runtime error 216

Zpráva

vildak · #1 Příspěvek od **vildak** » 17 led 2013 16:46

dobrý den,
potřeboval bych pomoci od hlášky runtime error 216.... podle Microsoftu by to mohl být Subseven
děkuji
můj log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:01, on 17.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\RAC Server\RACs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\RAC Server\RACSessionService.exe
C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Download\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mpsv.cz:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [RAC User Help Service] "C:\RAC Server\RACSessionService.exe" -service
O4 - HKLM\..\Run: [SMART Ink] "C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe" -a
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: mapovani.bat
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5488133031
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O20 - Winlogon Notify: RACServerLogon - RACServerLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: PCNetSoftware RAC Server - Monika Novotna - C:\RAC Server\RACs.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10461 bytes

#2 Příspěvek od **vyosek** » 18 led 2013 00:03

Zdravim

Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbanr
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

vildak · #3 Příspěvek od **vildak** » 18 led 2013 05:17

na AVG netrvam. \muze te mi neco jineho doporucit?

vysledek:

Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.18.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
doma :: BBB [administrator]

18.1.2013 5:15:13
mbar-log-2013-01-18 (05-15-13).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 26917
Time elapsed: 24 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 Příspěvek od **vyosek** » 18 led 2013 12:30

Avg je spise parodie na antivir

Odinstalujte Avg a pak pouzijte jeste http://download.avg.com/filedir/util/av ... 3_2706.exe

Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

Dejte novy log z RSIT

vildak · #5 Příspěvek od **vildak** » 18 led 2013 15:18

log zde:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:17:27, on 18.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\RAC Server\RACs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\RAC Server\RACSessionService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\TC UP\TC UP.exe
C:\Program Files\TC UP\TOTALCMD.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
c:\Download\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mpsv.cz:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file)
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [RAC User Help Service] "C:\RAC Server\RACSessionService.exe" -service
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: mapovani.bat
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5488133031
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RACServerLogon - RACServerLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: PCNetSoftware RAC Server - Monika Novotna - C:\RAC Server\RACs.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9208 bytes

#6 Příspěvek od **vyosek** » 18 led 2013 20:53

To je HJT, ja chci RSIT, ono se staci podivat nahoru nad tema a tam veeeeeelikej oranzovej obdelnik a v nem je to popsano

vildak · #7 Příspěvek od **vildak** » 18 led 2013 20:59

omlouvam se.

Logfile of random's system information tool 1.09 (written by random/random)
Run by doma at 2013-01-18 20:58:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 36 GB (63%) free of 57 GB
Total RAM: 1527 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:58:30, on 18.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\RAC Server\RACs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\RAC Server\RACSessionService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Download\RSIT.exe
C:\Program Files\trend micro\doma.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mpsv.cz:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - (no file)
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [LayoutM] KLayMgr.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [RAC User Help Service] "C:\RAC Server\RACSessionService.exe" -service
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: mapovani.bat
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5488133031
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RACServerLogon - RACServerLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: PCNetSoftware RAC Server - Monika Novotna - C:\RAC Server\RACs.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9932 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
SMART Notebook Download Utility - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll [2012-10-24 237464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-12 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3215F20-3212-11D6-9F8B-00D0B743919D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-08-20 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-08-20 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-08-20 137752]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2012-08-20 1499136]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-14 102400]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"LayoutM"=C:\WINDOWS\KLayMgr.exe [2004-08-26 45056]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-10-19 177456]
"tvncontrol"=C:\Program Files\TightVNC\tvnserver.exe [2012-09-19 1213496]
"ROC_ROC_JULY_P1"=C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []
"RAC User Help Service"=C:\RAC Server\RACSessionService.exe [2012-08-02 161648]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-08-20 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAC User Help Service]
C:\RAC Server\RACSessionService.exe [2012-08-02 161648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Response Desktop Menu]
C:\Program Files\SMART Technologies\Education Software\DesktopMenu.exe [2012-10-17 1990040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART Board Tools]
C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe [2012-03-09 10132336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART Ink]
C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe [2012-10-25 98200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\doma\Nabídka Start\Programy\Po spuštění
mapovani.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RACServerLogon]
C:\WINDOWS\system32\RACServerLogon.dll [2012-08-02 63344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe"="C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeTray.exe"="C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"E:\RAC Server\RACs.exe"="c:\RAC Server\RACs.exe:*:Enabled:Remote Administrator Control Server"
"C:\Documents and Settings\doma\Plocha\RAC Server\RACs.exe"="C:\Documents and Settings\doma\Plocha\RAC Server\RACs.exe:*:Enabled:Remote Administrator Control Server"
"C:\RAC Server\RACs.exe"="C:\RAC Server\RACs.exe:*:Enabled:Remote Administrator Control Server"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.3"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe"="C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Download\a\MctvPlaylistEditor.exe"="C:\Download\a\MctvPlaylistEditor.exe:*:Enabled:MctvPlaylistEditor"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
"C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe"="C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe:*:Enabled:SMART Response Software Service"
"C:\Program Files\SMART Technologies\Education Software\UCGui.exe"="C:\Program Files\SMART Technologies\Education Software\UCGui.exe:*:Enabled:SMART Universal Controller Interface"
"C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe"="C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe:*:Enabled:SMART SNMP Agent"
"C:\Program Files\SMART Technologies\Education Software\UCService.exe"="C:\Program Files\SMART Technologies\Education Software\UCService.exe:*:Enabled:SMART Display Controller Service"
"C:\Program Files\SMART Technologies\Education Software\VantageService.exe"="C:\Program Files\SMART Technologies\Education Software\VantageService.exe:*:Enabled:Vantage Service"
"C:\Program Files\TightVNC\tvnserver.exe"="C:\Program Files\TightVNC\tvnserver.exe:*:Enabled:TightVNC"
"C:\Program Files\TightVNC\tvnviewer.exe"="C:\Program Files\TightVNC\tvnviewer.exe:*:Enabled:TightVNC"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:LocalSubNet:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Průzkumník Windows"
"C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe:*:Enabled:Single file on-demand scanner"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.tscc"=tsccvid.dll

======List of files/folders created in the last 1 month======

2013-01-18 20:58:07 ----D---- C:\Program Files\trend micro
2013-01-18 20:58:06 ----D---- C:\rsit
2013-01-18 14:29:21 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-01-18 14:29:21 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-01-18 14:29:19 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-01-18 14:29:19 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-01-18 14:29:19 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-01-18 14:29:18 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2013-01-18 14:29:18 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2013-01-18 14:29:18 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2013-01-18 14:28:40 ----A---- C:\WINDOWS\avastSS.scr
2013-01-18 14:28:39 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-01-18 14:28:12 ----D---- C:\Program Files\AVAST Software
2013-01-18 14:28:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-01-18 04:49:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-01-17 16:14:50 ----A---- C:\ComboFix.txt
2013-01-17 16:03:21 ----A---- C:\Boot.bak
2013-01-17 16:03:11 ----RASHD---- C:\cmdcons
2013-01-17 16:01:24 ----A---- C:\WINDOWS\zip.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\SWSC.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\SWREG.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\sed.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\PEV.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\NIRCMD.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\MBR.exe
2013-01-17 16:01:24 ----A---- C:\WINDOWS\grep.exe
2013-01-17 16:00:39 ----D---- C:\Qoobox
2013-01-17 16:00:17 ----D---- C:\WINDOWS\erdnt
2013-01-14 20:55:37 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-01-14 20:55:37 ----A---- C:\WINDOWS\system32\javaw.exe
2013-01-14 20:55:36 ----A---- C:\WINDOWS\system32\java.exe
2013-01-10 15:53:32 ----A---- C:\WINDOWS\imsins.BAK
2013-01-10 15:53:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-01-05 08:25:30 ----D---- C:\Program Files\MSXML 4.0
2013-01-03 22:13:40 ----D---- C:\Program Files\STOPzilla!
2013-01-03 21:38:30 ----D---- C:\WINDOWS\system32\appmgmt
2013-01-03 19:58:33 ----D---- C:\Documents and Settings\doma\Data aplikací\f-secure
2013-01-03 19:57:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\F-Secure
2013-01-03 18:11:01 ----D---- C:\Documents and Settings\doma\Data aplikací\XMedia Recode
2013-01-03 17:59:38 ----D---- C:\Program Files\XMedia Recode
2013-01-03 17:36:24 ----A---- C:\test.txt
2013-01-03 17:34:05 ----D---- C:\Program Files\MP4Converter
2013-01-03 16:57:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2013-01-03 16:57:14 ----D---- C:\Documents and Settings\doma\Data aplikací\Canneverbe Limited
2013-01-03 16:56:47 ----A---- C:\WINDOWS\system32\drivers\StarOpen.sys
2013-01-03 16:56:46 ----D---- C:\Program Files\CDBurnerXP
2013-01-01 12:41:45 ----D---- C:\Program Files\CDex
2012-12-21 10:18:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$

======List of files/folders modified in the last 1 month======

2013-01-18 20:58:10 ----D---- C:\WINDOWS\Prefetch
2013-01-18 20:58:07 ----RD---- C:\Program Files
2013-01-18 20:57:50 ----D---- C:\Download
2013-01-18 18:42:09 ----D---- C:\WINDOWS\Temp
2013-01-18 15:13:18 ----SD---- C:\WINDOWS\Tasks
2013-01-18 14:29:21 ----D---- C:\WINDOWS\system32\drivers
2013-01-18 14:29:12 ----SHD---- C:\WINDOWS\Installer
2013-01-18 14:29:11 ----D---- C:\WINDOWS\WinSxS
2013-01-18 14:28:40 ----D---- C:\WINDOWS
2013-01-18 14:28:39 ----D---- C:\WINDOWS\system32
2013-01-18 14:25:47 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-18 14:23:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-18 14:22:14 ----HD---- C:\WINDOWS\inf
2013-01-18 14:20:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-01-17 18:44:22 ----A---- C:\WINDOWS\win.ini
2013-01-17 17:59:07 ----RASH---- C:\boot.ini
2013-01-17 17:49:57 ----A---- C:\WINDOWS\wininit.ini
2013-01-17 16:12:29 ----A---- C:\WINDOWS\system.ini
2013-01-17 16:12:05 ----D---- C:\WINDOWS\system32\drivers\etc
2013-01-17 16:09:01 ----D---- C:\WINDOWS\AppPatch
2013-01-17 16:09:00 ----D---- C:\Program Files\Common Files
2013-01-17 15:50:45 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-01-16 15:41:50 ----D---- C:\Documents and Settings\doma\Data aplikací\vlc
2013-01-15 21:31:28 ----D---- C:\WINDOWS\ie8updates
2013-01-15 21:31:19 ----HD---- C:\WINDOWS\$hf_mig$
2013-01-14 21:44:29 ----D---- C:\Documents and Settings\doma\Data aplikací\ICQ
2013-01-14 20:55:36 ----D---- C:\Program Files\Java
2013-01-14 20:54:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-01-12 16:35:16 ----D---- C:\Documents and Settings\doma\Data aplikací\uTorrent
2013-01-12 10:29:16 ----D---- C:\WINDOWS\Microsoft.NET
2013-01-12 10:28:50 ----RSD---- C:\WINDOWS\assembly
2013-01-12 09:56:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-01-10 16:01:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-01-10 15:51:00 ----D---- C:\WINDOWS\Debug
2013-01-10 15:50:51 ----A---- C:\WINDOWS\system32\MRT.exe
2013-01-08 20:08:54 ----D---- C:\Documents and Settings\doma\Data aplikací\Skype
2013-01-06 06:33:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-01-03 21:52:05 ----D---- C:\WINDOWS\system32\Restore
2013-01-03 21:28:21 ----SHD---- C:\WINDOWS\CSC
2013-01-03 18:04:07 ----D---- C:\WINDOWS\Minidump
2013-01-03 18:04:07 ----D---- C:\WINDOWS\Logs
2012-12-25 13:42:17 ----D---- C:\Documents and Settings\doma\Data aplikací\dvdcss
2012-12-25 07:55:07 ----D---- C:\foto

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2007-01-24 874240]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 szkg5;szkg5; C:\WINDOWS\system32\DRIVERS\szkg.sys [2012-11-26 61328]
R0 szkgfs;szkgfs; C:\WINDOWS\system32\drivers\szkgfs.sys [2012-05-04 73008]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2011-01-26 24680]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 RACDriver;RAC driver; \??\C:\RAC Server\RACDriver.sys []
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-10-01 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-06-30 1155584]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2012-08-20 822272]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-02-15 401664]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-02-15 30363]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-15 1342570]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-15 57096]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPKBCCID;HP Keyboard Smart Card Driver; C:\WINDOWS\system32\DRIVERS\HPKBCCID.sys [2006-11-07 46976]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 racmirror;racmirror; C:\WINDOWS\system32\DRIVERS\racmirror.sys [2008-08-08 32784]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-09-14 213696]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2010-05-20 1961072]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
S1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys []
S2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys []
S3 AF9035BDA;AF9035 BDA Devices; C:\WINDOWS\System32\Drivers\AF9035BDA.sys [2012-12-06 459776]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-02-15 148168]
S3 catchme;catchme; \??\C:\DOCUME~1\doma\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 STC2DFU;STCII DFU Adapter; C:\WINDOWS\system32\DRIVERS\Stc2Dfu.SYS [2004-10-24 7796]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-12-13 9216]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-02-15 258103]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-01-12 170912]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 PCNetSoftware RAC Server;PCNetSoftware RAC Server; C:\RAC Server\RACs.exe [2012-08-02 4487024]
R2 tvnserver;TightVNC Server; C:\Program Files\TightVNC\tvnserver.exe [2012-09-19 1213496]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2012-08-20 24064]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2007-11-29 144688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-16 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-17 251400]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Response Hardware;Response Hardware; C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe [2012-10-17 19352]
S4 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S4 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S4 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S4 SMART Board Service;Služba SMART Board; C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe [2012-10-17 2219416]
S4 SMART Display Controller;SMART Display Controller; C:\Program Files\SMART Technologies\Education Software\UCService.exe [2012-10-17 803736]

-----------------EOF-----------------

#8 Příspěvek od **vyosek** » 18 led 2013 21:01

Tohle C:\Documents and Settings\doma\Nabídka Start\Programy\Po spuštění\mapovani.bat znate??

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

vildak · #9 Příspěvek od **vildak** » 18 led 2013 21:03

ano. Je to muj batak pro mapovani na druhy pocitac

vildak · #10 Příspěvek od **vildak** » 18 led 2013 21:05

# AdwCleaner v2.106 - Logfile created 01/18/2013 at 21:04:33
# Updated 17/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : doma - BBB
# Boot Mode : Normal
# Running from : C:\Download\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\DOCUME~1\doma\LOCALS~1\Temp\Uninstall.exe
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\uTorrentControl_v2

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\uTorrentControl_v2
Key Found : HKCU\Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DE393B5-80D9-435A-B11D-FB5F485DE012}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A97C003A-E2ED-461D-94BA-C993BCC6C0C9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\uTorrentControl_v2
Key Found : HKU\S-1-5-21-329068152-113007714-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [3971 octets] - [18/01/2013 21:04:33]

########## EOF - C:\AdwCleaner[R1].txt - [4031 octets] ##########

#11 Příspěvek od **vyosek** » 18 led 2013 21:06

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

vildak · #12 Příspěvek od **vildak** » 18 led 2013 21:12

# AdwCleaner v2.106 - Logfile created 01/18/2013 at 21:08:19
# Updated 17/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : doma - BBB
# Boot Mode : Normal
# Running from : C:\Download\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\doma\LOCALS~1\Temp\Uninstall.exe
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\uTorrentControl_v2

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DE393B5-80D9-435A-B11D-FB5F485DE012}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A97C003A-E2ED-461D-94BA-C993BCC6C0C9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\uTorrentControl_v2
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [4100 octets] - [18/01/2013 21:04:33]
AdwCleaner[S1].txt - [3963 octets] - [18/01/2013 21:08:19]

########## EOF - C:\AdwCleaner[S1].txt - [4023 octets] ##########

#13 Příspěvek od **vyosek** » 18 led 2013 21:13

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

vildak · #14 Příspěvek od **vildak** » 18 led 2013 21:49

OTL logfile created on: 18.1.2013 21:16:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\doma\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 55,51% Memory free
3,34 Gb Paging File | 2,81 Gb Available in Paging File | 84,01% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 36,10 Gb Free Space | 64,58% Space Free | Partition Type: NTFS
Drive V: | 232,88 Gb Total Space | 191,69 Gb Free Space | 82,32% Space Free | Partition Type: NTFS
Drive W: | 127,99 Gb Total Space | 7,76 Gb Free Space | 6,06% Space Free | Partition Type: NTFS
Drive X: | 58,31 Gb Total Space | 15,63 Gb Free Space | 26,80% Space Free | Partition Type: NTFS
Drive Y: | 465,75 Gb Total Space | 381,34 Gb Free Space | 81,88% Space Free | Partition Type: NTFS

Computer Name: BBB | User Name: doma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.18 21:14:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\doma\Plocha\OTL.exe
PRC - [2013.01.12 03:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.01.08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.) -- C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2012.11.13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.09.19 16:13:06 | 001,213,496 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\TightVNC\tvnserver.exe
PRC - [2012.08.02 05:45:06 | 004,487,024 | ---- | M] (Monika Novotna) -- C:\RAC Server\RACs.exe
PRC - [2012.08.02 05:45:06 | 000,161,648 | ---- | M] (Monika Novotna) -- C:\RAC Server\RACSessionService.exe
PRC - [2011.11.21 18:32:36 | 000,616,448 | ---- | M] (Robert Łajka & Pawel Porwisz) -- C:\Program Files\TC UP\TC UP.exe
PRC - [2010.12.17 07:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\TC UP\TOTALCMD.EXE
PRC - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.13 13:51:18 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2006.02.15 15:16:02 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.02.15 15:14:44 | 001,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

========== Modules (No Company Name) ==========

MOD - [2013.01.18 14:31:46 | 002,044,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13011801\algo.dll
MOD - [2013.01.08 01:06:22 | 000,460,392 | ---- | M] () -- C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013.01.08 01:06:21 | 012,459,624 | ---- | M] () -- C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013.01.08 01:06:19 | 004,012,648 | ---- | M] () -- C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013.01.08 01:05:29 | 000,598,120 | ---- | M] () -- C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013.01.08 01:05:28 | 000,124,520 | ---- | M] () -- C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013.01.08 01:05:25 | 001,553,000 | ---- | M] () -- C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012.11.13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012.11.13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012.11.13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012.11.13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012.11.13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012.08.20 06:54:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2012.08.20 06:54:38 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.02.15 15:17:26 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.01.17 15:50:47 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.12 03:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.17 08:40:46 | 000,803,736 | ---- | M] (SMART Technologies) [Disabled | Stopped] -- C:\Program Files\SMART Technologies\Education Software\UCService.exe -- (SMART Display Controller)
SRV - [2012.10.17 08:40:42 | 002,219,416 | ---- | M] (SMART Technologies) [Disabled | Stopped] -- C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe -- (SMART Board Service)
SRV - [2012.10.17 08:23:08 | 000,019,352 | ---- | M] (SMART Technologies ULC) [Disabled | Stopped] -- C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe -- (Response Hardware)
SRV - [2012.10.16 21:06:41 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.09.19 16:13:06 | 001,213,496 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2012.08.02 05:45:06 | 004,487,024 | ---- | M] (Monika Novotna) [Auto | Running] -- C:\RAC Server\RACs.exe -- (PCNetSoftware RAC Server)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2006.12.13 13:51:18 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [File_System | Auto | Stopped] -- system32\drivers\sbapifs.sys -- (sbapifs)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\sbaphd.sys -- (sbaphd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\doma\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012.12.06 16:59:19 | 000,459,776 | ---- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF9035BDA.sys -- (AF9035BDA)
DRV - [2012.11.26 10:55:48 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SZKG.sys -- (szkg5)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.08.20 06:54:38 | 000,822,272 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2012.06.03 09:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2012.05.04 13:05:34 | 000,073,008 | R--- | M] (iS3, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SZKGFS.sys -- (szkgfs)
DRV - [2011.10.17 13:08:28 | 000,007,680 | ---- | M] (Monika Novotna) [Kernel | Auto | Running] -- C:\RAC Server\RACDriver.sys -- (RACDriver)
DRV - [2011.01.26 18:28:20 | 000,024,680 | ---- | M] (CaptainFlint Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2010.05.20 14:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.08.08 10:14:22 | 000,032,784 | ---- | M] (Miloslav Novotny N+P) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\racmirror.sys -- (racmirror)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007.06.18 15:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.11.07 03:32:00 | 000,046,976 | R--- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPKBCCID.sys -- (HPKBCCID)
DRV - [2006.06.30 12:00:22 | 001,155,584 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.06.28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006.02.15 14:59:52 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.02.15 14:56:58 | 001,342,570 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.02.15 14:54:46 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.02.15 14:54:10 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.02.15 14:51:22 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2005.08.05 10:33:56 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2004.10.24 23:04:00 | 000,007,796 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Stc2Dfu.sys -- (STC2DFU)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-329068152-113007714-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-329068152-113007714-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-329068152-113007714-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-329068152-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-329068152-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.mpsv.cz:8080

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)

[2012.11.03 16:47:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\doma\Data aplikací\Mozilla\Firefox\extensions
[2012.11.03 16:47:37 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\doma\Data aplikací\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

========== Chrome ==========

CHR - homepage: http://extranet.mpsv.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://extranet.mpsv.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\doma\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\doma\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\doma\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\doma\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.129\npGoogleUpdate3.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Chrome YouTube Downloader = C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.14_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Denn\u00ED mahjong = C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gglcbpjnmkbgimmaooidnnlienhmldon\2.0.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.01.17 16:12:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LayoutM] C:\WINDOWS\KLayMgr.exe (Chicony)
O4 - HKLM..\Run: [RAC User Help Service] C:\RAC Server\RACSessionService.exe (Monika Novotna)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\doma\Nabídka Start\Programy\Po spuštění\mapovani.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-113007714-839522115-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-329068152-113007714-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-329068152-113007714-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-329068152-113007714-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O15 - HKU\S-1-5-21-329068152-113007714-839522115-1003\..Trusted Domains: csas.cz ([lb] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-329068152-113007714-839522115-1003\..Trusted Domains: seznam.cz ([email] https in Důvěryhodné servery)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 5458848984 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 5488133031 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{140E3148-D733-4A77-85AC-27B07CD6E05A}: DhcpNameServer = 192.168.15.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\RACServerLogon: DllName - (RACServerLogon.dll) - C:\WINDOWS\System32\RACServerLogon.dll (Monika Novotna)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\doma\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\doma\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.08.20 06:03:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.01.18 21:14:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\doma\Plocha\OTL.exe
[2013.01.18 20:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.18 20:58:06 | 000,000,000 | ---D | C] -- C:\rsit
[2013.01.18 14:29:21 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.01.18 14:29:21 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.01.18 14:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2013.01.18 14:29:19 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.01.18 14:29:19 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.01.18 14:29:19 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.01.18 14:29:18 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013.01.18 14:29:18 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013.01.18 14:29:18 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013.01.18 14:28:40 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.01.18 14:28:39 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.01.18 14:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.01.18 14:28:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.01.18 04:49:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.01.18 04:49:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\doma\Plocha\mbar
[2013.01.17 16:03:11 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.01.17 16:01:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.01.17 16:01:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.01.17 16:01:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.01.17 16:01:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.01.17 16:00:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.17 16:00:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.01.14 20:55:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.01.14 20:55:37 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.01.14 20:55:36 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.01.13 16:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2013.01.12 09:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\doma\Plocha\Chrome
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.01.18 21:19:41 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.18 21:14:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\doma\Plocha\OTL.exe
[2013.01.18 21:13:03 | 000,025,849 | -H-- | M] () -- C:\treeinfo.wc
[2013.01.18 21:10:14 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.18 21:09:51 | 000,013,680 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.18 21:09:40 | 000,000,620 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.01.18 21:09:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.18 15:13:18 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.01.18 14:29:21 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.01.17 17:59:07 | 000,000,361 | RHS- | M] () -- C:\boot.ini
[2013.01.17 17:49:57 | 000,000,172 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.01.17 16:12:05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.01.17 15:50:48 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.01.17 15:50:45 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.01.17 15:50:45 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.01.14 20:54:55 | 000,473,014 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.01.14 20:54:55 | 000,468,346 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.01.14 20:54:55 | 000,087,912 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.01.14 20:54:55 | 000,076,108 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.01.13 16:39:01 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2013.01.12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.01.12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.01.12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.18 21:19:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.18 14:29:21 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.01.18 14:29:19 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.17 16:03:21 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013.01.17 16:03:14 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.01.17 16:01:24 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.01.17 16:01:24 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.01.17 16:01:24 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.01.17 16:01:24 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.01.17 16:01:24 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.01.13 16:39:01 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2013.01.03 16:56:47 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012.12.06 17:02:32 | 000,000,356 | ---- | C] () -- C:\WINDOWS\System32\af15irtbl.bin
[2012.12.06 16:59:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012.12.02 12:27:17 | 000,000,172 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.10.17 17:16:08 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.09.09 21:28:52 | 000,958,930 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-329068152-113007714-839522115-1003-0.dat
[2012.09.07 22:30:14 | 000,162,466 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.09.07 07:13:29 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\doma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.04 19:40:22 | 000,000,185 | ---- | C] () -- C:\WINDOWS\winin.ini
[2012.08.20 19:57:04 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2012.08.20 19:39:08 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2012.08.20 12:27:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.08.20 07:55:56 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.08.20 07:54:56 | 000,168,304 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.20 06:54:44 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2012.08.20 06:54:44 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2012.08.20 06:54:44 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2012.08.20 06:28:43 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2012.08.20 06:05:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.08.20 06:00:23 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012.08.20 19:28:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.06.28 22:33:24 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.01.18 14:28:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.01.03 16:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2012.08.20 09:34:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.10.16 21:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2013.01.03 19:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\F-Secure
[2012.10.16 21:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SMART Technologies
[2012.12.14 15:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TightVNC
[2012.11.09 14:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2013.01.03 16:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Canneverbe Limited
[2012.08.30 12:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Canon
[2013.01.03 19:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\f-secure
[2012.08.20 10:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Hewlett Packard
[2012.08.21 15:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\HEXelon
[2013.01.14 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\ICQ
[2012.10.13 09:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\MctvPlaylistEditor
[2012.08.21 15:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Miranda
[2012.10.06 06:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\PDM
[2012.11.14 19:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Rovio
[2012.10.16 21:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\SMART Technologies
[2012.10.16 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\SMART Technologies Inc
[2012.12.14 21:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\TightVNC
[2012.11.03 11:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\TuneUp Software
[2013.01.12 16:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\uTorrent
[2012.08.22 14:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\VitySoft
[2013.01.03 18:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\XMedia Recode

========== Purity Check ==========

========== Custom Scans ==========

< >
[2012.08.20 06:01:24 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.08.20 06:06:38 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.10.12 14:16:46 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.12.02 08:32:32 | 000,000,446 | ---- | C] () -- C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
[2012.12.02 08:32:32 | 000,000,616 | ---- | C] () -- C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2012.12.02 08:32:32 | 000,000,620 | ---- | C] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
[2013.01.18 14:29:19 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< >

< MD5 for: ATAPI.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 12:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 12:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2012.11.13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 12:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 12:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.18 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\erdnt\cache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 12:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[17 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.08.22 15:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Adobe
[2013.01.03 16:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Canneverbe Limited
[2012.08.30 12:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Canon
[2012.12.12 22:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Corel
[2012.12.25 13:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\dvdcss
[2013.01.03 19:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\f-secure
[2012.08.20 10:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Hewlett Packard
[2012.08.21 15:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\HEXelon
[2013.01.14 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\ICQ
[2012.08.20 06:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Identities
[2012.08.20 06:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\InstallShield
[2012.08.22 04:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Macromedia
[2012.10.13 09:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\MctvPlaylistEditor
[2012.09.23 05:06:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\doma\Data aplikací\Microsoft
[2012.08.21 15:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Miranda
[2012.11.03 16:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Mozilla
[2012.10.06 06:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\PDM
[2012.11.14 19:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Rovio
[2013.01.08 20:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Skype
[2012.10.16 21:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\SMART Technologies
[2012.10.16 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\SMART Technologies Inc
[2012.08.22 14:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\Sun
[2012.12.14 21:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\TightVNC
[2012.11.03 11:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\TuneUp Software
[2013.01.12 16:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\uTorrent
[2012.08.22 14:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\VitySoft
[2013.01.16 15:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\vlc
[2013.01.03 18:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\doma\Data aplikací\XMedia Recode

< %APPDATA%\*.exe /s >
[2005.10.17 11:12:46 | 000,258,048 | ---- | M] () -- C:\Documents and Settings\doma\Data aplikací\uTorrent\wget.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.01.17 15:50:48 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.01.18 21:10:14 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.01.18 21:09:40 | 000,000,620 | ---- | M] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
[2012.12.19 05:10:18 | 000,000,616 | ---- | M] () -- C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2012.12.02 08:32:33 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2012.08.20 07:54:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.08.20 07:54:16 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.08.20 07:54:16 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.18 15:13:18 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2013.01.17 15:50:45 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2013.01.17 15:50:45 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2013.01.18 21:09:51 | 000,013,680 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.18 21:19:41 | 000,000,512 | ---- | M] () MD5=72DEDADDA2CD08A0F7AFEEFDE616EE21 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.04.26 15:00:36 | 000,037,327 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Gallery Essentials\CRACKER_00029BF6.galleryitem
[2010.04.26 14:38:38 | 000,015,663 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Gallery Essentials\HUMPTY_DUMPTY_CRACKED_00012998.galleryitem
[2010.04.26 15:09:58 | 000,031,360 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Gallery Essentials\NUTCRACKER_0000E4E7.galleryitem
[2010.04.26 15:10:00 | 000,027,928 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Gallery Essentials\NUTCRACKER_00019C79.galleryitem
[2009.04.06 04:58:32 | 000,143,646 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Lesson Activity Toolkit\Firecracker example.galleryitem
[2009.03.20 09:37:56 | 000,129,525 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Lesson Activity Toolkit\firecracker.galleryitem
[2012.11.02 15:55:08 | 000,005,369 | ---- | M] () -- \Documents and Settings\doma\Data aplikací\VitySoft\FRD\plugins\crackle.frp
[2005.03.08 11:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Bumpmap\Cracks.cpt
[2005.03.08 11:30:58 | 000,016,068 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Canvas\cracks2c.pcx
[2005.03.08 11:31:08 | 000,010,560 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X4\Custom Data\Tiles\CRACKS2M.CPT
[2010.05.29 21:41:56 | 000,114,899 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py

< *keygen* /s >

< *loader* /s >
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.08.27 21:10:14 | 000,000,847 | ---- | M] () -- \Documents and Settings\doma\Data aplikací\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\ajax-loader.gif
[2012.08.27 21:10:14 | 000,001,135 | ---- | M] () -- \Documents and Settings\doma\Data aplikací\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\loader-icon.png
[2012.08.27 21:10:14 | 000,003,208 | ---- | M] () -- \Documents and Settings\doma\Data aplikací\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img\loader.gif
[2012.08.27 21:10:14 | 000,001,849 | ---- | M] () -- \Documents and Settings\doma\Data aplikací\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012.12.21 03:18:18 | 000,010,000 | ---- | M] () -- \Documents and Settings\doma\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.14_0\script\Chrome-YouTube-Downloader.js
[2012.11.08 17:58:34 | 000,019,497 | ---- | M] () -- \Documents and Settings\doma\Local Settings\Temp\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.01.18 19:21:24 | 000,003,208 | ---- | M] () -- \Documents and Settings\doma\Local Settings\Temporary Internet Files\Content.IE5\Q3WL701N\ajax-loader[1].gif
[2012.10.22 12:33:58 | 000,001,312 | ---- | M] () -- \Games\Angry Birds - Seasons\data\scripts_common\subsystems\loader.lua
[2012.10.10 14:16:12 | 000,001,312 | ---- | M] () -- \Games\Angry Birds\data\scripts_common\subsystems\loader.lua
[2012.12.06 23:38:40 | 000,268,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.08.20 18:50:01 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.08.20 18:50:01 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.08.20 18:50:01 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.08.20 18:52:25 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.10.24 21:10:28 | 004,174,744 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\ColladaLoader-vc90-r736.dll
[2012.10.24 21:10:54 | 003,990,424 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\FbxLoader-vc100.dll
[2012.10.17 09:10:38 | 000,052,224 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\ObjLoader-vc100.dll
[2010.10.13 23:07:58 | 000,000,296 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\Support\ruby\1.9.1\yaml\loader.rb
[2011.11.29 14:50:38 | 000,002,713 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\WebInterface\components\uriloader.xpt
[2010.03.06 09:24:56 | 000,003,614 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.06 09:24:56 | 000,030,804 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.03.06 09:24:56 | 000,027,898 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.03.06 09:24:56 | 000,042,058 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.03.06 09:24:56 | 000,023,145 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.03.06 09:24:56 | 000,028,692 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.03.06 09:24:56 | 000,034,496 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.03.06 09:24:56 | 000,022,435 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.03.06 09:24:56 | 000,036,528 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.06 09:24:56 | 000,026,252 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.03.06 09:24:56 | 000,020,063 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.03.06 09:24:56 | 000,024,412 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.03.06 09:24:56 | 000,029,401 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.03.06 09:24:56 | 000,019,399 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.03.06 09:24:56 | 000,025,270 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.03.06 09:24:56 | 000,042,114 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.03.06 09:24:56 | 000,018,909 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.08.16 10:41:40 | 000,032,958 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.08.16 10:41:40 | 000,001,847 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.08.16 10:41:40 | 000,057,685 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.08.16 10:41:40 | 000,029,336 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.08.16 10:41:40 | 000,001,341 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.08.16 10:41:40 | 000,028,643 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.08.16 10:41:40 | 000,055,918 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.08.16 10:41:40 | 000,038,308 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.08.16 10:41:40 | 000,001,949 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.08.16 10:41:40 | 000,007,779 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.08.16 10:41:40 | 000,017,301 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.08.16 10:41:40 | 000,015,416 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.08.16 10:41:40 | 000,015,832 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.08.16 10:41:40 | 000,038,937 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.08.16 10:41:40 | 000,014,300 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.08.16 10:41:40 | 000,017,550 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\TC UP\PLUGINS\Media\TheKMPlayer\ImLoader.dll
[2004.08.18 12:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2012.10.16 21:08:16 | 000,065,024 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.9.5230.0__31bf3856ad364e35\IALoader.dll
[2012.03.28 19:25:20 | 004,174,704 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\7C420EFA7AC7E8C409EE8D777CDC693A\11.0.583\colladaloader_vc90_r736.dll
[2012.03.28 19:25:46 | 003,990,384 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\7C420EFA7AC7E8C409EE8D777CDC693A\11.0.583\fbxloader_vc100.dll
[2012.03.28 19:15:02 | 000,052,224 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\7C420EFA7AC7E8C409EE8D777CDC693A\11.0.583\objloader_vc100.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2012.10.04 09:12:02 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr

< End of report >

vildak · #15 Příspěvek od **vildak** » 18 led 2013 21:50

OTL Extras logfile created on: 18.1.2013 21:16:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\doma\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 55,51% Memory free
3,34 Gb Paging File | 2,81 Gb Available in Paging File | 84,01% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 36,10 Gb Free Space | 64,58% Space Free | Partition Type: NTFS
Drive V: | 232,88 Gb Total Space | 191,69 Gb Free Space | 82,32% Space Free | Partition Type: NTFS
Drive W: | 127,99 Gb Total Space | 7,76 Gb Free Space | 6,06% Space Free | Partition Type: NTFS
Drive X: | 58,31 Gb Total Space | 15,63 Gb Free Space | 26,80% Space Free | Partition Type: NTFS
Drive Y: | 465,75 Gb Total Space | 381,34 Gb Free Space | 81,88% Space Free | Partition Type: NTFS

Computer Name: BBB | User Name: doma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"E:\RAC Server\RACs.exe" = c:\RAC Server\RACs.exe:*:Enabled:Remote Administrator Control Server -- (Monika Novotna)
"C:\Documents and Settings\doma\Plocha\RAC Server\RACs.exe" = C:\Documents and Settings\doma\Plocha\RAC Server\RACs.exe:*:Enabled:Remote Administrator Control Server -- (Monika Novotna)
"C:\RAC Server\RACs.exe" = C:\RAC Server\RACs.exe:*:Enabled:Remote Administrator Control Server -- (Monika Novotna)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.3 -- (VideoLAN)
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe" = C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Download\a\MctvPlaylistEditor.exe" = C:\Download\a\MctvPlaylistEditor.exe:*:Enabled:MctvPlaylistEditor -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe" = C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe:*:Enabled:SMART Response Software Service -- (SMART Technologies ULC)
"C:\Program Files\SMART Technologies\Education Software\UCGui.exe" = C:\Program Files\SMART Technologies\Education Software\UCGui.exe:*:Enabled:SMART Universal Controller Interface -- (SMART Technologies)
"C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe" = C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe:*:Enabled:SMART SNMP Agent -- (SMART Technologies)
"C:\Program Files\SMART Technologies\Education Software\UCService.exe" = C:\Program Files\SMART Technologies\Education Software\UCService.exe:*:Enabled:SMART Display Controller Service -- (SMART Technologies)
"C:\Program Files\SMART Technologies\Education Software\VantageService.exe" = C:\Program Files\SMART Technologies\Education Software\VantageService.exe:*:Enabled:Vantage Service -- (SMART Technologies)
"C:\Program Files\TightVNC\tvnserver.exe" = C:\Program Files\TightVNC\tvnserver.exe:*:Enabled:TightVNC -- (GlavSoft LLC.)
"C:\Program Files\TightVNC\tvnviewer.exe" = C:\Program Files\TightVNC\tvnviewer.exe:*:Enabled:TightVNC -- (GlavSoft LLC.)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:LocalSubNet:Enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Průzkumník Windows -- (Microsoft Corporation)
"C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe:*:Enabled:Single file on-demand scanner -- (Safer-Networking Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{02885557-ACA5-4B6F-85D2-3F1A9B8580F5}" = SMART Response Software
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}" = CorelDRAW Graphics Suite X4 - Lang BR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 J1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{40FC81EA-21F7-44FB-A6F2-A4D6328F4C4F}" = CorelDRAW Graphics Suite X4 - Lang SU
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}" = SMART Ink
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{55A53357-8C45-4AFA-A415-247A8B167F60}" = TightVNC
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EFA9E45-BC04-4613-B88F-079B01C9F862}" = HP USB Smart Card Keyboard
"{7F05E704-30A6-421A-97A7-8EEB1C7FF000}" = CorelDRAW Graphics Suite X4
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9CDA415B-974B-4384-8CA6-9327D5B4270B}" = CorelDRAW Graphics Suite X4 - Lang SV
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D306690-3173-42CD-94C6-9EF9318AF24B}" = CorelDRAW Graphics Suite X4 - Lang FR
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A6C27FFF-75EF-4B5B-A64E-F9E128994908}" = CorelDRAW Graphics Suite X4 - Lang NL
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = TIPCI
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}" = CorelDRAW Graphics Suite X4 - Lang DE
"{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}" = SMART Notebook
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C70C90D2-D197-40E9-B712-6828BDA5F74A}" = PdfMerge
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}" = CorelDRAW Graphics Suite X4 - Lang IT
"{D2827848-7D2A-4547-9AD1-C965FB3E6344}" = CorelDRAW Graphics Suite X4 - Lang ES
"{D4D68022-BE82-4C7B-87D5-2460A9BDB001}" = SMART Czech Language Pack
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.1.3.6
"{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}" = SMART Product Drivers
"{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}" = SMART Common Files
"{ED8BB1CA-535A-408D-85C9-ED1986D2B85E}" = Palm Reader
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3F1D08D-ABEF-4528-8383-54C46369EBB6}" = TV Jukebox 3.1
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast" = avast! Free Antivirus
"Broadcom 802.11 Application" = Bezdrátová služba Broadcom
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"DVD Decrypter" = DVD Decrypter (Remove Only)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Miranda IM" = Miranda IM 0.10.9
"Remote Administrator Control Client_is1" = Remote Administrator Control Client 4.0.3
"Remote Administrator Control Server_is1" = Remote Administrator Control Server 4.0.3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TC UP" = Total Commander Ultima Prime 5.6.0.0
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-329068152-113007714-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Angry Birds - Rio RePack" = Angry Birds: Rio RePack
"Angry Birds - Seasons RePack" = Angry Birds: Seasons RePack
"Angry Birds - Space RePack" = Angry Birds: Space RePack
"Angry Birds - Star Wars RePack" = Angry Birds: Star Wars RePack
"Angry Birds RePack" = Angry Birds RePack
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.1.2013 17:03:37 | Computer Name = BBB | Source = MsiInstaller | ID = 11721
Description = Product: STOPzilla -- Message 1721. There is a problem with this Windows
Installer package. A program required for this install to complete could not be
run. Contact your support personnel or package vendor. Action: UninstallQuery,
location: C:\Program Files\STOPzilla!\SZInit.Exe, command: /uq Available in Windows
Installer version 2.0.

Error - 3.1.2013 17:12:39 | Computer Name = BBB | Source = MsiInstaller | ID = 10005
Description = Product: STOPzilla -- Message 2753. The File 'SZInitExe' is not marked
for installation.

Error - 3.1.2013 17:13:45 | Computer Name = BBB | Source = MsiInstaller | ID = 10005
Description = Product: STOPzilla -- Message 2753. The File 'SZInitExe' is not marked
for installation.

Error - 3.1.2013 17:14:37 | Computer Name = BBB | Source = MsiInstaller | ID = 10005
Description = Product: STOPzilla -- Message 2753. The File 'SZInitExe' is not marked
for installation.

Error - 4.1.2013 10:27:14 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.1.2013 17:11:55 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.1.2013 16:51:17 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.1.2013 11:15:52 | Computer Name = BBB | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 13.1.2013 8:19:27 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2013 13:59:35 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ Application Events ]
Error - 3.1.2013 17:03:37 | Computer Name = BBB | Source = MsiInstaller | ID = 11721
Description = Product: STOPzilla -- Message 1721. There is a problem with this Windows
Installer package. A program required for this install to complete could not be
run. Contact your support personnel or package vendor. Action: UninstallQuery,
location: C:\Program Files\STOPzilla!\SZInit.Exe, command: /uq Available in Windows
Installer version 2.0.

Error - 3.1.2013 17:12:39 | Computer Name = BBB | Source = MsiInstaller | ID = 10005
Description = Product: STOPzilla -- Message 2753. The File 'SZInitExe' is not marked
for installation.

Error - 3.1.2013 17:13:45 | Computer Name = BBB | Source = MsiInstaller | ID = 10005
Description = Product: STOPzilla -- Message 2753. The File 'SZInitExe' is not marked
for installation.

Error - 3.1.2013 17:14:37 | Computer Name = BBB | Source = MsiInstaller | ID = 10005
Description = Product: STOPzilla -- Message 2753. The File 'SZInitExe' is not marked
for installation.

Error - 4.1.2013 10:27:14 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.1.2013 17:11:55 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.1.2013 16:51:17 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.1.2013 11:15:52 | Computer Name = BBB | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 13.1.2013 8:19:27 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2013 13:59:35 | Computer Name = BBB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 18.1.2013 9:13:58 | Computer Name = BBB | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna SMART Notebook Print
Capture název sdílení Tiskárna3.

Error - 18.1.2013 9:14:04 | Computer Name = BBB | Source = Service Control Manager | ID = 7000
Description = Služba sbapifs neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 18.1.2013 9:14:04 | Computer Name = BBB | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 18.1.2013 9:14:04 | Computer Name = BBB | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 18.1.2013 9:14:09 | Computer Name = BBB | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde sbaphd

Error - 18.1.2013 9:24:52 | Computer Name = BBB | Source = Service Control Manager | ID = 7000
Description = Služba sbapifs neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 18.1.2013 9:24:53 | Computer Name = BBB | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde sbaphd

Error - 18.1.2013 16:09:34 | Computer Name = BBB | Source = Print | ID = 19
Description = Došlo k chybě sdílení tiskárny + 1722, tiskárna SMART Notebook Print
Capture název sdílení Tiskárna3.

Error - 18.1.2013 16:09:35 | Computer Name = BBB | Source = Service Control Manager | ID = 7000
Description = Služba sbapifs neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 18.1.2013 16:09:39 | Computer Name = BBB | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde sbaphd

< End of report >

VIRY.CZ

runtime error 216

runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216

Re: runtime error 216