Problém s prohlížečem Internet Explorer

[rakato11]

Po instalaci jednoho programu se mi s ním nainstalovaly další, ve snaze se jich zbavit jsem začal odinstalovávat jak ten původní tak se pak pokoušet o ty další. Došlo to tak daleko, že jsem začal obnovu systému z bodu obnovy a to postupně z několika. Můj problém to však nevyřešilo, když kliknu na ikonu IE, tak se mu objeví google.
Zkoušel jsem vytvořit log z RSIT, ale vyskakuje mi tato hláška, viz příloha.

[Rudy]

Zdravím!
Spusťte RSIT jako správce. Klik na jeho ikonu pravým myšítkem>sputit jako správce.

[rakato11]

Nejde, to jsem dělal hned a zkoušel i nyní a nic, sken zajede asi do 3/4 a vyskočí hláška co jsem sem dal.

[rakato11]

Dnes jsem zkusil použít jiný bod obnovy, situace se o něco zlepšila. Když jsem spustil RSIT, po pár vteřinách vyskočilo okno s odsouhlasením licence, to jsem odsouhlasil, RSIT pokračoval, ale zůstal stát malinko před koncem, po několika minutách jsem se jej pokoušel zavřít, nereagoval až jsem kliknul na něco jiného a opět na něj, tak se uzavřel a vytvořil se log, nevím zda správně.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Otakar Vavrečka at 2013-01-19 08:29:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 66 GB (42%) free of 158 GB
Total RAM: 3066 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:29:24, on 19.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Otakar Vavrečka\Desktop\Gmail Notifier Plus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Otakar Vavrečka\Desktop\RSIT.exe
C:\Program Files\trend micro\Otakar Vavrečka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 271361010A}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 271361010A}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - Global Startup: Update Scheduler for Proteus Professional 7.lnk = ?
O8 - Extra context menu item: Free YouTube Download - C:\Users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5913 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wrc@avast.com:20110101, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?sr ... 61010A}&q="

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"=C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
butterscotch_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\
badoo.xml
hledejcenycz.xml
icq-search.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
plasmoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\bin\listicka.dll [2012-04-16 1508376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2012-04-16 188952]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-18 22:49:34 ----D---- C:\rsit
2013-01-18 21:17:48 ----D---- C:\Program Files\MSXML 4.0
2013-01-17 12:26:19 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Sweetpacks
2013-01-17 10:36:44 ----SHD---- C:\Config.Msi
2013-01-17 06:29:52 ----D---- C:\Program Files\Uniblue
2013-01-17 05:47:07 ----D---- C:\Windows\WM Capture 6
2013-01-17 05:46:43 ----A---- C:\WM Capture 6 Setup Log.txt
2013-01-16 19:39:05 ----D---- C:\Program Files\Real
2013-01-16 19:38:42 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Real
2013-01-16 19:36:29 ----D---- C:\ProgramData\Real
2013-01-14 10:07:55 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-01-14 10:07:55 ----A---- C:\Windows\system32\javaw.exe
2013-01-14 10:07:55 ----A---- C:\Windows\system32\java.exe
2013-01-10 20:51:30 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 06:54:05 ----A---- C:\Windows\system32\win32k.sys
2013-01-10 06:54:03 ----A---- C:\Windows\system32\win32spl.dll
2013-01-10 06:53:52 ----A---- C:\Windows\system32\msxml6.dll
2013-01-10 06:53:37 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 06:53:37 ----A---- C:\Windows\system32\ncrypt.dll
2012-12-27 01:25:05 ----SHD---- C:\$RECYCLE.BIN
2012-12-27 00:59:34 ----A---- C:\AdwCleaner[R4].txt
2012-12-26 23:25:59 ----A---- C:\AdwCleaner[R3].txt
2012-12-26 22:27:24 ----D---- C:\Windows\erdnt
2012-12-25 21:12:45 ----D---- C:\Program Files\trend micro
2012-12-24 10:58:47 ----A---- C:\AdwCleaner[S2].txt
2012-12-24 10:58:11 ----A---- C:\AdwCleaner[R2].txt
2012-12-24 10:54:07 ----A---- C:\AdwCleaner[S1].txt
2012-12-24 10:52:22 ----A---- C:\AdwCleaner[R1].txt
2012-12-22 19:21:40 ----D---- C:\TapinRadio - Radio 7
2012-12-21 12:55:48 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 12:55:48 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2013-01-19 08:29:24 ----D---- C:\Windows\Temp
2013-01-19 08:27:13 ----SHD---- C:\System Volume Information
2013-01-19 08:26:19 ----D---- C:\Windows\inf
2013-01-19 08:26:19 ----AD---- C:\Windows\System32
2013-01-19 08:26:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-19 08:22:46 ----D---- C:\Windows\system32\Tasks
2013-01-19 08:21:40 ----D---- C:\Windows\system32\config
2013-01-19 08:21:02 ----D---- C:\Windows\Tasks
2013-01-19 08:21:02 ----D---- C:\Windows\system32\wfp
2013-01-19 08:20:59 ----D---- C:\Windows\system32\wbem
2013-01-19 08:20:59 ----D---- C:\Windows
2013-01-19 08:19:48 ----D---- C:\Windows\winsxs
2013-01-19 08:19:48 ----D---- C:\Windows\system32\DriverStore
2013-01-19 08:19:48 ----D---- C:\Windows\system32\catroot2
2013-01-19 08:19:48 ----D---- C:\Program Files\Internet Explorer
2013-01-19 08:19:44 ----D---- C:\Windows\system32\NDF
2013-01-19 08:19:44 ----D---- C:\Windows\system32\drivers\etc
2013-01-19 08:19:44 ----D---- C:\Windows\system32\drivers
2013-01-19 08:19:44 ----D---- C:\Windows\system32\CodeIntegrity
2013-01-19 08:19:39 ----SHD---- C:\Windows\Installer
2013-01-19 08:19:38 ----RSD---- C:\Windows\assembly
2013-01-19 08:19:33 ----D---- C:\Windows\AppCompat
2013-01-19 08:19:32 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
2013-01-19 08:19:27 ----D---- C:\ProgramData\YTD Video Downloader
2013-01-19 08:19:26 ----D---- C:\Program Files\Seznam.cz
2013-01-19 08:19:13 ----D---- C:\Program Files\Microsoft Silverlight
2013-01-19 08:18:52 ----D---- C:\Windows\registration
2013-01-19 08:18:04 ----D---- C:\Windows\system32\catroot
2013-01-19 08:17:54 ----D---- C:\Windows\Microsoft.NET
2013-01-19 08:16:45 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-01-19 08:16:16 ----D---- C:\ProgramData
2013-01-19 08:16:14 ----RD---- C:\Program Files
2013-01-19 08:16:02 ----D---- C:\Program Files\Java
2013-01-19 08:15:58 ----D---- C:\Program Files\Google
2013-01-19 08:15:55 ----D---- C:\Program Files\Common Files
2013-01-18 21:39:49 ----D---- C:\Windows\Panther
2013-01-18 21:39:49 ----D---- C:\Windows\debug
2013-01-18 21:08:30 ----D---- C:\Windows\Prefetch
2013-01-17 11:43:06 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Ignite
2013-01-16 19:39:15 ----A---- C:\Windows\system32\pncrt.dll
2013-01-16 19:39:08 ----A---- C:\Windows\system32\msvcr71.dll
2013-01-10 09:00:24 ----A---- C:\Windows\system32\MRT.exe
2013-01-09 16:31:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-12-27 01:39:56 ----D---- C:\Program Files\CCleaner
2012-12-26 23:59:26 ----A---- C:\Windows\system.ini
2012-12-26 23:53:31 ----D---- C:\Windows\AppPatch
2012-12-26 17:46:01 ----D---- C:\hp
2012-12-24 10:54:09 ----D---- C:\ProgramData\ICQ
2012-12-20 17:35:06 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 20624]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-07 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.SYS [2003-07-19 18848]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 PPSCAN;PPSCAN; C:\Windows\system32\drivers\PPSCAN.sys [2002-03-29 91520]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2011-08-11 12984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-23 1343400]

-----------------EOF-----------------

[rakato11]

Vytvořilo se i toto, tak nevím ce je správné.

info.txt logfile of random's system information tool 1.09 2013-01-19 08:29:26

======Uninstall list======

µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin
Adobe Reader X (10.1.5) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Ashampoo Burning Studio 6 FREE v.6.81-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->MsiExec.exe /X{5932A5C4-BB44-4CFB-AD66-1B826F4D788B}
ConvertXtoDVD 4.1.19.365-->"C:\Program Files\VSO\ConvertX\4\unins000.exe"
Debut Video Capture Software-->C:\Program Files\NCH Software\Debut\uninst.exe
doPDF 7.2 printer-->"C:\Program Files\Softland\doPDF 7\unins000.exe"
EAGLE 5.6.0-->cmd.exe /c start "EAGLE Uninstaller" /min "C:\Program Files\EAGLE-5.6.0\bin\uninstall.bat" C:\Program Files\EAGLE-5.6.0\bin
EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FastStone Image Viewer 4.6-->C:\Program Files\FastStone Image Viewer\uninst.exe
Free Studio version 5.8.0.1201-->C:\Program Files\Common Files\DVDVideoSoft\Uninstall.exe
Free Video Converter V 3.1-->"C:\Program Files\Free Video Converter\unins000.exe"
Free Video to DVD Converter version 1.6.21.602-->"C:\Program Files\DVDVideoSoft\Free Video to DVD Converter\unins000.exe"
GIMP 2.6.11-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Talk Plugin-->MsiExec.exe /I{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP PrecisionScan LT Software-->C:\SCANJET\PrecisionScanLT\uninstal.exe C:\SCANJET\PrecisionScanLT\uninstal.cfg
HP Web Camera-->MsiExec.exe /I{C7AE4EC3-9C13-4213-8457-74D16B353F91}
HP Webcam-->C:\ProgramData\Uninstall\{1D61E881-43CD-447B-9E6B-D2C6138B2862}\setup.exe /x {1D61E881-43CD-447B-9E6B-D2C6138B2862}
Chinese Traditional Fonts Support For Adobe Reader X-->MsiExec.exe /I{AC76BA86-7AD7-2448-0000-A00000000003}
ICQ7.6-->"C:\Program Files\InstallShield Installation Information\{7644E42D-B096-457F-8B5B-901238FC81AE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java 7 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
KONICA MINOLTA PagePro 1300W-->MUINST_N.EXE /PRN:"KONICA MINOLTA PagePro 1300W"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 18.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
OpenOffice.org 3.3-->MsiExec.exe /I{D5B94160-4A07-4956-9C73-8C5EEFEF180F}
Proteus 7 Professional-->C:\Program Files\InstallShield Installation Information\{13C4E8F0-B747-4C7C-9090-884832F9F90A}\setup.exe -runfromtemp -l0x0009 -removeonly
QCAD Professional Demo 2.2.2.0-->C:\Program Files\QCAD Professional Demo\uninst.exe
Revo Uninstaller Pro 2.5.8-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
Seznam Lištička (Všichni uživatelé tohoto počítače.)-->"C:\Program Files\Seznam.cz\listicka-uninstall.exe" /AllUsers
Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)-->"C:\Program Files\Seznam.cz\postak-uninstall.exe" /AllUsers
Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
TapinRadio - Radio 7 verze 1.50.1-->"C:\TapinRadio - Radio 7\unins000.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
VideoPad Video Editor-->C:\Program Files\NCH Software\VideoPad\uninst.exe
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
X-Lite 3.0-->"C:\Program Files\CounterPath\X-Lite\unins000.exe"
YTD Video Downloader 3.9.6-->"C:\Program Files\GreenTree Applications\YTD Video Downloader\uninstall.exe"

======Hosts File======

::1 localhost

======System event log======

Computer Name: PC-Otakar
Event Code: 6
Message: Filtr systému souborů aswMonFlt (verze 6.0, ?2012?-?08?-?21T11:04:57.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 393996
Source Name: Microsoft-Windows-FilterManager
Time Written: 20121002073026.750433-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-Otakar
Event Code: 6
Message: Filtr systému souborů luafv (verze 6.1, ?2009?-?07?-?14T01:15:44.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 393995
Source Name: Microsoft-Windows-FilterManager
Time Written: 20121002073026.750433-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-Otakar
Event Code: 7036
Message: Stav služby Napájení byl změněn na: Spuštěno
Record Number: 393994
Source Name: Service Control Manager
Time Written: 20121002073026.734833-000
Event Type: Informace
User:

Computer Name: PC-Otakar
Event Code: 20010
Message: Došlo ke změně jednoho nebo více podsystémů služby Plug and Play.

Povolený instalační podsystém služby PlugPlay: 'true'
Povolený podsystém mezipaměti služby PlugPlay: 'true'

Record Number: 393993
Source Name: Microsoft-Windows-UserPnp
Time Written: 20121002073026.594433-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: PC-Otakar
Event Code: 7036
Message: Stav služby Plug and Play byl změněn na: Spuštěno
Record Number: 393992
Source Name: Service Control Manager
Time Written: 20121002073026.594433-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: PC-Otakar
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 37148
Source Name: Desktop Window Manager
Time Written: 20111218085213.000000-000
Event Type: Informace
User:

Computer Name: PC-Otakar
Event Code: 1001
Message: Chybný blok 1687744802, typ 5
Název události: FaultTolerantHeap
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: MiniBrowser.exe
P2: 1.0.0.1
P3: 4D36E22A
P4: 16
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Users\Otakar Vavrečka\AppData\Local\Temp\WER3B5B.tmp.mdmp

Tyto soubory mohou být k dispozici zde:
C:\Users\Otakar Vavrečka\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_MiniBrowser.exe_f26cdfaf44a18e90bc42495def7f8db96d8b56b_10b249ec

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: d2092c71-294f-11e1-a8ad-00271361010a
Stav hlášení: 0
Record Number: 37147
Source Name: Windows Error Reporting
Time Written: 20111218081104.000000-000
Event Type: Informace
User:

Computer Name: PC-Otakar
Event Code: 1001
Message: Chybný blok , typ 0
Název události: FaultTolerantHeap
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: MiniBrowser.exe
P2: 1.0.0.1
P3: 4D36E22A
P4: 16
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:

Tyto soubory mohou být k dispozici zde:


Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: d2092c71-294f-11e1-a8ad-00271361010a
Stav hlášení: 0
Record Number: 37146
Source Name: Windows Error Reporting
Time Written: 20111218081101.000000-000
Event Type: Informace
User:

Computer Name: PC-Otakar
Event Code: 1001
Message: Chybný blok , typ 0
Název události: FaultTolerantHeap
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: MiniBrowser.exe
P2: 1.0.0.1
P3: 4D36E22A
P4: 16
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Users\Otakar Vavrečka\AppData\Local\Temp\WER3B5B.tmp.mdmp

Tyto soubory mohou být k dispozici zde:
C:\Users\Otakar Vavrečka\AppData\Local\Microsoft\Windows\WER\ReportQueue\NonCritical_MiniBrowser.exe_f26cdfaf44a18e90bc42495def7f8db96d8b56b_cab_0b063d2f

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: d2092c71-294f-11e1-a8ad-00271361010a
Stav hlášení: 4
Record Number: 37145
Source Name: Windows Error Reporting
Time Written: 20111218081101.000000-000
Event Type: Informace
User:

Computer Name: PC-Otakar
Event Code: 1001
Message: Chybný blok 1687744802, typ 5
Název události: FaultTolerantHeap
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: MiniBrowser.exe
P2: 1.0.0.1
P3: 4D36E22A
P4: 16
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Users\Otakar Vavrečka\AppData\Local\Temp\WERB03C.tmp.mdmp

Tyto soubory mohou být k dispozici zde:
C:\Users\Otakar Vavrečka\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_MiniBrowser.exe_f26cdfaf44a18e90bc42495def7f8db96d8b56b_0744bf68

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: b3bc81dc-294a-11e1-a8ad-00271361010a
Stav hlášení: 0
Record Number: 37144
Source Name: Windows Error Reporting
Time Written: 20111218073426.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: PC-Otakar
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 108351
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120920083228.370022-000
Event Type: Úspěšný audit
User:

Computer Name: PC-Otakar
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC-OTAKAR$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x210
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 108350
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120920083228.370022-000
Event Type: Úspěšný audit
User:

Computer Name: PC-Otakar
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 108349
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120920083228.260822-000
Event Type: Úspěšný audit
User:

Computer Name: PC-Otakar
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC-OTAKAR$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x210
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 108348
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120920083228.260822-000
Event Type: Úspěšný audit
User:

Computer Name: PC-Otakar
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-20
Název účtu: NETWORK SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e4

Oprávnění: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 108347
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120920083228.151622-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d

-----------------EOF-----------------

[Rudy]

Log.txt je kompletní, info.txt je pro daný problém nezajímavé.

Nejprve zkuste toto:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

[rakato11]

Zde je log z AdwCleaner.

# AdwCleaner v2.106 - Logfile created 01/19/2013 at 12:17:53
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Otakar Vavrečka - PC-OTAKAR
# Boot Mode : Normal
# Running from : C:\Users\Otakar Vavrečka\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin.xml
File Found : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\plasmoo.xml
Folder Found : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\SweetPacks
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\Software\SweetPacks
Key Found : HKU\S-1-5-21-505298747-3480647553-2469496864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={FAD3F879-6066-11E2-AC33-00271361010A}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={FAD3F879-6066-11E2-AC33-00271361010A}

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Found : user_pref("browser.search.selectedEngine", "SweetIM Search");
Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&barid={FAD3F879-6066-11E2-AC33-[...]
Found : user_pref("plasmoo.search.engine.prevsearchdefaultenginename", "ICQ Search");
Found : user_pref("plasmoo.search.engine.prevstartuphomepage", "google");
Found : user_pref("plasmoo.search.engine.status", "INSTALLED");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "ICQ Search");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "ICQ Search");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.cz/");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={FAD3[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [56812 octets] - [24/12/2012 10:52:22]
AdwCleaner[R2].txt - [1098 octets] - [24/12/2012 10:58:11]
AdwCleaner[R3].txt - [1344 octets] - [26/12/2012 23:25:59]
AdwCleaner[R4].txt - [1404 octets] - [27/12/2012 00:59:34]
AdwCleaner[R5].txt - [3671 octets] - [19/01/2013 12:17:53]
AdwCleaner[S1].txt - [58070 octets] - [24/12/2012 10:54:07]
AdwCleaner[S2].txt - [1159 octets] - [24/12/2012 10:58:47]

########## EOF - C:\AdwCleaner[R5].txt - [3852 octets] ##########

[Rudy]

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

[rakato11]

# AdwCleaner v2.106 - Logfile created 01/19/2013 at 12:50:58
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Otakar Vavrečka - PC-OTAKAR
# Boot Mode : Normal
# Running from : C:\Users\Otakar Vavrečka\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [56812 octets] - [24/12/2012 10:52:22]
AdwCleaner[R2].txt - [1098 octets] - [24/12/2012 10:58:11]
AdwCleaner[R3].txt - [1344 octets] - [26/12/2012 23:25:59]
AdwCleaner[R4].txt - [1404 octets] - [27/12/2012 00:59:34]
AdwCleaner[R5].txt - [3921 octets] - [19/01/2013 12:17:53]
AdwCleaner[R6].txt - [3981 octets] - [19/01/2013 12:46:59]
AdwCleaner[S1].txt - [58070 octets] - [24/12/2012 10:54:07]
AdwCleaner[S2].txt - [1159 octets] - [24/12/2012 10:58:47]
AdwCleaner[S4].txt - [4017 octets] - [19/01/2013 12:47:22]
AdwCleaner[S5].txt - [1668 octets] - [19/01/2013 12:50:58]

########## EOF - C:\AdwCleaner[S5].txt - [1728 octets] ##########

[Rudy]

Dejte nový log RSIT.

[rakato11]

Log RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Otakar Vavrečka at 2013-01-19 13:53:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 65 GB (41%) free of 158 GB
Total RAM: 3066 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:53:37, on 19.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Otakar Vavrečka\Desktop\Gmail Notifier Plus.exe
C:\Users\Otakar Vavrečka\Desktop\RSIT.exe
C:\Program Files\trend micro\Otakar Vavrečka.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - Global Startup: Update Scheduler for Proteus Professional 7.lnk = ?
O8 - Extra context menu item: Free YouTube Download - C:\Users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5514 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wrc@avast.com:20110101, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"=C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
butterscotch_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\
badoo.xml
hledejcenycz.xml
icq-search.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\bin\listicka.dll [2012-04-16 1508376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll [2012-04-16 188952]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update Scheduler for Proteus Professional 7.lnk - C:\Program Files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-19 12:50:58 ----A---- C:\AdwCleaner[S5].txt
2013-01-19 12:47:22 ----A---- C:\AdwCleaner[S4].txt
2013-01-19 12:46:59 ----A---- C:\AdwCleaner[R6].txt
2013-01-19 12:17:53 ----A---- C:\AdwCleaner[R5].txt
2013-01-18 22:49:34 ----D---- C:\rsit
2013-01-18 21:17:48 ----D---- C:\Program Files\MSXML 4.0
2013-01-17 12:26:19 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Sweetpacks
2013-01-17 10:36:44 ----SHD---- C:\Config.Msi
2013-01-17 06:29:52 ----D---- C:\Program Files\Uniblue
2013-01-17 05:47:07 ----D---- C:\Windows\WM Capture 6
2013-01-17 05:46:43 ----A---- C:\WM Capture 6 Setup Log.txt
2013-01-16 19:39:05 ----D---- C:\Program Files\Real
2013-01-16 19:38:42 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Real
2013-01-16 19:36:29 ----D---- C:\ProgramData\Real
2013-01-14 10:07:55 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-01-14 10:07:55 ----A---- C:\Windows\system32\javaw.exe
2013-01-14 10:07:55 ----A---- C:\Windows\system32\java.exe
2013-01-10 20:51:30 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 06:54:05 ----A---- C:\Windows\system32\win32k.sys
2013-01-10 06:54:03 ----A---- C:\Windows\system32\win32spl.dll
2013-01-10 06:53:52 ----A---- C:\Windows\system32\msxml6.dll
2013-01-10 06:53:37 ----A---- C:\Windows\system32\taskhost.exe
2013-01-10 06:53:37 ----A---- C:\Windows\system32\ncrypt.dll
2012-12-27 01:25:05 ----SHD---- C:\$RECYCLE.BIN
2012-12-27 00:59:34 ----A---- C:\AdwCleaner[R4].txt
2012-12-26 23:25:59 ----A---- C:\AdwCleaner[R3].txt
2012-12-26 22:27:24 ----D---- C:\Windows\erdnt
2012-12-25 21:12:45 ----D---- C:\Program Files\trend micro
2012-12-24 10:58:47 ----A---- C:\AdwCleaner[S2].txt
2012-12-24 10:58:11 ----A---- C:\AdwCleaner[R2].txt
2012-12-24 10:54:07 ----A---- C:\AdwCleaner[S1].txt
2012-12-24 10:52:22 ----A---- C:\AdwCleaner[R1].txt
2012-12-22 19:21:40 ----D---- C:\TapinRadio - Radio 7
2012-12-21 12:55:48 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 12:55:48 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2013-01-19 13:53:37 ----D---- C:\Windows\Prefetch
2013-01-19 13:53:30 ----D---- C:\Windows\Temp
2013-01-19 13:48:17 ----D---- C:\Windows\system32\config
2013-01-19 12:56:42 ----D---- C:\Windows\inf
2013-01-19 12:56:42 ----AD---- C:\Windows\System32
2013-01-19 12:56:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-19 08:27:13 ----SHD---- C:\System Volume Information
2013-01-19 08:22:46 ----D---- C:\Windows\system32\Tasks
2013-01-19 08:21:02 ----D---- C:\Windows\Tasks
2013-01-19 08:21:02 ----D---- C:\Windows\system32\wfp
2013-01-19 08:20:59 ----D---- C:\Windows\system32\wbem
2013-01-19 08:20:59 ----D---- C:\Windows
2013-01-19 08:19:48 ----D---- C:\Windows\winsxs
2013-01-19 08:19:48 ----D---- C:\Windows\system32\DriverStore
2013-01-19 08:19:48 ----D---- C:\Windows\system32\catroot2
2013-01-19 08:19:48 ----D---- C:\Program Files\Internet Explorer
2013-01-19 08:19:44 ----D---- C:\Windows\system32\NDF
2013-01-19 08:19:44 ----D---- C:\Windows\system32\drivers\etc
2013-01-19 08:19:44 ----D---- C:\Windows\system32\drivers
2013-01-19 08:19:44 ----D---- C:\Windows\system32\CodeIntegrity
2013-01-19 08:19:39 ----SHD---- C:\Windows\Installer
2013-01-19 08:19:38 ----RSD---- C:\Windows\assembly
2013-01-19 08:19:33 ----D---- C:\Windows\AppCompat
2013-01-19 08:19:32 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\IrfanView
2013-01-19 08:19:27 ----D---- C:\ProgramData\YTD Video Downloader
2013-01-19 08:19:26 ----D---- C:\Program Files\Seznam.cz
2013-01-19 08:19:13 ----D---- C:\Program Files\Microsoft Silverlight
2013-01-19 08:18:52 ----D---- C:\Windows\registration
2013-01-19 08:18:04 ----D---- C:\Windows\system32\catroot
2013-01-19 08:17:54 ----D---- C:\Windows\Microsoft.NET
2013-01-19 08:16:45 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-01-19 08:16:16 ----D---- C:\ProgramData
2013-01-19 08:16:14 ----RD---- C:\Program Files
2013-01-19 08:16:02 ----D---- C:\Program Files\Java
2013-01-19 08:15:58 ----D---- C:\Program Files\Google
2013-01-19 08:15:55 ----D---- C:\Program Files\Common Files
2013-01-18 21:39:49 ----D---- C:\Windows\Panther
2013-01-18 21:39:49 ----D---- C:\Windows\debug
2013-01-17 11:43:06 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Ignite
2013-01-16 19:39:15 ----A---- C:\Windows\system32\pncrt.dll
2013-01-16 19:39:08 ----A---- C:\Windows\system32\msvcr71.dll
2013-01-10 09:00:24 ----A---- C:\Windows\system32\MRT.exe
2013-01-09 16:31:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-12-27 01:39:56 ----D---- C:\Program Files\CCleaner
2012-12-26 23:59:26 ----A---- C:\Windows\system.ini
2012-12-26 23:53:31 ----D---- C:\Windows\AppPatch
2012-12-26 17:46:01 ----D---- C:\hp
2012-12-24 10:54:09 ----D---- C:\ProgramData\ICQ
2012-12-20 17:35:06 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 20624]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-07 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.SYS [2003-07-19 18848]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 PPSCAN;PPSCAN; C:\Windows\system32\drivers\PPSCAN.sys [2002-03-29 91520]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2011-08-11 12984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-23 1343400]

-----------------EOF-----------------

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na

tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o

jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte

spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni

aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni

stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu

pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[rakato11]

Musim psat z druheho pocitace, nebot po proskenovani Combofixem mi nejdou otevrit prohlizece a dalsi aplikace, vyskakuji hlasky ze tyto maji byt odebrany. Sken davam pomoci flesky, alespon to mi slo, jsem z toho na prasky .

ComboFix 13-01-17.04 - Otakar Vavrečka 19.01.2013 17:21:08.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.1866 [GMT 1:00]
Spuštěný z: c:\users\Otakar VavreŔka\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Otakar Vavrečka\AppData\Local\Temp\rad7AEC0.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\Otakar Vavrečka\AppData\Local\temp\rad80862.tmp\bin\Gadget.Interop.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad7AEC0.tmp\bin\x86\sharpwrapi_Win32.dll
c:\users\OTAKAR~1\AppData\Local\Temp\rad80862.tmp\bin\Gadget.Interop.dll
.
Nakažená kopie c:\windows\system32\user32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache\user32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-19 do 2013-01-19 )))))))))))))))))))))))))))))))
.
.
2013-01-19 16:28 . 2013-01-19 16:44 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Local\temp
2013-01-19 16:28 . 2013-01-19 16:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-19 16:14 . 2013-01-19 16:14 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{343C2686-195D-4F1A-87EE-BEEE45FC471E}\offreg.dll
2013-01-19 07:26 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{343C2686-195D-4F1A-87EE-BEEE45FC471E}\mpengine.dll
2013-01-18 21:49 . 2013-01-19 12:53 -------- d-----w- C:\rsit
2013-01-18 20:17 . 2013-01-18 20:17 -------- d-----w- c:\program files\MSXML 4.0
2013-01-17 11:26 . 2013-01-17 11:34 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Sweetpacks
2013-01-17 05:29 . 2013-01-18 17:02 -------- d-----w- c:\program files\Uniblue
2013-01-17 04:47 . 2013-01-19 07:19 -------- d-----w- c:\windows\WM Capture 6
2013-01-16 18:39 . 2013-01-16 18:45 -------- d-----w- c:\program files\Real
2013-01-16 18:38 . 2013-01-16 18:44 -------- d-----w- c:\users\Otakar Vavrečka\AppData\Roaming\Real
2013-01-14 09:07 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-10 05:54 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 05:54 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 05:53 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-10 05:53 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 05:53 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-12-25 20:12 . 2013-01-19 12:53 -------- d-----w- c:\program files\trend micro
2012-12-22 18:21 . 2013-01-19 07:19 -------- d-----w- C:\TapinRadio - Radio 7
2012-12-21 11:55 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 11:55 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-16 18:39 . 2011-12-07 10:01 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-01-09 15:31 . 2012-04-03 09:08 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 15:31 . 2011-05-18 10:42 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-14 02:09 . 2012-12-12 09:10 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 09:10 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 09:10 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 09:10 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 09:10 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 09:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 08:38 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-02 14:57 . 2012-12-04 21:48 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2012-11-02 14:57 . 2012-12-04 21:48 21344 ----a-w- c:\windows\system32\authuitu.dll
2012-11-02 05:11 . 2012-12-12 08:38 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-30 22:51 . 2011-02-25 16:08 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-02-22 14:56 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-02-22 14:56 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-02-22 14:56 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-08-27 18:14 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-10-30 22:51 . 2011-02-22 14:56 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-02-22 14:55 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-02-22 14:55 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-19 10:52 . 2013-01-10 19:51 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\bin\toolbar\toolbar.dll" [2012-04-16 188952]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
"hppwrsav"="c:\scanjet\PrecisionScanLT\hppwrsav.exe" [1999-06-07 23552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Update Scheduler for Proteus Professional 7.lnk - c:\program files\Labcenter Electronics\Proteus 7 Professional\BIN\UDSCHED.EXE [2011-6-28 65564]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay]
2004-11-25 21:39 151552 ----a-w- c:\windows\System32\MSTMON_N.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
2011-05-25 08:00 491040 ----a-w- c:\program files\Seznam.cz\postak.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [x]
R2 PPSCAN;PPSCAN; [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: Free YouTube Download - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Otakar Vavrečka\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\bin\listicka.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: network.proxy.type - 1
FF - ExtSQL: 2012-12-04 22:46; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\program files\Common Files\DVDVideoSoft\plugins\ff
FF - ExtSQL: 2012-12-06 21:39; torntv@torntv.com; c:\users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\extensions\torntv@torntv.com.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
.
**************************************************************************
.
Celkový čas: 2013-01-19 17:46:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-19 16:46
.
Před spuštěním: Volných bajtů: 68 485 070 848
Po spuštění: Volných bajtů: 68 284 129 280
.
- - End Of File - - AFB6FC6233DAF1B4CE15406E083B365A

[rakato11]

Hurááááá, po restartu PC už to jede .

[Rudy]

A log již vypadá čistý.