prosim o kontrolu - mozna tu mam vir

[BlekotaCZ]

Diky

Logfile of random's system information tool 1.07 (written by random/random)
Run by matousek at 2010-06-28 11:08:35
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (57%) free of 30 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:48, on 28.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\WLTRYSVC.EXE
C:\windows\System32\bcmwltry.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\windows\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\windows\System32\svchost.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\windows\Explorer.EXE
C:\windows\system32\rundll32.exe
C:\windows\system32\RunDLL32.exe
C:\windows\RTHDCPL.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\OEM13Mon.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Winamp\winampa.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\windows\System32\svchost.exe
D:\Dokumenty\Internet Copy\Download\RSIT.exe
C:\Program Files\trend micro\matousek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] C:\windows\OEM13Mon.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [HPUsageTracking] "c:\Program Files\HP\HP UT\bin\hppusg.exe" "c:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1935655697-57989841-1417001333-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Acronis Agent User')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0541066078
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Acronis Remote Agent (AcronisAgent) - Acronis - C:\Program Files\Common Files\Acronis\Agent\agent.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Acronis Managed Machine Service (MMS) - Acronis - C:\Program Files\Acronis\BackupAndRecovery\mms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\windows\System32\WLTRYSVC.EXE

--
End of file - 7652 bytes

======Scheduled tasks folder======

C:\windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-03-01 13508608]
"nwiz"=nwiz.exe /installquiet []
"NVHotkey"=nvHotkey.dll,Start []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-11-06 16855552]
"Alcmtr"=C:\windows\ALCMTR.EXE [2005-05-03 69632]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-10-09 2183168]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"OSSelectorReinstall"=C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2007-02-22 2209224]
"OEM13Mon.exe"=C:\windows\OEM13Mon.exe [2008-01-08 36864]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-12-14 159744]
""= []
"HPUsageTracking"=c:\Program Files\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"D:\Cd-hry\World of Warcraft\Launcher.exe"="D:\Cd-hry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\Cd-hry\HoN\hon.exe"="D:\Cd-hry\HoN\hon.exe:*:Enabled:Heroes of Newerth"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"D:\Programy\uConfig.exe"="D:\Programy\uConfig.exe:*:Enabled:uConfig"
"D:\Programy\Totalcmd 7.50\TOTALCMD.EXE"="D:\Programy\Totalcmd 7.50\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"D:\Programy\uTorrent\utorrent.exe"="D:\Programy\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Cd-hry\World of Warcraft\Repair.exe"="D:\Cd-hry\World of Warcraft\Repair.exe:*:Enabled:Repair"
"D:\Cd-hry\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="D:\Cd-hry\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint01.exe"="C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint01.exe:*:Enabled:hppniprint01.exe"
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint64.exe"="C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint64.exe:*:Enabled:hppniprint64.exe"
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppnicifs01.exe"="C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppnicifs01.exe:*:Enabled:hppnicifs01.exe"
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\CustomPrnDnld\hppcstpg.exe"="C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\CustomPrnDnld\hppcstpg.exe:*:Enabled:hppcstpg.exe"
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hpbtpg.exe"="C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hpbtpg.exe:*:Enabled:hpbtpg.exe"
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\LaunchApp.exe"="C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\LaunchApp.exe:*:Enabled:launchapp.exe"
"C:\Program Files\3Com\3Com Device Manager\jre\bin\javaw.exe"="C:\Program Files\3Com\3Com Device Manager\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Common Files\Acronis\Agent\agent.exe"="C:\Program Files\Common Files\Acronis\Agent\agent.exe:*:Enabled:Acronis Remote Agent"
"C:\Program Files\Acronis\BackupAndRecovery\mms.exe"="C:\Program Files\Acronis\BackupAndRecovery\mms.exe:*:Enabled:Acronis Managed Machine Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-06-28 10:55:13 ----D---- C:\Program Files\CCleaner
2010-06-28 10:48:40 ----D---- C:\rsit
2010-06-28 10:48:40 ----D---- C:\Program Files\trend micro
2010-06-25 23:00:59 ----D---- C:\Documents and Settings\matousek\Data aplikací\ICQ
2010-06-25 09:46:59 ----A---- C:\windows\Tmakia.exe
2010-06-24 10:54:34 ----D---- C:\Program Files\XBCD
2010-06-11 11:34:55 ----D---- C:\Documents and Settings\matousek\Data aplikací\Avery
2010-06-11 11:27:34 ----D---- C:\Program Files\Avery Dennison
2010-06-11 11:27:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avery
2010-06-11 11:20:46 ----D---- C:\Program Files\Avery
2010-06-04 17:47:12 ----D---- C:\Program Files\DAEMON Tools Lite
2010-06-04 17:47:00 ----D---- C:\Documents and Settings\matousek\Data aplikací\DAEMON Tools Lite
2010-06-04 17:46:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-06-04 17:42:30 ----A---- C:\windows\DiabUnin.exe
2010-06-04 12:34:14 ----D---- C:\Documents and Settings\matousek\Data aplikací\Help
2010-06-04 12:29:12 ----A---- C:\windows\IsUninst.exe
2010-06-04 11:36:50 ----A---- C:\windows\diabswun.exe
2010-06-04 11:36:50 ----A---- C:\windows\bnetunin.exe
2010-06-02 20:14:57 ----D---- C:\Documents and Settings\matousek\Data aplikací\Media Player Classic

======List of files/folders modified in the last 1 months======

2010-06-28 11:08:36 ----D---- C:\windows\Temp
2010-06-28 11:07:20 ----D---- C:\WINDOWS
2010-06-28 11:04:23 ----A---- C:\windows\SchedLgU.Txt
2010-06-28 11:03:18 ----RD---- C:\Program Files
2010-06-28 11:03:18 ----D---- C:\windows\Prefetch
2010-06-28 11:03:00 ----RD---- C:\Program Files\Skype
2010-06-28 11:02:58 ----SHD---- C:\windows\Installer
2010-06-28 10:56:01 ----D---- C:\windows\system32\LogFiles
2010-06-28 10:55:59 ----D---- C:\windows\Debug
2010-06-27 21:17:23 ----D---- C:\Program Files\ICQ7.0
2010-06-27 21:13:20 ----D---- C:\windows\system32\CatRoot2
2010-06-27 21:07:25 ----D---- C:\windows\system32
2010-06-25 23:34:01 ----SD---- C:\windows\Tasks
2010-06-24 11:09:56 ----HD---- C:\windows\inf
2010-06-24 11:03:36 ----D---- C:\Program Files\Mozilla Firefox
2010-06-24 10:54:35 ----D---- C:\windows\system32\drivers
2010-06-23 13:46:36 ----RSD---- C:\windows\assembly
2010-06-23 13:46:14 ----D---- C:\windows\Microsoft.NET
2010-06-23 11:37:54 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-06-23 11:37:29 ----D---- C:\windows\WinSxS
2010-06-20 17:02:48 ----D---- C:\Documents and Settings\matousek\Data aplikací\Skype
2010-06-20 17:00:28 ----D---- C:\Documents and Settings\matousek\Data aplikací\skypePM
2010-06-17 10:03:03 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-06-11 11:28:43 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-11 11:27:46 ----RSD---- C:\windows\Fonts
2010-06-11 11:27:05 ----D---- C:\Program Files\Common Files\InstallShield
2010-06-10 08:54:06 ----D---- C:\Program Files\Internet Explorer
2010-06-10 07:57:28 ----RSHDC---- C:\windows\system32\dllcache
2010-06-10 07:57:10 ----HD---- C:\windows\$hf_mig$
2010-06-10 07:55:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-06-10 07:52:01 ----D---- C:\windows\ie8updates
2010-06-04 17:35:49 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\windows\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\windows\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;EAMON; C:\windows\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2009-10-20 50704]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\windows\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\windows\system32\DRIVERS\nwlnknb.sys [2006-03-02 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\windows\system32\DRIVERS\nwlnkspx.sys [2006-03-02 55936]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\windows\system32\DRIVERS\Apfiltr.sys [2007-12-14 155136]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\windows\system32\DRIVERS\bcmwl5.sys [2007-10-09 1123328]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-11-14 4625408]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2008-03-01 6658592]
R3 O2MDRDR;O2MDRDR; C:\windows\system32\DRIVERS\o2media.sys [2008-02-14 48472]
R3 O2SDRDR;O2SDRDR; C:\windows\system32\DRIVERS\o2sd.sys [2008-02-14 43480]
R3 OEM13Afx;Provides a software interface to control audio effects of OEM013 camera.; \??\C:\WINDOWS\system32\Drivers\OEM13Afx.sys []
R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver; C:\windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 7424]
R3 OEM13Vid;Creative Camera OEM013 Driver; C:\windows\system32\DRIVERS\OEM13Vid.sys [2008-05-29 235840]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2010-01-21 202064]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 OMCI;OMCI; \??\C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS []
S3 ax15h2b6;ax15h2b6; C:\windows\system32\drivers\ax15h2b6.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 Ser2pl;USB-to-Serial Comm. Port; C:\windows\system32\DRIVERS\ser2pl.sys [2005-09-08 48640]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcronisAgent;Acronis Remote Agent; C:\Program Files\Common Files\Acronis\Agent\agent.exe [2009-11-27 1865560]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-11-27 665032]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MMS;Acronis Managed Machine Service; C:\Program Files\Acronis\BackupAndRecovery\mms.exe [2009-11-27 4285664]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-03-01 155716]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2008-02-14 65536]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\windows\System32\WLTRYSVC.EXE [2007-10-09 24064]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2008-04-14 14336]
S2 SSHNAS;SSHNAS; C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Zdravím


Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[BlekotaCZ]

posilam dva nove logy:

Extras.txt

OTL Extras logfile created on: 28.6.2010 15:58:41 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Dokumenty\Internet Copy\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,20 Gb Total Space | 16,80 Gb Free Space | 57,52% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 6,02 Gb Free Space | 13,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHQN
Current User Name: matousek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1935655697-57989841-1417001333-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Winamp Remote\bin\Orb.exe" = C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" = C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"D:\Cd-hry\World of Warcraft\Launcher.exe" = D:\Cd-hry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"D:\Cd-hry\HoN\hon.exe" = D:\Cd-hry\HoN\hon.exe:*:Enabled:Heroes of Newerth -- (S2 Games)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"D:\Programy\uConfig.exe" = D:\Programy\uConfig.exe:*:Enabled:uConfig -- ()
"D:\Programy\Totalcmd 7.50\TOTALCMD.EXE" = D:\Programy\Totalcmd 7.50\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"D:\Programy\uTorrent\utorrent.exe" = D:\Programy\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Cd-hry\World of Warcraft\Repair.exe" = D:\Cd-hry\World of Warcraft\Repair.exe:*:Enabled:Repair -- (Blizzard Entertainment, Inc.)
"D:\Cd-hry\World of Warcraft\WoW-3.2.0-enGB-downloader.exe" = D:\Cd-hry\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint01.exe" = C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint01.exe:*:Enabled:hppniprint01.exe -- (Hewlett-Packard)
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint64.exe" = C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppniprint64.exe:*:Enabled:hppniprint64.exe -- (Hewlett-Packard)
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppnicifs01.exe" = C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hppnicifs01.exe:*:Enabled:hppnicifs01.exe -- ()
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\CustomPrnDnld\hppcstpg.exe" = C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\CustomPrnDnld\hppcstpg.exe:*:Enabled:hppcstpg.exe -- (Hewlett Packard)
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hpbtpg.exe" = C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\hpbtpg.exe:*:Enabled:hpbtpg.exe -- (Hewlet-Packard)
"C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\LaunchApp.exe" = C:\HP_CM2320_series_full_solution_v3.0_EMEA2\setup\LaunchApp.exe:*:Enabled:launchapp.exe -- (Hewlett Packard)
"C:\Program Files\3Com\3Com Device Manager\jre\bin\javaw.exe" = C:\Program Files\3Com\3Com Device Manager\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Common Files\Acronis\Agent\agent.exe" = C:\Program Files\Common Files\Acronis\Agent\agent.exe:*:Enabled:Acronis Remote Agent -- (Acronis)
"C:\Program Files\Acronis\BackupAndRecovery\mms.exe" = C:\Program Files\Acronis\BackupAndRecovery\mms.exe:*:Enabled:Acronis Managed Machine Service -- (Acronis)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0665E2D2-2CF0-47C3-A0BA-11DCEFB0636F}" = Acronis Backup & Recovery 10 Upgrade Tool
"{07F6BABF-0653-41A0-BCB7-8C2148AD2F1A}" = Acronis Backup & Recovery 10 Tray Monitor
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{0E2D23C7-037B-BF76-FC2E-DDF142C4B8DC}" = Reg (DOFUS Audio Subsystem)
"{176B7642-72A8-49D0-8EC4-26D59D8E21B2}" = Klient Správy přístupových práv v systému Windows s aktualizací Service Pack 2
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{2517B7EA-6C03-4D86-A1B1-F3FE1C3BC03B}" = Radmin Viewer 3.4
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 19
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{372B31CF-77FB-4E29-860C-A0EA2985AB7F}" = O2Micro Flash Memory Card Reader Driver (x86)
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4FB3E151-3AFE-458B-8DE8-D8913CCB2527}" = Acronis Backup & Recovery 10 Standalone Management Console
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{66AED2E9-E9E3-4894-B656-FD552800551F}" = hppManualsCM2320
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142060}" = Java 2 Runtime Environment, SE v1.4.2_06
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75A79BA0-4317-4CE6-924C-B0B3175EBEF9}" = hppscanCM2320
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77697747-7567-428D-8394-2287586F6974}" = hppusgCM2320
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90859A61-C317-48B9-8E31-4B742611FD19}" = Acronis Backup & Recovery 10 Agent
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{99EE30D2-A7EA-486C-9AD4-57C8583375BF}" = hppSendFaxCM2320
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B226235F-51A4-4090-B5DB-5482A28D1B0F}" = hppFaxDrvCM2320
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{BF0C558D-BB2C-4819-88E1-1921D2BA7E00}" = hppCLJCM2320
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C10D6AB8-05BB-422D-AAE3-36D6E0381487}" = ESET NOD32 Antivirus
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB64E215-F6BB-4BB4-8039-9F800C80B211}" = Acronis Backup & Recovery 10 Universal Restore
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1901237-60AE-4659-8A07-073588714967}" = hppScanToCM2320
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D7B5BD84-C87C-8974-2A46-6B20FE7D1C86}" = Dofus
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Klient Správy přístupových práv v systému Windows SP2, zpětná kompatibilita
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = UC-232A USB-to-Serial
"{ECF3E482-9188-4e29-9C31-E02FD8DC74C0}" = HP Color LaserJet CM2320 MFP Series 3.0
"{EF94DF68-3144-4503-8F11-D022D2176E32}" = hppFaxUtilityCM2320
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB98D390-54A4-4CD1-93D3-FBC96A6F07A3}" = DesignPro 5
"{FE361859-B039-4E17-96AC-D111183DCF99}" = Acronis Backup & Recovery 10 Bootable Components and Media Builder
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF841249-0D6B-41D7-8013-953EE3A33263}" = hppQFolderCM2320
"3Com Device Manager" = 3Com Device Manager
"ACDSee" = ACDSee
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Broadcom 802.11b Network Adapter" = Bezdrátová karta WLAN Dell
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1181
"CCleaner" = CCleaner
"Creative OEM013" = Laptop Integrated Webcam Driver (1.01.01.0529)
"Diablo" = Diablo
"Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Dofus
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"hon" = Heroes of Newerth
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ie8" = Windows Internet Explorer 8
"Informační systém ISvoš_is1" = ISvoš 4
"InstallShield_{FB98D390-54A4-4CD1-93D3-FBC96A6F07A3}" = DesignPro 5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM" = Miranda IM 0.8.26
"Mozilla Firefox (3.6.4)" = Mozilla Firefox (3.6.4)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"PSPad editor_is1" = PSPad editor
"Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Reg (DOFUS Audio Subsystem)
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"uTorrent" = µTorrent
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinPcapInst" = WinPcap 4.1.1
"Wireshark" = Wireshark 1.2.7
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XBCD" = XBCD 1.07

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1935655697-57989841-1417001333-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Diablo" = Diablo

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.4.2010 3:59:58 | Computer Name = PHQN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.4.2010 5:10:25 | Computer Name = PHQN | Source = Application Error | ID = 1000
Description = Chybující aplikace launcher.exe, verze 2.1.1.1462, chybující modul
launcher.exe, verze 2.1.1.1462, adresa chyby 0x000a26f8.

Error - 21.4.2010 10:19:50 | Computer Name = PHQN | Source = SecurityCenter | ID = 1802
Description = Službě Centrum zabezpečení systému Windows se nepodařilo vytvořit
dotazy na události na službu WMI v zájmu sledování antivirového programu a brány
firewall třetí strany.

Error - 27.5.2010 5:03:24 | Computer Name = PHQN | Source = Application Error | ID = 1000
Description = Chybující aplikace isvos.exe, verze 4.0.0.0, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 27.5.2010 5:03:26 | Computer Name = PHQN | Source = Application Error | ID = 1000
Description = Chybující aplikace isvos.exe, verze 4.0.0.0, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 27.5.2010 7:37:30 | Computer Name = PHQN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hon.exe, verze 0.1.54.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.5.2010 7:31:16 | Computer Name = PHQN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace KMPlayer.exe, verze 2.9.4.1435, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.6.2010 3:15:27 | Computer Name = PHQN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.2.3743, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.6.2010 7:40:31 | Computer Name = PHQN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace TOTALCMD.EXE, verze 7.5.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.6.2010 6:05:44 | Computer Name = PHQN | Source = Microsoft Office 12 | ID = 1000
Description = Faulting application excel.exe, version 12.0.6535.5002, stamp 4bd2a7f1,
faulting module sddm32.dll, version 5.60.2629.0, stamp 40423aa6, debug? 0, fault
address 0x000032df.

[ OSession Events ]
Error - 22.6.2010 6:05:43 | Computer Name = PHQN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 6670
seconds with 1440 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 25.6.2010 10:49:04 | Computer Name = PHQN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.91 pro síťovou kartu s adresou 001644E853FA
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 25.6.2010 10:50:24 | Computer Name = PHQN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.91 pro síťovou kartu s adresou 001644E853FA
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 25.6.2010 17:24:55 | Computer Name = PHQN | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 27.6.2010 15:08:00 | Computer Name = PHQN | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 27.6.2010 15:10:37 | Computer Name = PHQN | Source = Service Control Manager | ID = 7023
Description = Služba SSHNAS byla ukončena s následující chybou: %%126

Error - 27.6.2010 15:12:03 | Computer Name = PHQN | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 28.6.2010 4:43:58 | Computer Name = PHQN | Source = Service Control Manager | ID = 7023
Description = Služba SSHNAS byla ukončena s následující chybou: %%126

Error - 28.6.2010 4:45:22 | Computer Name = PHQN | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 28.6.2010 5:05:46 | Computer Name = PHQN | Source = Service Control Manager | ID = 7023
Description = Služba SSHNAS byla ukončena s následující chybou: %%126

Error - 28.6.2010 5:07:12 | Computer Name = PHQN | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.


< End of report >

[BlekotaCZ]

otl.txt

OTL logfile created on: 28.6.2010 15:58:41 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Dokumenty\Internet Copy\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,20 Gb Total Space | 16,80 Gb Free Space | 57,52% Space Free | Partition Type: NTFS
Drive D: | 45,23 Gb Total Space | 6,02 Gb Free Space | 13,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PHQN
Current User Name: matousek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.28 15:57:45 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Dokumenty\Internet Copy\Download\OTL.exe
PRC - [2010.06.24 11:02:38 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.06.24 11:02:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.02.11 14:01:40 | 005,150,504 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2010.02.11 13:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.11.27 19:59:56 | 000,665,032 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009.11.27 19:57:30 | 001,865,560 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Agent\agent.exe
PRC - [2009.11.27 19:35:02 | 004,285,664 | ---- | M] (Acronis) -- C:\Program Files\Acronis\BackupAndRecovery\mms.exe
PRC - [2009.10.07 10:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.10.07 10:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.09.09 08:50:00 | 003,514,112 | ---- | M] (Ghisler Software GmbH) -- D:\Programy\Totalcmd 7.50\TOTALCMD.EXE
PRC - [2008.08.04 01:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.14 18:46:00 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2008.01.08 01:00:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\OEM13Mon.exe
PRC - [2007.12.14 11:51:52 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007.12.14 11:44:46 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007.12.14 11:43:08 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007.12.14 11:43:00 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe


========== Modules (SafeList) ==========

MOD - [2010.06.28 15:57:45 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Dokumenty\Internet Copy\Download\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010.02.11 13:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.11.27 19:59:56 | 000,665,032 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.11.27 19:57:30 | 001,865,560 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Agent\agent.exe -- (AcronisAgent)
SRV - [2009.11.27 19:35:02 | 004,285,664 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Acronis\BackupAndRecovery\mms.exe -- (MMS)
SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009.10.07 10:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.10.07 10:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.02.14 18:46:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)


========== Driver Services (SafeList) ==========

DRV - [2010.05.11 14:32:15 | 000,588,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.05.11 14:24:22 | 000,162,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010.04.27 11:27:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.01.21 15:11:12 | 000,202,064 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009.10.07 10:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.10.07 10:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009.10.07 10:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008.05.29 01:01:00 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Vid.sys -- (OEM13Vid)
DRV - [2008.04.14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.01 14:17:00 | 006,658,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.02.14 18:46:00 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.02.14 18:46:00 | 000,043,480 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2007.12.14 11:42:04 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.11.14 17:14:02 | 004,625,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.10.09 19:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007.06.08 01:00:02 | 000,141,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Afx.sys -- (OEM13Afx)
DRV - [2007.03.05 18:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
DRV - [2006.03.02 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006.03.02 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2005.09.08 13:21:46 | 000,048,640 | ---- | M] (Aten Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1935655697-57989841-1417001333-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1935655697-57989841-1417001333-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.24 11:02:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.24 11:02:38 | 000,000,000 | ---D | M]

[2010.02.27 12:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Extensions
[2010.02.27 12:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\a4n7qqj3.default\extensions
[2010.06.11 11:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\a4n7qqj3.default\extensions\toolbar@ask.com
[2010.02.27 12:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\kd6vcden.default\extensions
[2010.02.27 12:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\kwcacmnd.default\extensions
[2010.02.27 12:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\n1addrg4.default\extensions
[2010.02.27 12:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\nyqpbyoj.default\extensions
[2010.06.28 11:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\valbqxrb.default\extensions
[2010.04.27 09:59:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\valbqxrb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.27 12:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\valbqxrb.default\extensions\bkmrksync@nokia.com
[2010.02.27 12:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla\Firefox\Profiles\wyvh4f60.default\extensions
[2010.06.28 11:19:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.04.30 13:10:43 | 000,000,761 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.0.77 NPIE56786
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\windows\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HPUsageTracking] c:\Program Files\HP\HP UT\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\windows\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [OEM13Mon.exe] C:\WINDOWS\OEM13Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1935655697-57989841-1417001333-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1935655697-57989841-1417001333-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 0541066078 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.23.1.129 172.26.0.10
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.04 16:03:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.09.04 16:03:06 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.28 10:57:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\matousek\Recent
[2010.06.28 10:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.06.28 10:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.28 10:48:40 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.25 23:57:55 | 000,000,000 | ---D | C] -- d:\Dokumenty\ICQ
[2010.06.25 23:00:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Data aplikací\ICQ
[2010.06.25 23:00:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Local Settings\Data aplikací\AOL
[2010.06.24 10:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\XBCD
[2010.06.11 11:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Data aplikací\Avery
[2010.06.11 11:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\Avery Dennison
[2010.06.11 11:27:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avery
[2010.06.11 11:20:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avery
[2010.06.11 09:24:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Local Settings\Data aplikací\P5
[2010.06.09 20:26:28 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\iedvtool.dll
[2010.06.04 17:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.06.04 17:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Data aplikací\DAEMON Tools Lite
[2010.06.04 17:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.06.04 17:42:30 | 000,118,784 | ---- | C] (Blizzard Entertainment) -- C:\windows\DiabUnin.exe
[2010.06.04 12:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Local Settings\Data aplikací\Help
[2010.06.04 12:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Data aplikací\Help
[2010.06.04 12:29:12 | 000,303,616 | ---- | C] (InstallShield Software Corporation) -- C:\windows\IsUninst.exe
[2010.06.04 12:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\WINDOWS
[2010.06.02 20:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\Data aplikací\Media Player Classic
[2010.06.02 20:14:55 | 004,316,160 | ---- | C] (Gabest) -- C:\Documents and Settings\matousek\Plocha\mplayerc.exe
[2010.06.02 11:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\ESET
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.28 15:39:29 | 000,196,992 | ---- | M] () -- C:\windows\System32\nvModes.001
[2010.06.28 13:33:00 | 000,000,252 | -H-- | M] () -- C:\windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.06.28 11:06:30 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2010.06.28 11:06:28 | 000,169,875 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2010.06.28 11:05:34 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010.06.28 11:05:30 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2010.06.28 11:04:42 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\matousek\NTUSER.DAT
[2010.06.28 11:04:13 | 004,803,818 | -H-- | M] () -- C:\Documents and Settings\matousek\Local Settings\Data aplikací\IconCache.db
[2010.06.25 16:52:28 | 000,196,992 | ---- | M] () -- C:\windows\System32\nvModes.dat
[2010.06.25 09:59:28 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Office Word 2007.lnk
[2010.06.23 11:37:54 | 001,013,104 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010.06.23 11:37:54 | 000,444,028 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010.06.23 11:37:54 | 000,440,812 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2010.06.23 11:37:54 | 000,083,562 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2010.06.23 11:37:54 | 000,071,904 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010.06.22 14:41:14 | 000,019,527 | ---- | M] () -- C:\Documents and Settings\matousek\Plocha\Korespondence - uchazeči (Procházka) (Matoušek) (Mičínová) (Matoušek) (Mičínová).pdf
[2010.06.20 17:00:14 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.06.18 10:54:30 | 000,002,477 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Office Excel 2007.lnk
[2010.06.18 08:57:14 | 000,011,373 | ---- | M] () -- d:\Dokumenty\movie night Palace Cinemas.xlsx
[2010.06.16 11:07:23 | 000,134,456 | ---- | M] () -- C:\Documents and Settings\matousek\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.12 17:07:28 | 000,473,968 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010.06.11 11:30:43 | 000,082,104 | -H-- | M] () -- d:\Dokumenty\clthumbs.zdx
[2010.06.11 11:30:43 | 000,000,272 | -H-- | M] () -- d:\Dokumenty\clipart.zdx
[2010.06.10 08:52:26 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\matousek\ntuser.ini
[2010.06.04 18:42:22 | 000,021,004 | ---- | M] () -- d:\Dokumenty\Blekota.CHA
[2010.06.04 17:55:48 | 000,000,400 | ---- | M] () -- d:\Dokumenty\Gold 5000.ITM
[2010.06.04 17:55:20 | 000,021,004 | ---- | M] () -- C:\TEMP_BDT.CHA
[2010.06.04 17:47:18 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.06.04 17:42:44 | 000,005,551 | ---- | M] () -- C:\windows\DiabUnin.dat
[2010.06.04 17:42:31 | 000,002,829 | ---- | M] () -- C:\windows\DiabUnin.pif
[2010.06.04 17:42:30 | 000,118,784 | ---- | M] (Blizzard Entertainment) -- C:\windows\DiabUnin.exe
[2010.06.04 12:25:39 | 000,066,936 | -HS- | M] () -- C:\windows\slinfo_0.drv
[2010.06.04 12:24:30 | 000,000,609 | ---- | M] () -- C:\Documents and Settings\matousek\Plocha\DG Scan.lnk
[2010.06.04 11:36:50 | 000,086,528 | ---- | M] () -- C:\windows\bnetunin.exe
[2010.06.04 11:36:50 | 000,061,440 | ---- | M] () -- C:\windows\diabswun.exe
[2010.06.02 20:14:55 | 004,316,160 | ---- | M] (Gabest) -- C:\Documents and Settings\matousek\Plocha\mplayerc.exe
[2010.06.01 11:30:11 | 000,000,451 | ---- | M] () -- C:\Documents and Settings\matousek\Plocha\Putty.lnk
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.25 09:46:56 | 000,000,252 | -H-- | C] () -- C:\windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.06.22 14:41:14 | 000,019,527 | ---- | C] () -- C:\Documents and Settings\matousek\Plocha\Korespondence - uchazeči (Procházka) (Matoušek) (Mičínová) (Matoušek) (Mičínová).pdf
[2010.06.22 09:48:35 | 008,618,984 | ---- | C] () -- d:\Dokumenty\MeganeII.11.2003.pdf
[2010.06.16 11:24:48 | 000,011,373 | ---- | C] () -- d:\Dokumenty\movie night Palace Cinemas.xlsx
[2010.06.11 11:30:42 | 000,082,104 | -H-- | C] () -- d:\Dokumenty\clthumbs.zdx
[2010.06.11 11:30:41 | 000,000,272 | -H-- | C] () -- d:\Dokumenty\clipart.zdx
[2010.06.04 18:42:22 | 000,021,004 | ---- | C] () -- d:\Dokumenty\Blekota.CHA
[2010.06.04 18:38:20 | 000,000,400 | ---- | C] () -- d:\Dokumenty\none-Elixir-Magic.itm
[2010.06.04 18:38:20 | 000,000,400 | ---- | C] () -- d:\Dokumenty\none-Elixir-Dexterity.itm
[2010.06.04 17:55:48 | 000,000,400 | ---- | C] () -- d:\Dokumenty\Gold 5000.ITM
[2010.06.04 17:55:20 | 000,021,004 | ---- | C] () -- C:\TEMP_BDT.CHA
[2010.06.04 17:47:18 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.06.04 17:42:31 | 000,002,829 | ---- | C] () -- C:\windows\DiabUnin.pif
[2010.06.04 17:42:19 | 000,005,551 | ---- | C] () -- C:\windows\DiabUnin.dat
[2010.06.04 12:24:30 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\matousek\Plocha\DG Scan.lnk
[2010.06.04 11:47:26 | 000,066,936 | -HS- | C] () -- C:\windows\slinfo_0.drv
[2010.06.04 11:36:50 | 000,086,528 | ---- | C] () -- C:\windows\bnetunin.exe
[2010.06.04 11:36:50 | 000,061,440 | ---- | C] () -- C:\windows\diabswun.exe
[2010.06.01 11:30:11 | 000,000,451 | ---- | C] () -- C:\Documents and Settings\matousek\Plocha\Putty.lnk
[2010.05.05 12:11:37 | 000,000,426 | ---- | C] () -- C:\windows\qvdm_install.ini
[2010.05.05 12:11:37 | 000,000,285 | ---- | C] () -- C:\windows\DeviceMgr.ini
[2010.04.30 13:13:46 | 000,000,608 | -HS- | C] () -- C:\windows\System32\winzvprt5.sys
[2010.04.30 13:10:31 | 000,000,144 | ---- | C] () -- C:\windows\System32\AddPort.ini
[2010.04.30 13:10:10 | 000,000,725 | ---- | C] () -- C:\windows\hpntwksetup.ini
[2010.04.27 11:27:00 | 000,691,696 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
[2010.03.25 11:01:20 | 000,000,214 | ---- | C] () -- C:\windows\ODBC.INI
[2010.01.12 06:35:44 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\windows\System32\pthreadVC.dll
[2008.09.04 16:41:54 | 000,139,264 | ---- | C] () -- C:\windows\System32\preflib.dll
[2008.09.04 16:41:52 | 000,753,664 | ---- | C] () -- C:\windows\System32\bcm1xsup.dll
[2008.09.04 16:14:45 | 001,703,936 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2008.09.04 16:14:45 | 001,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2008.09.04 16:14:44 | 000,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2008.09.04 16:14:43 | 001,482,752 | ---- | C] () -- C:\windows\System32\nview.dll
[2008.06.10 18:56:10 | 000,035,168 | ---- | C] () -- C:\windows\System32\drivers\epfwtdir.sys
[2006.02.09 14:47:16 | 000,106,496 | ---- | C] () -- C:\windows\System32\VSHP1020.DLL
[2001.07.07 04:00:00 | 000,003,165 | ---- | C] () -- C:\windows\System32\HPTCPMON.INI

========== LOP Check ==========

[2010.05.25 10:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2010.06.11 11:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avery
[2008.09.08 15:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cabrilog
[2010.06.04 17:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2008.09.04 16:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.04.06 12:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PDF Writer
[2010.03.19 21:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2008.09.08 15:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\backup\Data aplikací\Cabrilog
[2008.09.07 14:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\backup\Data aplikací\Windows Search
[2008.09.08 16:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\backup\Data aplikací\Zoner
[2010.04.06 13:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\app
[2010.06.11 11:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Avery
[2010.06.10 09:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\DAEMON Tools Lite
[2010.04.06 14:13:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Dofus 2
[2010.04.06 13:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.04.06 13:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.03.04 09:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\GHISLER
[2010.06.25 23:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\ICQ
[2010.05.06 15:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Miranda
[2010.04.06 12:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\PDF Writer
[2010.05.25 11:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Radmin
[2010.04.06 13:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.03.09 15:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\TeamViewer
[2010.05.25 13:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\uTorrent
[2010.03.09 13:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\VSO
[2010.05.05 14:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Wireshark
[2010.03.11 15:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Xilisoft
[2010.04.10 13:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\verunka\Data aplikací\GHISLER
[2010.05.20 19:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\verunka\Data aplikací\ICQ
[2010.06.28 13:33:00 | 000,000,252 | -H-- | M] () -- C:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\windows\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.04.06 09:55:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Adobe
[2010.04.06 13:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\app
[2010.06.11 11:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Avery
[2010.06.10 09:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\DAEMON Tools Lite
[2010.04.06 14:13:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Dofus 2
[2010.04.06 13:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.04.06 13:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.03.04 09:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\GHISLER
[2010.02.27 10:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Google
[2010.06.04 12:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Help
[2010.06.25 23:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\ICQ
[2010.02.27 10:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Identities
[2010.02.27 13:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Macromedia
[2010.06.28 10:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Media Player Classic
[2010.05.20 12:04:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\matousek\Data aplikací\Microsoft
[2010.05.06 15:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Miranda
[2010.02.27 12:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Mozilla
[2010.04.06 12:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\PDF Writer
[2010.03.11 16:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\PSpad
[2010.05.25 11:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Radmin
[2010.04.06 13:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.06.20 17:02:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Skype
[2010.06.20 17:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\skypePM
[2010.02.27 12:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Sun
[2010.03.09 15:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\TeamViewer
[2010.05.25 13:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\uTorrent
[2010.03.09 13:25:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\VSO
[2010.05.04 13:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Winamp
[2010.05.05 14:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Wireshark
[2010.03.11 15:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\matousek\Data aplikací\Xilisoft

< %APPDATA%\*.exe /s >
[2010.04.06 09:54:47 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\matousek\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.02.27 13:48:03 | 001,923,880 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\matousek\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe


< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.08.21 18:37:53 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\NLDRV\001\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: SYMMPI.SYS >
[2009.11.27 18:46:32 | 000,086,528 | ---- | M] (LSI Logic) MD5=24A0901CAFCEE7343EE62565BCFB7C9A -- C:\Program Files\Common Files\Acronis\UniversalRestore\DriversPack\LSILogic\symmpi.sys

< MD5 for: TCPIP.SYS >
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.04.27 11:27:00 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.09.04 17:49:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.09.04 17:49:09 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.09.04 17:49:09 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.28 11:06:28 | 000,169,875 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.06.28 15:39:29 | 000,196,992 | ---- | M] () -- C:\WINDOWS\system32\nvModes.001
[2010.06.25 16:52:28 | 000,196,992 | ---- | M] () -- C:\WINDOWS\system32\nvModes.dat
[2010.06.28 11:06:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
< End of report >

[Caroprd111]

Doporučuji odinstalovat µTorrent.

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.


Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O4 - HKLM..\Run: [] File not found
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[3 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2010.06.28 13:33:00 | 000,000,252 | -H-- | M] () -- C:\windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.06.04 11:36:50 | 000,086,528 | ---- | M] () -- C:\windows\bnetunin.exe
[2010.06.04 11:36:50 | 000,061,440 | ---- | M] () -- C:\windows\diabswun.exe
[2010.06.04 17:42:44 | 000,005,551 | ---- | M] () -- C:\windows\DiabUnin.dat
[2010.06.04 17:42:31 | 000,002,829 | ---- | M] () -- C:\windows\DiabUnin.pif
[2010.06.04 12:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\matousek\WINDOWS
[2010.06.04 11:47:26 | 000,066,936 | -HS- | C] () -- C:\windows\slinfo_0.drv
[2010.06.04 17:55:20 | 000,021,004 | ---- | C] () -- C:\TEMP_BDT.CHA

:Services
SSHNAS

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 

Klikněte na Opravit, PC se restartuje, log vložte sem.

[BlekotaCZ]

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\windows\SET3.tmp deleted successfully.
C:\windows\SET4.tmp deleted successfully.
C:\windows\SET8.tmp deleted successfully.
C:\windows\System32\CONFIG.TMP deleted successfully.
C:\windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\WINDOWS\bnetunin.exe moved successfully.
C:\WINDOWS\diabswun.exe moved successfully.
C:\WINDOWS\DiabUnin.dat moved successfully.
C:\windows\DiabUnin.pif moved successfully.
C:\Documents and Settings\matousek\WINDOWS\system folder moved successfully.
C:\Documents and Settings\matousek\WINDOWS folder moved successfully.
C:\WINDOWS\slinfo_0.drv moved successfully.
C:\TEMP_BDT.CHA moved successfully.
========== SERVICES/DRIVERS ==========
Service SSHNAS stopped successfully!
Service SSHNAS deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Acronis Agent User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: All Users

User: backup
->Temp folder emptied: 11262688 bytes
->Temporary Internet Files folder emptied: 2113084 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: matousek
->Temp folder emptied: 24321 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57883087 bytes
->Flash cache emptied: 1970047 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

User: verunka
->Temp folder emptied: 50806817 bytes
->Temporary Internet Files folder emptied: 50733515 bytes
->Java cache emptied: 12130436 bytes
->FireFox cache emptied: 47787911 bytes
->Flash cache emptied: 1959443 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 635629 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 36461584 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 261,00 mb


[EMPTYFLASH]

User: Acronis Agent User
->Flash cache emptied: 0 bytes

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: backup

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: matousek
->Flash cache emptied: 0 bytes

User: NetworkService

User: verunka
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.7.0 log created on 06282010_162851

Files\Folders moved on Reboot...
C:\windows\temp\Perflib_Perfdata_5d8.dat moved successfully.

Registry entries deleted on Reboot...

[Caroprd111]

Jak se chová PC

[BlekotaCZ]

zatim dobre

dekuji

[Caroprd111]

Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

• Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
• Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

• Spusťte.
• Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

• Spusťte.
• Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

• Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
  
  Záložka Čistič
• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
  OK Zavřít

V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523


Doporučuji aktualizovat Adobe Reader http://www.stahuj.centrum.cz/podnikani_ ... batreader/


Dejte nový log z RSIT.