Pomalý notebook a kouše se

Zpráva

wawry · #1 Příspěvek od **wawry** » 23 led 2011 15:41

Dobrý den, v posledních dnech se mi kouše notebook a je hrozně pomalý. Avast nic nenašel, použil jsem cc-cleaner, spybot a Advanced system care, ale nic se nezlepšilo. Zde je můj log - díky za pomoc

Logfile of random's system information tool 1.08 (written by random/random)
Run by wawry at 2011-01-23 15:13:03
Microsoft Windows 7 Home Premium
System drive C: has 243 GB (83%) free of 291 GB
Total RAM: 2812 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:13:12, on 23.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\wawry.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{753AB61C-9147-4CB8-B36A-5FA95A7BF218}: NameServer = 89.31.40.3,89.31.40.13
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12875 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
taskeng.exe {61FB5756-190F-46D0-A781-EEFD119EA620}
"C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe" /startup
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" view=DOCKVIEW
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe"
"C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hp\QuickPlay\QPService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>6025</ID><Title>HP Wireless Assistant</Title><Text>Zařízení WLAN : Zapnuto
Rozhraní Bluetooth(r): Zapnuto</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\wawry\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-05 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-15 1815848]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-07-22 450048]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-05 171520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"Skype"=C:\Program Files (x86)\Skype\\Phone\Skype.exe [2010-05-13 26192168]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"BlazeServoTool"=C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe [2007-11-30 282624]
"ICQ"=C:\Program Files (x86)\ICQ7.2\ICQ.exe [2011-01-05 133432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2009-06-23 468264]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-06-24 320056]
"UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-02-15 417792]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"WallpaperStyle"=2
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-23 15:13:04 ----D---- C:\Program Files\trend micro
2011-01-23 15:13:03 ----D---- C:\rsit
2011-01-23 14:30:42 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-01-23 14:30:41 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-01-23 14:30:38 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-01-23 14:30:35 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-01-23 14:30:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-01-23 14:29:50 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-01-21 17:18:00 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-01-21 17:18:00 ----A---- C:\Windows\system32\drivers\sdbus.sys
2011-01-20 21:51:51 ----D---- C:\ProgramData\IObit
2011-01-20 21:49:12 ----D---- C:\Users\wawry\AppData\Roaming\IObit
2011-01-20 21:49:11 ----D---- C:\Program Files (x86)\IObit
2011-01-20 21:25:29 ----D---- C:\Program Files\CCleaner
2011-01-20 21:08:51 ----D---- C:\Program Files\Zrychleni Pocitace
2011-01-20 16:32:31 ----A---- C:\Windows\system32\aswBoot.exe
2011-01-18 21:18:22 ----D---- C:\Program Files (x86)\ConvertHelper
2011-01-12 11:39:49 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 11:39:48 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-01-12 11:39:48 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-01-12 11:39:48 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-01-12 11:39:48 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 11:39:48 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 11:39:48 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 11:39:48 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 11:39:47 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-01-12 11:39:47 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 11:39:46 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-01-12 11:39:46 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-01-12 11:39:46 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-01-12 11:39:46 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-01-12 11:39:46 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-01-12 11:39:46 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 11:39:46 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 11:39:46 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 11:39:46 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 11:39:46 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 11:39:46 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-12 11:39:46 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 11:39:41 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 11:39:40 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-06 22:38:05 ----D---- C:\Users\wawry\AppData\Roaming\Windows Live Writer
2011-01-02 17:38:11 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-01-02 17:38:11 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-01-02 17:38:11 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 months======

2011-01-23 15:13:06 ----D---- C:\Windows\Temp
2011-01-23 15:13:04 ----RD---- C:\Program Files
2011-01-23 15:00:20 ----D---- C:\Windows\system32\config
2011-01-23 15:00:19 ----A---- C:\ProgramData\hpqp.ini
2011-01-23 14:59:47 ----HD---- C:\ProgramData
2011-01-23 14:59:47 ----A---- C:\ProgramData\HPWALog.txt
2011-01-23 14:54:14 ----D---- C:\Windows\SysWOW64
2011-01-23 14:53:39 ----D---- C:\Windows
2011-01-23 14:30:42 ----AD---- C:\Windows\system32\drivers
2011-01-23 14:30:28 ----SHD---- C:\Windows\Installer
2011-01-23 14:29:40 ----D---- C:\ProgramData\Alwil Software
2011-01-23 14:29:18 ----SHD---- C:\System Volume Information
2011-01-23 13:25:45 ----A---- C:\ProgramData\hpqp.txt
2011-01-23 12:48:25 ----D---- C:\Users\wawry\AppData\Roaming\ICQ
2011-01-22 18:57:30 ----D---- C:\Windows\System32
2011-01-22 18:57:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-22 18:57:29 ----D---- C:\Windows\inf
2011-01-22 14:15:09 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-01-22 13:51:04 ----D---- C:\Windows\winsxs
2011-01-22 13:33:05 ----RD---- C:\Program Files (x86)
2011-01-22 13:29:43 ----D---- C:\Program Files (x86)\Common Files
2011-01-22 00:57:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-01-21 18:04:34 ----D---- C:\Windows\system32\DriverStore
2011-01-21 17:18:23 ----D---- C:\Windows\system32\catroot
2011-01-21 17:18:21 ----D---- C:\Windows\system32\catroot2
2011-01-20 21:49:52 ----D---- C:\Windows\system32\Tasks
2011-01-20 21:49:51 ----D---- C:\Windows\Tasks
2011-01-20 21:27:08 ----D---- C:\Windows\debug
2011-01-20 20:26:42 ----D---- C:\Windows\Microsoft.NET
2011-01-20 19:01:01 ----D---- C:\Program Files (x86)\Windows Live
2011-01-20 18:59:43 ----RSD---- C:\Windows\assembly
2011-01-20 18:51:39 ----SD---- C:\ProgramData\Microsoft
2011-01-20 18:43:57 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-20 18:39:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-20 18:35:53 ----D---- C:\Program Files (x86)\Google
2011-01-19 21:44:15 ----SD---- C:\Users\wawry\AppData\Roaming\Microsoft
2011-01-19 21:43:30 ----D---- C:\Windows\Prefetch
2011-01-12 22:27:32 ----A---- C:\Windows\system32\MRT.exe
2011-01-12 22:27:27 ----D---- C:\ProgramData\Microsoft Help
2011-01-07 17:39:20 ----D---- C:\Program Files (x86)\ICQ7.2
2011-01-02 17:38:07 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 29264]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 273488]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 51792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 20560]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-22 1484800]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-05 114192]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-17 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-17 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-07-17 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-17 21160]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-07-22 487936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-15 273456]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2010-02-09 507392]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2009-10-22 69320]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2009-10-22 84808]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter.sys [2008-12-08 11776]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-24 216576]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2009-10-10 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-12-08 150656]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 167424]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-12-08 150784]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-12-08 150656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-04 14336]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-24 136176]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-07 1255736]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 23 led 2011 16:22

Zdravim a pekny den preji

Odinstalujte Advanced system care a nasledne vse od IOBit, jedna se o cinske smejdy, ukradena databaze haveti a spise to dela vice skody nez uzitku - tot zkusenosti nas Radcu

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam - po ukonceni leceni, tam dame neco lepcejsiho

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

wawry · #3 Příspěvek od **wawry** » 23 led 2011 17:24

jen se chci optat, jestli je normální, že test běží už 45 min?

#4 Příspěvek od **vyosek** » 23 led 2011 17:36

Stale pracuje nebo se sekl

Pripadne udelejte sken v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti). Pokud by se sekl i tam, tak skript nevkladejte a dejte jen prohledat

wawry · #5 Příspěvek od **wawry** » 23 led 2011 17:37

už je to hotové

OTL logfile created on: 23.1.2011 16:51:03 - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = C:\Users\wawry\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,61 Gb Total Space | 236,99 Gb Free Space | 83,27% Space Free | Partition Type: NTFS
Drive D: | 13,18 Gb Total Space | 2,16 Gb Free Space | 16,37% Space Free | Partition Type: NTFS
Drive E: | 3,44 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: WAWRY-PC | User Name: wawry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.01.23 16:32:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\wawry\Downloads\OTL.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.01.05 09:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.2\ICQ.exe
PRC - [2010.12.03 20:39:33 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.12.03 20:39:33 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.03.28 15:47:30 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.07.01 18:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.11.04 11:39:20 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2007.11.30 20:03:44 | 000,282,624 | ---- | M] (BlazeVideo Company) -- C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe

========== Modules (SafeList) ==========

MOD - [2011.01.23 16:32:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\wawry\Downloads\OTL.exe
MOD - [2011.01.23 14:58:57 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.02 19:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.01 18:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.03.02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)
SRV - [2010.10.14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.03.28 15:47:30 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.22 19:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008.11.04 11:39:20 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.01.13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.02.09 16:19:29 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
DRV:64bit: - [2009.10.22 14:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009.10.22 14:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2009.10.10 03:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.22 02:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.07.22 02:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.07.17 21:58:30 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.07.17 21:58:24 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.07.17 21:58:22 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.07.17 21:58:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.07.15 00:16:34 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.02 19:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.24 20:00:18 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 11:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.05.23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.05.05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.04.29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.03.09 06:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008.12.08 17:21:18 | 000,167,424 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:64bit: - [2008.12.08 17:21:18 | 000,150,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2008.12.08 17:21:18 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2008.12.08 17:21:18 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2008.12.08 17:21:18 | 000,011,776 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\URLSearchHook: {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =302398&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.22 00:57:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.01.22 00:57:24 | 000,000,000 | ---D | M]

[2010.02.02 19:33:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\wawry\AppData\Roaming\Mozilla\Extensions
[2011.01.22 19:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions
[2010.05.02 12:30:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.16 21:53:21 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-1.xml
[2010.07.24 18:28:17 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-2.xml
[2010.07.26 07:56:13 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-3.xml
[2010.09.09 15:00:25 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-4.xml
[2010.09.18 12:02:52 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-5.xml
[2010.10.26 11:36:29 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-6.xml
[2010.10.30 08:21:51 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-7.xml
[2010.12.11 15:04:57 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-8.xml
[2010.06.28 12:39:39 | 000,001,056 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin.xml
[2010.08.15 12:42:45 | 000,002,304 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\inbox-hledat.xml
[2011.01.22 13:33:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.04.29 20:17:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.01 19:17:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.04 15:27:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.02 17:38:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.17 10:38:44 | 000,001,353 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.12.03 19:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.03 19:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.03 19:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 19:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000..\Run: [BlazeServoTool] C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe (BlazeVideo Company)
O4 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O8:64bit: - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{03ce486b-12e7-11df-b533-00269edb218d}\Shell - "" = AutoRun
O33 - MountPoints2\{03ce486b-12e7-11df-b533-00269edb218d}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{03ce4874-12e7-11df-b533-00269edb218d}\Shell - "" = AutoRun
O33 - MountPoints2\{03ce4874-12e7-11df-b533-00269edb218d}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.01.23 16:38:11 | 000,000,000 | ---D | C] -- C:\HP_TOOLS_mountHPSF
[2011.01.23 15:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.23 15:13:03 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.23 14:53:39 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.01.23 14:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.01.23 14:30:42 | 000,020,560 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.01.23 14:30:41 | 000,273,488 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.01.23 14:30:38 | 000,029,264 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.01.23 14:30:35 | 000,051,792 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.01.23 14:30:32 | 000,062,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.01.23 14:29:50 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.01.22 00:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.01.21 17:18:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2011.01.20 21:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011.01.20 21:49:12 | 000,000,000 | ---D | C] -- C:\Users\wawry\AppData\Roaming\IObit
[2011.01.20 21:49:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011.01.20 21:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.20 21:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Zrychleni Pocitace
[2011.01.20 16:32:31 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.01.19 21:57:05 | 000,000,000 | ---D | C] -- C:\Users\wawry\AppData\Local\Apple Computer
[2011.01.18 21:18:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConvertHelper
[2011.01.18 21:13:27 | 000,000,000 | ---D | C] -- C:\Users\wawry\dwhelper

========== Files - Modified Within 7 Days ==========

[2011.01.23 16:54:24 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.23 16:54:23 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.23 16:26:18 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.23 15:00:19 | 000,001,264 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2011.01.23 14:59:30 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.23 14:58:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.23 14:58:40 | 2211,602,432 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.23 14:53:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.01.23 14:30:43 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.01.22 18:57:30 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.01.22 18:57:30 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.01.22 18:57:30 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.01.22 18:57:30 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.01.22 18:57:30 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.01.22 18:14:38 | 000,001,854 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\GhostObjGAFix.xml
[2011.01.22 00:57:27 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.01.21 08:39:34 | 000,439,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.01.20 21:25:33 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

========== Files Created - No Company Name ==========

[2011.01.23 14:30:43 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.01.22 18:14:36 | 000,001,854 | ---- | C] () -- C:\Users\wawry\AppData\Roaming\GhostObjGAFix.xml
[2011.01.22 00:57:27 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.01.20 21:25:33 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010.10.18 22:06:30 | 000,376,670 | ---- | C] () -- C:\Users\wawry\AppData\Roaming\mdbu.bin
[2010.02.09 16:39:05 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll
[2010.02.02 18:39:31 | 000,000,021 | ---- | C] () -- C:\ProgramData\hpqp.txt
[2010.02.02 11:19:56 | 000,000,000 | ---- | C] () -- C:\Users\wawry\AppData\Local\QSwitch.txt
[2010.02.02 11:19:56 | 000,000,000 | ---- | C] () -- C:\Users\wawry\AppData\Local\DSwitch.txt
[2010.02.02 11:19:56 | 000,000,000 | ---- | C] () -- C:\Users\wawry\AppData\Local\AtStart.txt
[2010.02.02 11:19:53 | 000,000,268 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010.01.08 01:14:47 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010.01.08 01:14:37 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010.01.08 01:14:19 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010.01.08 01:13:54 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010.01.08 01:13:11 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010.01.08 01:12:38 | 000,001,264 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009.09.05 18:09:34 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009.09.05 18:05:46 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009.09.05 18:03:54 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009.09.05 18:03:08 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009.07.15 16:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.12.30 19:13:14 | 000,137,196 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.08.20 15:45:46 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml

========== LOP Check ==========

[2010.04.18 21:12:40 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Facebook
[2010.02.19 09:04:35 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\GetRightToGo
[2011.01.23 12:48:25 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\ICQ
[2011.01.22 16:30:21 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\IObit
[2010.02.06 18:32:52 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Vodafone
[2011.01.06 22:38:05 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Windows Live Writer
[2010.12.07 12:10:05 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HPADVISOR" = C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW -- [2009.07.15 16:51:42 | 001,668,664 | ---- | M] (Hewlett-Packard)
"LightScribe Control Panel" = C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2009.06.17 12:13:36 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"Skype" = "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010.05.13 16:57:20 | 026,192,168 | R--- | M] (Skype Technologies S.A.)
"BlazeServoTool" = "C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe" -- [2007.11.30 20:03:44 | 000,282,624 | ---- | M] (BlazeVideo Company)
"ICQ" = "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 -- [2011.01.05 09:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.02.07 14:20:19 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Adobe
[2010.02.02 11:19:41 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\ATI
[2010.02.02 20:17:17 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\CyberLink
[2010.04.18 21:12:40 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Facebook
[2010.02.19 09:04:35 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\GetRightToGo
[2010.08.25 11:47:27 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Hewlett-Packard
[2010.04.04 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\HP Support Assistant
[2010.02.02 09:50:03 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\HP TCS
[2010.02.17 14:05:30 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\hpqlog
[2010.04.04 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\HpUpdate
[2011.01.23 12:48:25 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\ICQ
[2010.02.02 11:19:07 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Identities
[2011.01.22 16:30:21 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\IObit
[2010.02.02 18:18:57 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Macromedia
[2010.01.08 10:27:06 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Media Center Programs
[2011.01.19 21:44:15 | 000,000,000 | --SD | M] -- C:\Users\wawry\AppData\Roaming\Microsoft
[2010.02.02 19:33:36 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Mozilla
[2010.10.07 20:54:38 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Skype
[2010.02.06 18:32:52 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Vodafone
[2011.01.06 22:38:05 | 000,000,000 | ---D | M] -- C:\Users\wawry\AppData\Roaming\Windows Live Writer

< %APPDATA%\*.exe /s >
[2010.04.18 21:12:40 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\wawry\AppData\Roaming\Facebook\uninstall.exe

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2007.05.17 20:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2010.01.08 10:29:22 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.01.08 10:29:22 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.01.08 10:29:22 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010.01.08 10:29:22 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.01.23 14:53:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWOW64\config.nt
[2011.01.20 20:34:21 | 000,000,052 | ---- | M] () -- C:\Windows\SysWOW64\DOErrors.log

< End of report >

wawry · #6 Příspěvek od **wawry** » 23 led 2011 17:38

druhý log:

OTL Extras logfile created on: 23.1.2011 16:51:03 - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = C:\Users\wawry\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,61 Gb Total Space | 236,99 Gb Free Space | 83,27% Space Free | Partition Type: NTFS
Drive D: | 13,18 Gb Total Space | 2,16 Gb Free Space | 16,37% Space Free | Partition Type: NTFS
Drive E: | 3,44 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: WAWRY-PC | User Name: wawry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1192422459-1452251326-4140985472-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Panel nástrojů Bing
"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant
"{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard
"{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{293F900D-3743-A8CC-46AD-5AFBFF8E29CF}" = muvee Reveal
"{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver
"{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New
"{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese
"{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek
"{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian
"{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All
"{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish
"{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian
"{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B3776EC-5F0A-4996-A7DF-BB5DA95B240E}" = Vodafone Mobile Connect Lite
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian
"{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148
"{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.1 - Czech
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish
"{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish
"{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light
"{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English
"{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean
"{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation
"{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional
"{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Toolbar" = AOL Toolbar 5.0
"avast5" = avast! Free Antivirus
"Blaze HDTV Player Deluxe 4.0_is1" = Blaze HDTV Player Deluxe 4.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HappyFoto-Designer_is1" = HF Designer 2.7
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"ST6UNST #1" = OBD2Spy V2.05
"WildTangent hp Master Uninstall" = HP Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1192422459-1452251326-4140985472-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Axis H.264 a AAC kodek" = Axis H.264 a AAC kodek
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#7 Příspěvek od **vyosek** » 23 led 2011 17:46

Se Vas asi leknul, tak vyhodil log

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2010.03.28 15:47:30 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnb
IE - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\URLSearchHook: {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p="
[2010.05.02 12:30:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.16 21:53:21 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-1.xml
[2010.07.24 18:28:17 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-2.xml
[2010.07.26 07:56:13 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-3.xml
[2010.09.09 15:00:25 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-4.xml
[2010.09.18 12:02:52 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-5.xml
[2010.10.26 11:36:29 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-6.xml
[2010.10.30 08:21:51 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-7.xml
[2010.12.11 15:04:57 | 000,000,950 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin-8.xml
[2010.06.28 12:39:39 | 000,001,056 | ---- | M] () -- C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\searchplugins\icqplugin.xml
[2010.06.17 10:38:44 | 000,001,353 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1192422459-1452251326-4140985472-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{03ce486b-12e7-11df-b533-00269edb218d}\Shell - "" = AutoRun
O33 - MountPoints2\{03ce4874-12e7-11df-b533-00269edb218d}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"SpybotSD TeaTimer"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"=-
"HP Software Update"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
 
:files
C:\Program Files\Zrychleni Pocitace
C:\ProgramData\IObit
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\wawry\AppData\Roaming\IObit
C:\Program Files (x86)\IObit
C:\Program Files (x86)\AOL\AOL Toolbar 5.0
C:\Program Files (x86)\ICQ6Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

wawry · #8 Příspěvek od **wawry** » 23 led 2011 18:22

otl vyhodilo tuto chybovou hlášku
Access violation at adress 005CC7ED in module ÓTL.EXE´. Read of adress 00000000

#9 Příspěvek od **vyosek** » 23 led 2011 18:26

Zkuste OTL aplikovat v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

wawry · #10 Příspěvek od **wawry** » 23 led 2011 18:42

v nouzovém režimu to samé

#11 Příspěvek od **vyosek** » 23 led 2011 18:45

Nejak se OTLku nechce, takze na to pujdem jinak

Poprosim o log z DDS, navod zde http://www.viry.cz/forum/viewtopic.php?f=24&t=81946

wawry · #12 Příspěvek od **wawry** » 23 led 2011 18:52

při spouštění nebyla možnost zpustit jako správce, ta snad to bude stačit

DDS (Ver_10-12-12.02) - NTFS_AMD64 NETWORK
Run by wawry at 18:48:01,43 on ne 23.01.2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2812.2243 [GMT 1:00]

AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\wawry\Downloads\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.seznam.cz/
uDefault_Page_URL =
mDefault_Page_URL =
mStart Page =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
TB: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} -
EB: {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
uRun: [BlazeServoTool] "C:\Program Files (x86)\BlazeVideo\Blaze HDTV Player Deluxe 4.0\MediaDetector.exe"
uRun: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
IE: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: {753AB61C-9147-4CB8-B36A-5FA95A7BF218} = 89.31.40.3,89.31.40.13
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
{DBC80044-A445-435b-BC74-9C25C1C588A9}
TB-X64: {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

================= FIREFOX ===================

FF - ProfilePath - C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Users\wawry\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

============= SERVICES / DRIVERS ===============

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-1-8 215040]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-1-8 36408]
S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-1-23 273488]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2010-1-8 89600]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264]
S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-1-23 20560]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-1-23 62032]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-23 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-24 136176]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-4 14336]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-1-8 35104]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-9-5 228408]
S3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2008-12-8 11776]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-1-8 216576]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-7 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S3 ZTEusbnet;ZTE USB-NDIS miniport;C:\Windows\System32\drivers\ZTEusbnet.sys [2010-2-6 167424]

=============== Created Last 30 ================

2011-01-23 17:04:15 -------- d-----w- C:\_OTL
2011-01-23 15:38:11 -------- d-----w- C:\HP_TOOLS_mountHPSF
2011-01-23 14:13:04 -------- d-----w- C:\Program Files\trend micro
2011-01-23 13:53:39 38848 ----a-w- C:\Windows\avastSS.scr
2011-01-23 13:30:32 62032 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-01-21 16:18:00 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2011-01-21 16:18:00 109056 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2011-01-21 11:27:32 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{40095A02-DAA8-4633-AF9F-25518413934C}\mpengine.dll
2011-01-20 20:51:51 -------- d-----w- C:\PROGRA~3\IObit
2011-01-20 20:49:12 -------- d-----w- C:\Users\wawry\AppData\Roaming\IObit
2011-01-20 20:49:11 -------- d-----w- C:\Program Files (x86)\IObit
2011-01-20 20:25:29 -------- d-----w- C:\Program Files\CCleaner
2011-01-20 20:08:51 -------- d-----w- C:\Program Files\Zrychleni Pocitace
2011-01-19 20:57:05 -------- d-----w- C:\Users\wawry\AppData\Local\Apple Computer
2011-01-19 20:46:45 48648 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-01-19 20:46:41 484160 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-18 20:18:22 -------- d-----w- C:\Program Files (x86)\ConvertHelper
2011-01-18 20:13:27 -------- d-----w- C:\Users\wawry\dwhelper
2011-01-06 21:38:05 -------- d-----w- C:\Users\wawry\AppData\Roaming\Windows Live Writer
2011-01-06 21:38:05 -------- d-----w- C:\Users\wawry\AppData\Local\Windows Live Writer

==================== Find3M ====================

2010-11-12 17:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-02 05:21:51 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2010-11-02 05:18:59 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2010-11-02 05:18:59 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll
2010-11-02 05:18:58 470016 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:12:53 1133568 ----a-w- C:\Windows\System32\FntCache.dll
2010-11-02 05:12:25 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2010-11-02 05:12:08 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2010-11-02 05:12:07 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2010-11-02 05:12:06 902656 ----a-w- C:\Windows\System32\d2d1.dll
2010-11-02 05:12:06 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:59:08 144384 ----a-w- C:\Windows\System32\cdd.dll
2010-11-02 04:41:36 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2010-11-02 04:41:36 283648 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2010-11-02 04:41:36 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:35:51 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2010-11-02 04:35:35 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2010-11-02 04:35:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2010-11-02 04:35:34 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2010-11-02 04:35:34 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-11-02 02:50:58 258048 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2010-10-27 12:28:46 11320 ----a-w- C:\Windows\help\OEM\Scripts\HPSARedirectorLauncher.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

============= FINISH: 18:48:58,02 ===============

#13 Příspěvek od **vyosek** » 23 led 2011 19:12

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe NESPOUSTEJTE

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Folder::
C:\Program Files\Zrychleni Pocitace
C:\ProgramData\IObit
C:\Users\wawry\AppData\Roaming\IObit
C:\Program Files (x86)\IObit
C:\Program Files (x86)\AOL\AOL Toolbar 5.0
C:\Program Files (x86)\ICQ6Toolbar
C:\Program Files (x86)\MSN Toolbar

File::
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"SpybotSD TeaTimer"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"=-
"HP Software Update"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
"{DE9C389F-3316-41A7-809B-AA305ED9D922}"=-

DDS::
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
TB: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} -
EB: {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
TB-X64: {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

Firefox::
FF - ProfilePath - C:\Users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =302398&p=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

Driver::
ICQ Service

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

wawry · #14 Příspěvek od **wawry** » 23 led 2011 19:43

ComboFix 11-01-22.03 - wawry 23.01.2011 19:28:35.1.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2812.2162 [GMT 1:00]
Spuštěný z: c:\users\wawry\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\wawry\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

wawry · #15 Příspěvek od **wawry** » 23 led 2011 19:45

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
c:\program files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\sitespanel.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_eng.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_heb.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg_lite.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\20minutos.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\about.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\abv.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aktuality.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aktualne.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\alljobs.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\allocine.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\altervista.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\amazon.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\answers.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aol.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aolradio.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\apple.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ard.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\as.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlas.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlassk.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aufeminin.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autobazar.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autobazar1.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autocz.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\azet.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bazos.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bigmir.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\billiger.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bing.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\blesk.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bleskove.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\btv.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\calcalist.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cas.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cdiscount.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\centrum.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ciao.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnet.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnn.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\commentcamarche.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\corriere.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\csfd.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\d.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dailymotion.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\data.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deezer.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\default.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\delicious.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\depositfiles.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deviantart.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diary.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\digg.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dir.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\disney.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diva.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dnevnik.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\doctissimo.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\donanimhaber.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebay.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebayanuncios.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ekolay.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elmundo.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elpais.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\eurosport.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\expats.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\facebook.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\finance.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\firmy.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flickr.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flix.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fotolog.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fox.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\france2.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\free.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\garanti.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazeta.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazetevatan.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazzetta.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gbg.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gepime.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gismeteo.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gittigidiyor.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\globes.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmail.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmx.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\google.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googleearth.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googletranslate.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.gif
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haber7.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haberturk.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hepsiburada.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\horadot.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\horoskopy.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hurriyet.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\championat.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\chip.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\icq.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\idnes.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilike.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilmeteo.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imageshack.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imdb.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\impulse.png
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\infojobs.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\interfacelift.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\internethaber.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iserialy.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iua.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\izlesene.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jappy.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeux.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeuxvideo.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jing.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\joj.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kijiji.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kinopoisk.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\korrespondent.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lastfm.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leboncoin.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lemonde.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lenta.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leonardo.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lequipe.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libero.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libimseti.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lide.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\linternaute.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\livejournal.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mailru.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mako.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mappy.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mapy.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marca.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marketgid.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\markiza.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\megavideo.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meinvz.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mekusharim.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meta.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milanobakeca.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milliyet.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mimibazar.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\minibazar.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mobilen.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\morfix.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mouse.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mymovies.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\myspace.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\najisto.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana10.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netgames.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netlog.ico
c:\users\wawry\AppData\Roaming\Mozilla\Firefox\Profiles\bqxmvb8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novinky.ico

VIRY.CZ

Pomalý notebook a kouše se

Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se

Re: Pomalý notebook a kouše se