VIRY.CZ

udelal jsem combofix, ale opet zadny txt soubor, mam restartovat a spusti v beznem rezimu??

Ano, prihlaste se do normalniho rezimu...

po spusteni combofixu v normalnim rezimu opet soubor txt nikde, plocha cerna bez ikon, pouze popisy pod zastupci, jinak se zda byt fit...
PC neni a nebylo behem nasi komunikace pripojeno k internetu, je to potreba??

Net nebyl nezbytne nutny

Zabalte mi prosim slozku c:\qoobox a uploadnete na LP http://leteckaposta.cz/

bohuzel složka c:\qoobox neexistuje.. combofix netrval ani minutu a take neprovedl restart, mam zkusit restartovat
dekuji za vasi pomoc

Tak na to pujdem uplne jinak PC asi nema rado sUBse a jeho utility (DDS i CF je od nej)

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu se objevi logy OTL.txt a Extras.txt, oba sem vlozte

musim ted na vzduch, stroj + OTL spokojene pracuje, az to bude mozne poslu Vam pozadovane txt.
dekuji za pomoc, skvela spoluprace, verim, ze vse dobre dopadne a kolegyne bude moci svuj "hnojnik" znovu pouzivat...

Prozatim neni tedy zac

Budu sem nakukovat prubezne cely den

Dobry den, omlouvam se, vcera uz mi to nevyslo. Posilam logy z OTL. Nejdriv otl.txt:
OTL logfile created on: 4.6.2012 15:58:12 - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = F:\
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 62,49% Memory free
3,23 Gb Paging File | 2,66 Gb Available in Paging File | 82,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32,51 Gb Total Space | 2,20 Gb Free Space | 6,76% Space Free | Partition Type: NTFS
Drive D: | 32,26 Gb Total Space | 21,07 Gb Free Space | 65,33% Space Free | Partition Type: NTFS
Drive F: | 1,85 Gb Total Space | 1,11 Gb Free Space | 59,75% Space Free | Partition Type: FAT

Computer Name: ALENA-PC | User Name: Alena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.06.04 15:53:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2012.05.25 15:21:44 | 000,992,648 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012.05.25 15:12:54 | 000,785,344 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2009.11.17 12:19:06 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Alena\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.09.14 08:02:10 | 001,080,264 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2007.04.23 09:51:42 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.03.21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.03.21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.02.13 07:26:50 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2006.11.02 11:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe


========== Modules (No Company Name) ==========

MOD - [2008.09.03 15:28:24 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.08.29 10:55:00 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - [2012.05.25 15:12:54 | 000,785,344 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.05.18 19:04:01 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.05 16:29:14 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 09:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.19 09:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008.01.19 09:34:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2007.03.21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.02.13 07:26:50 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - File not found [File_System | Auto | Stopped] -- system32\DRIVERS\eamonm.sys -- (eamonm)
DRV - File not found [Kernel | System | Stopped] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.04.11 06:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008.10.10 10:10:26 | 000,051,040 | ---- | M] (IPWireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipw3gnet.sys -- (IpwP)
DRV - [2008.01.19 07:49:16 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2007.06.19 07:34:48 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.04.11 10:40:14 | 000,046,592 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2007.04.11 10:40:10 | 000,063,488 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2007.04.11 10:40:06 | 000,067,584 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2007.02.25 16:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Ovladač adaptéru Intel(R)
DRV - [2007.01.30 22:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.12.05 14:26:00 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2006.11.02 11:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,080,488 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,078,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2006.11.02 11:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:49 | 000,027,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2006.11.02 11:49:44 | 000,023,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2006.11.02 11:49:38 | 000,019,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:26 | 000,015,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 11:49:20 | 000,013,416 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2006.11.02 11:03:00 | 000,242,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2006.11.02 10:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006.11.02 10:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006.11.02 10:55:16 | 000,062,080 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2006.11.02 10:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2006.11.02 10:55:08 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2006.11.02 10:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006.11.02 10:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006.11.02 10:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006.11.02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006.11.02 10:51:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2006.11.02 10:51:32 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2006.11.02 10:42:03 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2006.11.02 10:30:19 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2006.11.02 10:30:18 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2006.11.02 10:30:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2006.11.02 10:30:18 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2269050


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\InprocServer32 File not found
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes,DefaultScope = {88391F85-6AE4-4933-9AD1-41075E484253}
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... lz=1I7SKPB
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{88391F85-6AE4-4933-9AD1-41075E484253}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2269050
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" = http://www.icq.com/search/results.php?q ... &ch_id=osd
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{C78778B0-C2A9-4AA8-9C30-2050EA63B85D}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.3&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =937811&p="
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.18 19:04:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.03.23 21:38:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010.05.26 18:35:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alena\AppData\Roaming\Mozilla\Extensions
[2012.05.27 11:33:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions
[2012.03.29 16:39:33 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.29 16:43:14 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.05.31 18:01:09 | 000,000,873 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\conduit.xml
[2012.05.28 10:33:17 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-1.xml
[2012.01.07 11:05:24 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-10.xml
[2012.03.25 12:01:47 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-11.xml
[2012.04.13 18:27:33 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-12.xml
[2011.09.04 19:58:43 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-2.xml
[2011.09.14 13:03:19 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-3.xml
[2011.09.27 19:23:10 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-4.xml
[2011.10.15 15:47:43 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-5.xml
[2011.10.16 18:24:49 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-6.xml
[2011.11.09 19:25:04 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-7.xml
[2011.11.30 13:55:16 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-8.xml
[2011.12.19 20:14:53 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-9.xml
[2012.03.19 20:09:28 | 000,000,168 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.gif
[2012.03.19 20:09:28 | 000,000,618 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.src
[2011.08.14 20:18:56 | 000,001,056 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.xml
[2012.02.18 21:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.02.10 20:15:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.03.24 22:54:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.24 22:54:01 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.05.27 11:33:04 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.05.27 11:33:04 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF
[2012.02.14 19:51:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.05.18 19:04:01 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.02.12 00:11:32 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2012.02.18 21:00:42 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.18 21:00:42 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.18 21:00:42 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.18 21:00:42 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.18 21:00:42 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\WebBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" File not found
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd File not found
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe File not found
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O4 - HKU\S-1-5-18..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..Trusted Domains: csob.cz ([ib24] https in Důvěryhodné servery)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17A4BE2B-5BE4-4C56-9A1F-8F9DC41002A8}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53BC6050-22D7-4A24-A72A-E9AC5475F90D}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (eNetHook.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\Pictures\Dovolená Krkonoše\100_0919 - Kopie.JPG
O24 - Desktop BackupWallPaper: D:\Pictures\Dovolená Krkonoše\100_0919 - Kopie.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{700056ff-3075-11e0-89df-001b382d97ac}\Shell - "" = AutoRun
O33 - MountPoints2\{700056ff-3075-11e0-89df-001b382d97ac}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - xvidvfw.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.06.04 15:16:36 | 004,536,354 | R--- | C] (Swearware) -- C:\Users\Alena\Desktop\ComboFix.exe
[2012.06.04 15:11:19 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012.06.04 14:59:46 | 000,492,146 | R--- | C] (Swearware) -- C:\Users\Alena\Desktop\dds.exe
[2012.06.04 13:33:11 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.06.04 13:33:10 | 000,000,000 | ---D | C] -- C:\rsit
[2012.06.04 13:14:05 | 000,000,000 | ---D | C] -- C:\Users\Alena\Desktop\RK_Quarantine
[2012.05.29 18:37:41 | 000,000,000 | ---D | C] -- C:\Users\Alena\AppData\Local\MediaMonkey
[2012.05.29 18:37:02 | 000,000,000 | ---D | C] -- C:\Users\Alena\AppData\Roaming\MediaMonkey
[2012.05.29 18:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
[2012.05.29 18:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\MediaMonkey
[2012.05.29 18:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2010.08.07 15:45:16 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Alena\AppData\Roaming\pcouffin.sys
[9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.06.04 16:01:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.06.04 15:54:05 | 000,609,570 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.06.04 15:54:05 | 000,598,096 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.04 15:54:05 | 000,119,118 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.06.04 15:54:05 | 000,105,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.04 15:50:05 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.04 15:50:05 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.04 15:49:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.04 15:29:15 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.04 15:24:42 | 000,382,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.04 15:19:40 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.06.04 15:05:36 | 004,536,354 | R--- | M] (Swearware) -- C:\Users\Alena\Desktop\ComboFix.exe
[2012.06.04 14:36:48 | 000,492,146 | R--- | M] (Swearware) -- C:\Users\Alena\Desktop\dds.exe
[2012.06.04 12:36:14 | 000,781,383 | ---- | M] () -- C:\Users\Alena\Desktop\RSIT.exe
[2012.06.03 18:38:14 | 000,306,176 | ---- | M] () -- C:\Users\Alena\AppData\Local\bpgoejs.exe
[2012.06.03 18:36:22 | 263,256,428 | ---- | M] () -- C:\Users\Alena\Desktop\70s Disco Hits !! - Mix!! - HD - 30 Min long Megamix!!! Best!!! Top!!! Classics!!!.mp4
[2012.06.01 18:24:53 | 000,084,992 | ---- | M] () -- C:\Users\Alena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.29 18:37:01 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\MediaMonkey.lnk
[9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.06.04 16:01:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.06.04 12:53:11 | 000,781,383 | ---- | C] () -- C:\Users\Alena\Desktop\RSIT.exe
[2012.06.03 18:38:14 | 000,306,176 | ---- | C] () -- C:\Users\Alena\AppData\Local\bpgoejs.exe
[2012.06.03 18:18:12 | 263,256,428 | ---- | C] () -- C:\Users\Alena\Desktop\70s Disco Hits !! - Mix!! - HD - 30 Min long Megamix!!! Best!!! Top!!! Classics!!!.mp4
[2012.05.29 18:37:01 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\MediaMonkey.lnk
[2011.07.21 21:20:06 | 000,000,012 | ---- | C] () -- C:\ProgramData\ReminderNextRun
[2010.12.30 23:05:46 | 000,003,082 | ---- | C] () -- C:\Windows\System32\affv208325p1now.sys
[2010.12.12 14:40:19 | 000,000,543 | ---- | C] () -- C:\Users\Alena\AppData\Roaming\AutoGK.ini
[2010.08.07 15:46:09 | 000,001,176 | ---- | C] () -- C:\Users\Alena\AppData\Roaming\vso_ts_preview.xml
[2010.08.07 15:45:16 | 000,087,608 | ---- | C] () -- C:\Users\Alena\AppData\Roaming\inst.exe
[2010.08.07 15:45:16 | 000,007,887 | ---- | C] () -- C:\Users\Alena\AppData\Roaming\pcouffin.cat
[2010.08.07 15:45:16 | 000,001,144 | ---- | C] () -- C:\Users\Alena\AppData\Roaming\pcouffin.inf

========== LOP Check ==========

[2010.11.07 18:10:46 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\AnvSoft
[2010.09.03 23:17:04 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\COWON
[2011.03.14 22:39:53 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\DVDVideoSoft
[2007.11.22 09:30:45 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\GHISLER
[2008.02.03 17:11:15 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\ICQ Toolbar
[2010.11.09 16:59:30 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Leadertech
[2010.12.13 20:16:38 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Leawo
[2012.06.03 18:43:37 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\MediaMonkey
[2011.03.14 22:47:24 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\OpenCandy
[2010.01.08 19:59:35 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\PC Suite
[2010.03.05 22:56:25 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Samsung
[2009.01.17 21:32:02 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Template
[2012.05.15 17:07:01 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Vso
[2010.11.09 10:52:27 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\WinAVI
[2010.12.13 19:39:45 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\YouTube Downloader
[2012.06.04 15:48:42 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011.09.20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012.03.30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.02.14 23:14:28 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.02.14 23:14:30 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011.09.20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< >

< %systemroot%*.* /U /s >
[15 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[7 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
[268 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.02.16 13:59:01 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Adobe
[2007.11.22 15:56:36 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\AdobeUM
[2010.12.23 21:45:45 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Ahead
[2010.11.07 18:10:46 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\AnvSoft
[2010.01.05 09:48:42 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\AVG8
[2010.09.03 23:17:04 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\COWON
[2007.11.22 09:32:56 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\CyberLink
[2012.05.14 20:19:26 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\dvdcss
[2011.03.14 22:39:53 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\DVDVideoSoft
[2007.11.22 09:30:45 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\GHISLER
[2008.03.24 19:42:41 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Google
[2008.02.03 17:11:15 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\ICQ Toolbar
[2007.11.21 15:37:33 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Identities
[2010.11.09 16:59:30 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Leadertech
[2010.12.13 20:16:38 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Leawo
[2007.11.21 15:36:51 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Macromedia
[2007.11.25 22:43:00 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Media Player Classic
[2012.06.03 18:43:37 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\MediaMonkey
[2011.09.15 19:52:13 | 000,000,000 | --SD | M] -- C:\Users\Alena\AppData\Roaming\Microsoft
[2010.05.26 18:35:58 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Mozilla
[2011.03.14 22:47:24 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\OpenCandy
[2010.01.08 19:59:35 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\PC Suite
[2010.03.05 22:56:25 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Samsung
[2012.05.28 20:28:03 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Skype
[2010.05.23 20:15:42 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\skypePM
[2008.04.20 17:58:36 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Talkback
[2009.01.17 21:32:02 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Template
[2012.06.03 17:23:26 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\vlc
[2012.05.15 17:07:01 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\Vso
[2010.11.09 10:52:27 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\WinAVI
[2008.09.06 21:55:37 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\WinRAR
[2010.12.13 19:39:45 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\YouTube Downloader

< %APPDATA%\*.exe /s >
[2012.01.09 22:06:49 | 000,087,608 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\inst.exe
[2011.03.14 22:47:24 | 000,415,816 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\OpenCandy\OpenCandy_53C8DAFF36FC481097C92E5FFDF9E648\LatestDLMgr.exe
[2010.12.18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\OpenCandy\OpenCandy_53C8DAFF36FC481097C92E5FFDF9E648\SpeedstarterCZ.exe
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\Alena\AppData\Roaming\OpenCandy\OpenCandy_53C8DAFF36FC481097C92E5FFDF9E648\ZrychleniPocitace.exe
[2011.03.14 22:47:31 | 001,842,096 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\OpenCandy\OpenCandy_53C8DAFF36FC481097C92E5FFDF9E648\ZrychleniPocitace_p2v1.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[9 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.06.04 15:29:15 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[9 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.06.04 15:50:05 | 000,003,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.04 15:50:05 | 000,003,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.04 15:24:42 | 000,382,208 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2012.06.04 15:54:05 | 000,119,118 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.06.04 15:54:05 | 000,105,070 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.06.04 15:54:05 | 000,609,570 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.06.04 15:54:05 | 000,598,096 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.06.04 15:54:05 | 001,424,786 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[9 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.05.18 19:04:00 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.04.11 08:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.06.04 16:01:09 | 000,000,512 | ---- | M] () MD5=0821CFAE0AAEB7753A190186E1CE9CC2 -- C:\PhysicalMBR.bin

< End of report >

a ted extra.txt:

OTL Extras logfile created on: 4.6.2012 15:58:12 - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = F:\
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,49 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 62,49% Memory free
3,23 Gb Paging File | 2,66 Gb Available in Paging File | 82,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32,51 Gb Total Space | 2,20 Gb Free Space | 6,76% Space Free | Partition Type: NTFS
Drive D: | 32,26 Gb Total Space | 21,07 Gb Free Space | 65,33% Space Free | Partition Type: NTFS
Drive F: | 1,85 Gb Total Space | 1,11 Gb Free Space | 59,75% Space Free | Partition Type: FAT

Computer Name: ALENA-PC | User Name: Alena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{2AEC19D2-037B-4099-9AE0-267CAD0B522C}" = YouTube Downloader Toolbar v5.8
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4908C75E-E5E2-43F7-B1DF-023CBA831029}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.7.3.190b
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0B0BCE9-2994-36F2-BE66-D23C884372E8}" = Visual C++ 9.0 OpenMP (x86) WinSXS MSM
"{AA2EBBCC-4E3B-3442-865E-7BB3E9F45F0C}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{EB5BA578-FF7F-3863-8E53-7A003222B7FC}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{EB6C11E5-449C-3BA3-9086-80B18BCFF947}" = Visual C++ 9.0 OpenMP (x86) WinSXS MSM
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"18 Wheels of Steel Pedal to the Metal" = 18 Wheels of Steel Pedal to the Metal
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"PttM 1.07 Czech patch" = PttM 1.07 Czech patch
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.1
"WinRAR archiver" = WinRAR
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9.11.2010 13:21:53 | Computer Name = Alena-PC | Source = System Restore | ID = 8193
Description =

Error - 9.11.2010 13:43:50 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x0160b5ed, ID procesu 0xaf8, čas spuštění aplikace
0x01cb8035a92cb8f1.

Error - 9.11.2010 14:35:14 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x016eb5ed, ID procesu 0xba0, čas spuštění aplikace
0x01cb803cd757d411.

Error - 9.11.2010 14:35:41 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x0210b5ed, ID procesu 0xa50, čas spuštění aplikace
0x01cb803ce9135171.

Error - 9.11.2010 14:35:48 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x0219b5ed, ID procesu 0x948, čas spuštění aplikace
0x01cb803ceacebd11.

Error - 9.11.2010 14:35:54 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x01a7b5ed, ID procesu 0xbd8, čas spuštění aplikace
0x01cb803cee69be21.

Error - 9.11.2010 14:37:14 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x0206b5ed, ID procesu 0x7a4, čas spuštění aplikace
0x01cb803d1ddd6ad1.

Error - 9.11.2010 14:37:38 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x01a4b5ed, ID procesu 0xb18, čas spuštění aplikace
0x01cb803d2f175c21.

Error - 10.11.2010 6:38:08 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x0221b5ed, ID procesu 0xc54, čas spuštění aplikace
0x01cb80c35cd13474.

Error - 10.11.2010 6:38:15 | Computer Name = Alena-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x0089b5ed, ID procesu 0xa24, čas spuštění aplikace
0x01cb80c35ed0adf4.

[ System Events ]
Error - 4.6.2012 9:26:09 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 4.6.2012 9:26:10 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4.6.2012 9:35:47 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 4.6.2012 9:37:48 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 4.6.2012 9:51:18 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4.6.2012 9:51:18 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4.6.2012 9:51:18 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 4.6.2012 9:51:18 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 4.6.2012 9:51:18 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4.6.2012 9:51:18 | Computer Name = Alena-PC | Source = Service Control Manager | ID = 7003
Description =


< End of report >

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - [2012.05.25 15:12:54 | 000,785,344 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
  SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
  DRV - File not found [Kernel | Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
  DRV - File not found [File_System | Auto | Stopped] -- system32\DRIVERS\eamonm.sys -- (eamonm)
  DRV - File not found [Kernel | System | Stopped] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO)
  DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
  IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\InprocServer32 File not found
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes,DefaultScope = {88391F85-6AE4-4933-9AD1-41075E484253}
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{88391F85-6AE4-4933-9AD1-41075E484253}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  IE - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\SearchScopes\{C78778B0-C2A9-4AA8-9C30-2050EA63B85D}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.defaultthis.engineName: "Search"
  FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
  FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
  FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
  FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.3
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
  FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
  FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
  FF - prefs.js..network.proxy.type: 4
  [2012.03.29 16:39:33 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  [2010.05.31 18:01:09 | 000,000,873 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\conduit.xml
  [2012.05.28 10:33:17 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-1.xml
  [2012.01.07 11:05:24 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-10.xml
  [2012.03.25 12:01:47 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-11.xml
  [2012.04.13 18:27:33 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-12.xml
  [2011.09.04 19:58:43 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-2.xml
  [2011.09.14 13:03:19 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-3.xml
  [2011.09.27 19:23:10 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-4.xml
  [2011.10.15 15:47:43 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-5.xml
  [2011.10.16 18:24:49 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-6.xml
  [2011.11.09 19:25:04 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-7.xml
  [2011.11.30 13:55:16 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-8.xml
  [2011.12.19 20:14:53 | 000,000,950 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-9.xml
  [2012.03.19 20:09:28 | 000,000,168 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.gif
  [2012.03.19 20:09:28 | 000,000,618 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.src
  [2011.08.14 20:18:56 | 000,001,056 | ---- | M] () -- C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.xml
  [2012.05.27 11:33:04 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF
  O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
  O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
  O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
  O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll File not found
  O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
  O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
  O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
  O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
  O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
  O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\WebBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
  O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
  O3 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
  O13 - gopher Prefix: missing
  O15 - HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\..Trusted Domains: csob.cz ([ib24] https in Důvěryhodné servery)
  O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab (Reg Error: Key error.)
  O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
  O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
  O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
  O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
  [2012.06.03 18:38:14 | 000,306,176 | ---- | M] () -- C:\Users\Alena\AppData\Local\bpgoejs.exe
  [2008.02.03 17:11:15 | 000,000,000 | ---D | M] -- C:\Users\Alena\AppData\Roaming\ICQ Toolbar
  [15 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
  [1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
  [7 C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\*.tmp -> ]
  [2012.06.04 15:29:15 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "SetPanel"=-
  "WarReg_PopUp"=-
  "eRecoveryService"=-
  "SunJavaUpdateSched"=-
  ""=-
  "SearchSettings"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre]
  
  :files
  C:\Program Files\YouTube Downloader Toolbar
  C:\Program Files\Common Files\Spigot
  C:\Program Files\Application Updater
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Service gusvc stopped successfully!
Service gusvc deleted successfully!
File C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service int15 stopped successfully!
Service int15 deleted successfully!
File C:\Acer\Empowering Technology\eRecovery\int15.sys not found.
Service eamonm stopped successfully!
Service eamonm deleted successfully!
File system32\DRIVERS\eamonm.sys not found.
Service DritekPortIO stopped successfully!
Service DritekPortIO deleted successfully!
File C:\PROGRA~1\LAUNCH~1\DPortIO.sys not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SEARCH PAGE| /E : value set successfully!
HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully!
HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL| /E : value set successfully!
HKU\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll moved successfully.
HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{88391F85-6AE4-4933-9AD1-41075E484253}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88391F85-6AE4-4933-9AD1-41075E484253}\ not found.
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}\ not found.
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C78778B0-C2A9-4AA8-9C30-2050EA63B85D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C78778B0-C2A9-4AA8-9C30-2050EA63B85D}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.3&q=" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: youtubedownloader@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: "http://search.yahoo.com/search?fr=green ... =937811&p=" removed from keyword.URL
Prefs.js: 4 removed from network.proxy.type
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\conduit.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.src moved successfully.
C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\searchplugins\icqplugin.xml moved successfully.
C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YouTube Downloader Toolbar\IE\5.8\youtubedownloaderToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found.
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found.
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2570096246-3669228605-2866419763-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\csob.cz\ib24\ deleted successfully.
Starting removal of ActiveX control {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
C:\Windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
C:\Users\Alena\AppData\Local\bpgoejs.exe moved successfully.
C:\Users\Alena\AppData\Roaming\ICQ Toolbar folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1536.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D4C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EBD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D93.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AF7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPACB2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAFCE.tmp\System.Web.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAFCE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB0D7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC7A3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC88C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCB2B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD079.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD336.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF077.tmp folder deleted successfully.
C:\Windows\Installer\MSI1888.tmp deleted successfully.
C:\Windows\Installer\MSI2709.tmp deleted successfully.
C:\Windows\Installer\MSI2B9C.tmp deleted successfully.
C:\Windows\Installer\MSI3DB7.tmp deleted successfully.
C:\Windows\System32\REN10B.tmp deleted successfully.
C:\Windows\System32\REN10C.tmp deleted successfully.
C:\Windows\System32\REN83EF.tmp deleted successfully.
C:\Windows\System32\REN83F0.tmp deleted successfully.
C:\Windows\System32\REN83F1.tmp deleted successfully.
C:\Windows\System32\RENA92B.tmp deleted successfully.
C:\Windows\System32\RENA93B.tmp deleted successfully.
C:\Windows\System32\RENA93C.tmp deleted successfully.
C:\Windows\System32\RENFB.tmp deleted successfully.
C:\Windows\System32\catroot\TMP5CFD.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2348.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3F6.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3F70.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtBF1.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEFDA.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF4C9.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtFC86.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SetPanel deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WarReg_PopUp deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre\ deleted successfully.
========== FILES ==========
C:\Program Files\YouTube Downloader Toolbar\Res\Lang folder moved successfully.
C:\Program Files\YouTube Downloader Toolbar\Res folder moved successfully.
C:\Program Files\YouTube Downloader Toolbar\IE\5.8 folder moved successfully.
C:\Program Files\YouTube Downloader Toolbar\IE folder moved successfully.
C:\Program Files\YouTube Downloader Toolbar folder moved successfully.
C:\Program Files\Common Files\Spigot\wtxpcom\components folder moved successfully.
C:\Program Files\Common Files\Spigot\wtxpcom folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot\GC folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Alena
->Temp folder emptied: 26405267 bytes
->Temporary Internet Files folder emptied: 1992935405 bytes
->Java cache emptied: 10521 bytes
->FireFox cache emptied: 365026402 bytes
->Flash cache emptied: 125291 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 152501847 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2 420,00 mb


[EMPTYFLASH]

User: Alena
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.46.0 log created on 06052012_112856

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

prosím, jestli budete mit jeste chvilku, PC se zda byt v poradku, poradte dalsi postup,
dekuji...K

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Poprosim o novy log z RSIT a zhodnoceni stavu PC

Posilam posledni log. PC se zda v poradku. Nenasel jsem antivir. Dle instrukci, jinde na tomto foru, nainstaluji Avast free.
Pokud vidite situaci PC stejne, dekuji Vam za pomoc a vybornou spolupraci a sluzbu. Do teto chvile jsem netusil, ze je neco takoveho, vlastne bezplatne mozne. Odkaz na forum jsem kolegyni preposlal, aby se mohla pripadne poucit ci prispet.
Hezky den preji K.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Alena at 2012-06-05 16:11:12
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 5 GB (14%) free of 33 GB
Total RAM: 1525 MB (39% free)

HijackThis download failed

=========Mozilla firefox=========

ProfilePath - C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\2ekytp8n.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-03-23 59272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-23 4435968]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-11-07 159744]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-04-13 1822720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\Empowering Technology\eAPLauncher.exe 9999 []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="eNetHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-06-05 16:03:07 ----DC---- C:\rsit
2012-06-05 16:03:07 ----DC---- C:\Program Files\trend micro
2012-06-05 15:49:18 ----DC---- C:\Program Files\CCleaner
2012-05-29 18:37:02 ----DC---- C:\Users\Alena\AppData\Roaming\MediaMonkey
2012-05-29 18:36:25 ----DC---- C:\ProgramData\MediaMonkey
2012-05-29 18:36:06 ----DC---- C:\Program Files\MediaMonkey
2012-05-18 19:04:09 ----DC---- C:\ProgramData\Mozilla
2012-05-18 19:04:09 ----DC---- C:\Program Files\Mozilla Maintenance Service
2012-05-09 20:26:27 ----AC---- C:\Windows\system32\drivers\partmgr.sys
2012-05-09 20:26:26 ----AC---- C:\Windows\system32\drivers\tcpipreg.sys
2012-05-09 20:26:26 ----AC---- C:\Windows\system32\drivers\tcpip.sys
2012-05-09 20:26:16 ----AC---- C:\Windows\system32\DWrite.dll
2012-05-09 20:26:16 ----AC---- C:\Windows\system32\d3d10warp.dll
2012-05-09 20:26:16 ----AC---- C:\Windows\system32\d3d10_1core.dll
2012-05-09 20:26:16 ----AC---- C:\Windows\system32\d3d10_1.dll
2012-05-09 20:26:16 ----AC---- C:\Windows\system32\d2d1.dll
2012-05-09 20:25:53 ----AC---- C:\Windows\system32\ntoskrnl.exe
2012-05-09 20:25:53 ----AC---- C:\Windows\system32\ntkrnlpa.exe
2012-05-09 20:25:52 ----AC---- C:\Windows\system32\win32k.sys
2012-05-09 11:52:13 ----DC---- C:\Program Files\Microsoft Silverlight

======List of files/folders modified in the last 1 month======

2012-06-05 16:11:15 ----DC---- C:\Windows\Prefetch
2012-06-05 16:03:07 ----RDC---- C:\Program Files
2012-06-05 15:54:50 ----SHDC---- C:\Windows\Installer
2012-06-05 15:54:13 ----SHD---- C:\System Volume Information
2012-06-05 15:50:29 ----DC---- C:\Users\Alena\AppData\Roaming\Vso
2012-06-05 15:50:29 ----DC---- C:\Users\Alena\AppData\Roaming\Media Player Classic
2012-06-05 15:50:28 ----DC---- C:\Users\Alena\AppData\Roaming\Skype
2012-06-05 15:50:05 ----DC---- C:\Windows\Panther
2012-06-05 15:50:05 ----DC---- C:\Windows\ModemLogs
2012-06-05 15:50:05 ----DC---- C:\Windows\inf
2012-06-05 15:50:04 ----DC---- C:\Windows\Logs
2012-06-05 15:50:04 ----DC---- C:\Windows\Debug
2012-06-05 15:50:04 ----DC---- C:\Windows
2012-06-05 15:47:36 ----DC---- C:\Windows\System32
2012-06-05 15:47:36 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2012-06-05 15:45:01 ----DC---- C:\Windows\Temp
2012-06-05 11:29:43 ----DC---- C:\Windows\system32\drivers\etc
2012-06-05 11:29:39 ----DC---- C:\Program Files\Common Files
2012-06-05 11:29:38 ----SDC---- C:\Windows\Downloaded Program Files
2012-06-05 11:29:38 ----DC---- C:\Windows\Tasks
2012-06-05 11:29:38 ----DC---- C:\Windows\system32\catroot
2012-06-04 15:19:40 ----AC---- C:\Windows\NeroDigital.ini
2012-06-04 14:46:37 ----DC---- C:\Program Files\totalcmd
2012-06-04 13:54:30 ----DC---- C:\Windows\system32\drivers
2012-06-04 11:32:05 ----D---- C:\Windows\rescache
2012-06-03 19:50:34 ----D---- C:\Windows\winsxs
2012-06-03 17:23:26 ----DC---- C:\Users\Alena\AppData\Roaming\vlc
2012-05-29 18:36:25 ----HDC---- C:\ProgramData
2012-05-27 19:44:23 ----DC---- C:\Windows\system32\WDI
2012-05-23 18:22:01 ----DC---- C:\Windows\system32\catroot2
2012-05-18 19:04:01 ----DC---- C:\Program Files\Mozilla Firefox
2012-05-18 11:38:22 ----DC---- C:\ProgramData\YTD YouTube Downloader & Converter
2012-05-15 21:42:48 ----DC---- C:\Windows\system32\wbem
2012-05-15 21:42:13 ----DC---- C:\Windows\system32\config
2012-05-15 21:42:04 ----DC---- C:\Windows\system32\spool
2012-05-15 21:42:04 ----DC---- C:\Windows\registration
2012-05-14 20:19:26 ----DC---- C:\Users\Alena\AppData\Roaming\dvdcss
2012-05-10 11:50:57 ----DC---- C:\Windows\Microsoft.NET
2012-05-10 11:49:57 ----RSDC---- C:\Windows\assembly
2012-05-10 11:14:10 ----AC---- C:\Windows\system32\mrt.exe
2012-05-10 11:00:00 ----AC---- C:\Windows\win.ini
2012-05-10 10:45:53 ----DC---- C:\Windows\system32\XPSViewer
2012-05-09 11:53:07 ----DC---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-03-21 304920]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-30 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-12-05 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-19 737280]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2007-04-11 67584]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2007-04-11 46592]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2007-04-11 63488]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-03-02 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-03-02 208384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-23 1769952]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-06-22 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-03-02 660480]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 IpwP;IPWireless 3G Network Adapter; C:\Windows\system32\DRIVERS\ipw3gnet.sys [2008-10-10 51040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-25 2216448]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-02-13 53248]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-01-30 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-18 129976]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------