = C:\Documents and Settings\dana\Plocha\Martí\programy\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos. -- (DsNET)
"C:\Program Files\Iminent\IMBooster\IMBooster.exe" = C:\Program Files\Iminent\IMBooster\IMBooster.exe:*:Enabled:IMBooster
"C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe" = C:\Program Files\Iminent\MMServer\Iminent.MMServer.exe:*:Enabled:MMServer


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0E1C21CD-72E7-4CE4-3D1D-99D8EEE0461A}" = ccc-core-preinstall
"{13D70D56-F630-F75C-F539-D7ABDD2B0E01}" = Catalyst Control Center Graphics Full New
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43CE5094-E271-1324-3485-55D8B65A11C9}" = Catalyst Control Center HydraVision Full
"{44D02D8B-FFB3-4245-8D26-68D10B4C4023}" = ZSMC USB PC Camera (ZS0211)
"{481C3B08-AC10-6F0B-4C2A-245677794AED}" = CCC Help English
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6421DD1B-F425-487F-945D-381A847D6901}" = Iminent
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AC1F66E-6ECD-0D6C-B1BE-AE3E8511DC3A}" = Catalyst Control Center Graphics Light
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4F666DE-7984-4F31-8E18-4670966A4C22}" = MyCuteBuddy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB4641A9-0406-3E11-10D9-B60BB1CC9487}" = Catalyst Control Center Graphics Previews Common
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{ADF87E23-1B68-9043-C154-9162489A9125}" = Catalyst Control Center Graphics Full Existing
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B123EBD8-89B7-4834-B06D-F758815E1029}" = Nero 7 Premium
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19F299F-3B32-3930-12D3-FDF1394EE6AB}" = ccc-core-static
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4CBDA3F-E1AF-489C-6BE7-CF3B75D55580}" = Catalyst Control Center Core Implementation
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E74BF7D6-8F76-0E37-8B11-0FA9DD0C4419}" = ccc-utility
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F5D1F753-A87A-5799-3676-FD81070C66D8}" = Skins
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"aTube Catcher" = aTube Catcher
"Caveman Adventures" = Caveman Adventures
"CCleaner" = CCleaner
"Clownfish" = Clownfish for Skype
"CRC_is1" = CRC
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCuteBuddy" = MyCuteBuddy
"O2CZ" = O2
"PhotoScape" = PhotoScape
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.3
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Word Manager DEMO" = Word Manager DEMO
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.1.2013 14:47:29 | Computer Name = DANA-PC | Source = MsiInstaller | ID = 1024
Description = Aktualizaci Aktualizace SP-3 (Service Pack 3) produktu Office 2003:
MAINSP3 produktu Microsoft Office Professional Edition 2003 nebylo možné nainstalovat.
Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu
s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace
naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 5.1.2013 14:47:32 | Computer Name = DANA-PC | Source = MsiInstaller | ID = 1024
Description = Aktualizaci Update for Outlook 2003 Junk E-mail Filter (KB2760582):
OUTLFLTR produktu Microsoft Office Professional Edition 2003 nebylo možné nainstalovat.
Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu
s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace
naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 5.1.2013 14:47:36 | Computer Name = DANA-PC | Source = MsiInstaller | ID = 1024
Description = Aktualizaci Update for Office 2003 (KB907417): OTKLOADR produktu Microsoft
Office Professional Edition 2003 nebylo možné nainstalovat. Kód chyby: 1603. Instalační
služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní
řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese
http://go.microsoft.com/fwlink/?LinkId=23127

[ System Events ]
Error - 4.1.2013 18:39:46 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace sady Office 2003 (KB907417).

Error - 5.1.2013 6:42:06 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace Microsoft Office 2003 Service Pack 3 (SP3).

Error - 5.1.2013 6:42:11 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace pro: Outlook 2003 Junk E-mail Filter (KB2760582).

Error - 5.1.2013 6:42:11 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace sady Office 2003 (KB907417).

Error - 5.1.2013 6:44:27 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace Microsoft Office 2003 Service Pack 3 (SP3).

Error - 5.1.2013 6:44:27 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace pro: Outlook 2003 Junk E-mail Filter (KB2760582).

Error - 5.1.2013 6:44:34 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace sady Office 2003 (KB907417).

Error - 5.1.2013 14:47:29 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace Microsoft Office 2003 Service Pack 3 (SP3).

Error - 5.1.2013 14:47:33 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace pro: Outlook 2003 Junk E-mail Filter (KB2760582).

Error - 5.1.2013 14:47:36 | Computer Name = DANA-PC | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace sady Office 2003 (KB907417).


< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\whgfvgwl.sys -- (whgfvgwl)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\vfssilbe.sys -- (vfssilbe)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snpstd.sys -- (snpstd)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\skvwhafq.sys -- (skvwhafq)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\rgnhuxaz.sys -- (rgnhuxaz)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\reocefbv.sys -- (reocefbv)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ojdwyugp.sys -- (ojdwyugp)
  DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\jhsievfp.sys -- (jhsievfp)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\jgvhvxwg.sys -- (jgvhvxwg)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\idlfjtis.sys -- (idlfjtis)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ibaigsmb.sys -- (ibaigsmb)
  DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\hzvezagg.sys -- (hzvezagg)
  DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\dnzejvco.sys -- (dnzejvco)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\dggjjdoe.sys -- (dggjjdoe)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cuqqtmig.sys -- (cuqqtmig)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cmrigbzu.sys -- (cmrigbzu)
  DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cmjgfsvc.sys -- (cmjgfsvc)
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_cs
  IE - HKU\S-1-5-21-507921405-1425521274-839522115-1003\..\SearchScopes\{88018A6B-44FD-4B07-AF9F-A554635C38A5}: "URL" = http://www.bing.com/search?FORM=NP24DF&PC=NP24&q={searchTerms}&src=IE-SearchBox
  CHR - homepage: http://eu.ask.com/?l=dis&o=APN10462cr&gct=hp&apn_ptnrs=^AKM&apn_dtid=^zzz002^YY^CZ&p2=^AKM^zzz002^YY^CZ&tpid=ATU4&apn_dbr=ie_8.0.6001.18702&apn_uid=AD87E2D3-E724-4BC9-8F43-CFFEA1991E8D&itbv=11.1.0.211&doi=2012-11-27
  CHR - default_search_provider: Ask Search (Enabled)
  CHR - default_search_provider: search_url = http://asksearch.ask.com/redirect?clien ... apn_ptnrs=^AKM&apn_dtid=^zzz002^YY^CZ&apn_dbr=ie_8.0.6001.18702&&q={searchTerms}
  CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
  CHR - homepage: http://eu.ask.com/?l=dis&o=APN10462cr&gct=hp&apn_ptnrs=^AKM&apn_dtid=^zzz002^YY^CZ&p2=^AKM^zzz002^YY^CZ&tpid=ATU4&apn_dbr=ie_8.0.6001.18702&apn_uid=AD87E2D3-E724-4BC9-8F43-CFFEA1991E8D&itbv=11.1.0.211&doi=2012-11-27
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
  O33 - MountPoints2\{62ea8a75-9757-11e1-b1ce-001c25e7c879}\Shell - "" = AutoRun
  [2008.04.11 18:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
  [2008.04.11 18:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dana\Data aplikací\IObit
  [15 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
  [1 C:\WINDOWS\system32\Com\*.tmp files -> C:\WINDOWS\system32\Com\*.tmp -> ]
  [1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
  [2013.01.06 17:21:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  [2013.01.06 15:49:13 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  [2013.01.06 17:44:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  [2013.01.06 15:59:07 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
  @Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
  @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "QuickTime Task"=-
  ""=-
  "ApnUpdater"=-
  "SunJavaUpdateSched"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "CTFMON.EXE"=-
  "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
  "swg"=-
  "KiesHelper"=-
  "KiesTrayAgent"=-
  "KiesPDLR"=-
  "MSMSGS"=-
  "GameXN GO"=-
  "Facebook Update"=-
  "Advanced SystemCare 5"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[danielka1968]

All processes killed
========== OTL ==========
Error: No service named whgfvgwl was found to stop!
Service\Driver key whgfvgwl not found.
File C:\WINDOWS\system32\drivers\whgfvgwl.sys not found.
Error: No service named WDICA was found to stop!
Service\Driver key WDICA not found.
Error: No service named vfssilbe was found to stop!
Service\Driver key vfssilbe not found.
File C:\WINDOWS\system32\drivers\vfssilbe.sys not found.
Error: No service named snpstd was found to stop!
Service\Driver key snpstd not found.
File system32\DRIVERS\snpstd.sys not found.
Error: No service named skvwhafq was found to stop!
Service\Driver key skvwhafq not found.
File C:\WINDOWS\system32\drivers\skvwhafq.sys not found.
Error: No service named rgnhuxaz was found to stop!
Service\Driver key rgnhuxaz not found.
File C:\WINDOWS\system32\drivers\rgnhuxaz.sys not found.
Error: No service named reocefbv was found to stop!
Service\Driver key reocefbv not found.
File C:\WINDOWS\system32\drivers\reocefbv.sys not found.
Error: No service named PDRFRAME was found to stop!
Service\Driver key PDRFRAME not found.
Error: No service named PDRELI was found to stop!
Service\Driver key PDRELI not found.
Error: No service named PDFRAME was found to stop!
Service\Driver key PDFRAME not found.
Error: No service named PDCOMP was found to stop!
Service\Driver key PDCOMP not found.
Error: No service named PCIDump was found to stop!
Service\Driver key PCIDump not found.
Error: No service named ojdwyugp was found to stop!
Service\Driver key ojdwyugp not found.
File C:\WINDOWS\system32\drivers\ojdwyugp.sys not found.
Error: No service named lbrtfdc was found to stop!
Service\Driver key lbrtfdc not found.
Error: No service named jhsievfp was found to stop!
Service\Driver key jhsievfp not found.
File C:\WINDOWS\system32\drivers\jhsievfp.sys not found.
Error: No service named jgvhvxwg was found to stop!
Service\Driver key jgvhvxwg not found.
File C:\WINDOWS\system32\drivers\jgvhvxwg.sys not found.
Error: No service named idlfjtis was found to stop!
Service\Driver key idlfjtis not found.
File C:\WINDOWS\system32\drivers\idlfjtis.sys not found.
Error: No service named ibaigsmb was found to stop!
Service\Driver key ibaigsmb not found.
File C:\WINDOWS\system32\drivers\ibaigsmb.sys not found.
Error: No service named i2omgmt was found to stop!
Service\Driver key i2omgmt not found.
Error: No service named Changer was found to stop!
Service\Driver key Changer not found.
Error: No service named hzvezagg was found to stop!
Service\Driver key hzvezagg not found.
File C:\WINDOWS\system32\drivers\hzvezagg.sys not found.
Error: No service named EagleXNt was found to stop!
Service\Driver key EagleXNt not found.
File C:\WINDOWS\system32\drivers\EagleXNt.sys not found.
Error: No service named dnzejvco was found to stop!
Service\Driver key dnzejvco not found.
File C:\WINDOWS\system32\drivers\dnzejvco.sys not found.
Error: No service named dggjjdoe was found to stop!
Service\Driver key dggjjdoe not found.
File C:\WINDOWS\system32\drivers\dggjjdoe.sys not found.
Error: No service named cuqqtmig was found to stop!
Service\Driver key cuqqtmig not found.
File C:\WINDOWS\system32\drivers\cuqqtmig.sys not found.
Error: No service named cmrigbzu was found to stop!
Service\Driver key cmrigbzu not found.
File C:\WINDOWS\system32\drivers\cmrigbzu.sys not found.
Error: No service named cmjgfsvc was found to stop!
Service\Driver key cmjgfsvc not found.
File C:\WINDOWS\system32\drivers\cmjgfsvc.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\S-1-5-21-507921405-1425521274-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
HKEY_USERS\S-1-5-21-507921405-1425521274-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-507921405-1425521274-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-507921405-1425521274-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-507921405-1425521274-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{88018A6B-44FD-4B07-AF9F-A554635C38A5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88018A6B-44FD-4B07-AF9F-A554635C38A5}\ not found.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62ea8a75-9757-11e1-b1ce-001c25e7c879}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62ea8a75-9757-11e1-b1ce-001c25e7c879}\ not found.
Folder C:\Documents and Settings\All Users\Data aplikací\IObit\ not found.
Folder C:\Documents and Settings\dana\Data aplikací\IObit\ not found.
File/Folder C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp not found.
File/Folder C:\WINDOWS\system32\Com\*.tmp not found.
File/Folder C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp not found.
File C:\WINDOWS\Tasks\Adobe Flash Player Updater.job not found.
File C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
File C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.
File C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job not found.
Unable to delete ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT .
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 .
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesHelper not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPDLR not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GameXN GO not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 5 not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: dana
->Temp folder emptied: 696408 bytes
->Temporary Internet Files folder emptied: 33098657 bytes
->Google Chrome cache emptied: 115097991 bytes
->Flash cache emptied: 11301 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Dájuše
->Temp folder emptied: 9430089 bytes
->Temporary Internet Files folder emptied: 55024973 bytes
->Google Chrome cache emptied: 358134004 bytes
->Flash cache emptied: 2237 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 8460305 bytes

User: NetworkService
->Temp folder emptied: 82926 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2654529 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 509319239 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34306 bytes
RecycleBin emptied: 2324147391 bytes

Total Files Cleaned = 3 258,00 mb


[EMPTYFLASH]

User: All Users

User: dana
->Flash cache emptied: 0 bytes

User: Default User

User: Dájuše
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: dana

User: Default User

User: Dájuše

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01092013_174615

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_e98.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[vyosek]

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[danielka1968]

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/10/2013 04:34:55 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\FsUsbExService.Exe (PID: 1932) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\drivers\mqac.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB971032\SP2QFE\mqac.sys : 91 776 : 06/22/2009 01:30 PM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB971032$\mqac.sys : 72 960 : 01/01/1980 00:00 AM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92 544 : 04/13/2008 08:39 PM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\mqac.sys : 92 544 : 04/13/2008 08:39 PM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mqac.sys : 91 776 : 06/22/2009 01:48 PM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t



Program finished at: 01/10/2013 04:35:55 PM
Execution time: 0 hours(s), 1 minute(s), and 0 seconds(s)

[vyosek]

Pokracujte Combofixem...