VIRY.CZ

Dobrý večer
Potřeboval bych zkontrolovat mé pc je z nějakého důvodu pomalejší než dříve,a zamrzá při přechodu z režimu spánku.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jaroslav - Růžička at 2012-01-15 19:51:56
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 66 GB (43%) free of 153 GB
Total RAM: 1023 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:12, on 15.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jaroslav - Růžička\Plocha\RSIT.exe
C:\Program Files\trend micro\Jaroslav - Růžička.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
O4 - HKLM\..\RunOnce: [NetFxUpdate_v1.1.4322] "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 0 v1.1.4322 GAC + NI NID
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0200855718
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 8943 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
fcmdSrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\extensions\
ffxtlbr@Facemoods.com
{20a82645-c095-46ed-80e3-08825760534b}(2)

C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.xml
inbox-hledn.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll [2010-10-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-07 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-07 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll [2010-10-26 217088]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-09-25 90112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2011-12-03 2415456]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe [2010-10-26 323584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NetFxUpdate_v1.1.4322"=C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-10 106496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-08 619352]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-22 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\Stronghold2.exe"="C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\Diablo II\Game.exe"="C:\Program Files\Diablo II\Game.exe:*:Enabled:Diablo II"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Lionheart\Lionheart.exe"="C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Lionheart\Lionheart.exe:*:Enabled:Lionheart"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvid.dll
"msacm.lhacm"=lhacm.acm
"vidc.DIVX"=DivX.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.LEAD"=LCODCCMP.DLL

======List of files/folders created in the last 1 month======

2012-01-15 19:51:56 ----D---- C:\rsit
2012-01-15 19:51:56 ----D---- C:\Program Files\trend micro
2012-01-15 10:59:04 ----D---- C:\WINDOWS\LastGood
2012-01-15 10:31:28 ----D---- C:\Program Files\Auran
2012-01-14 22:53:17 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Windows Search
2012-01-14 22:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2012-01-14 22:41:21 ----N---- C:\WINDOWS\system32\spmsg2.dll
2012-01-14 22:41:20 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2012-01-14 22:39:17 ----D---- C:\Program Files\Windows Desktop Search
2012-01-14 22:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2012-01-14 22:00:44 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Open Rails
2012-01-14 16:08:41 ----D---- C:\Program Files\facemoods.com
2012-01-14 14:02:07 ----D---- C:\Program Files\Kroll Ontrack
2012-01-13 21:52:15 ----D---- C:\Program Files\JDownloader
2012-01-12 17:56:36 ----D---- C:\WINDOWS\Profiles
2012-01-12 06:13:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-11 13:01:40 ----A---- C:\WINDOWS\system32\javaws.exe
2012-01-11 13:01:40 ----A---- C:\WINDOWS\system32\javaw.exe
2012-01-11 13:01:40 ----A---- C:\WINDOWS\system32\java.exe
2012-01-11 09:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 09:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 09:30:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 09:30:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-11 09:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-10 19:57:46 ----A---- C:\WINDOWS\dxinfo.INI
2012-01-07 19:42:15 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\AVG2012
2012-01-07 19:38:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2012-01-07 19:37:44 ----D---- C:\Program Files\AVG
2012-01-07 09:12:20 ----D---- C:\Program Files\Mozilla Firefox
2011-12-28 08:10:46 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2011-12-27 10:43:23 ----A---- C:\_Sid.txt
2011-12-27 10:39:43 ----D---- C:\Program Files\Common Files\HP
2011-12-27 10:37:43 ----D---- C:\Program Files\Hewlett-Packard
2011-12-27 10:37:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2011-12-27 10:37:34 ----RA---- C:\WINDOWS\system32\MSXML4a.dll
2011-12-27 10:37:34 ----RA---- C:\WINDOWS\system32\hpvcr70.dll
2011-12-27 10:37:34 ----RA---- C:\WINDOWS\system32\hpvcp70.dll
2011-12-27 10:37:34 ----RA---- C:\WINDOWS\system32\hpvaut32.dll
2011-12-27 10:35:45 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2011-12-27 10:33:34 ----RA---- C:\WINDOWS\system32\drivers\HPZipr12.sys
2011-12-27 10:33:33 ----RA---- C:\WINDOWS\system32\drivers\hpzid412.sys
2011-12-27 10:33:00 ----RA---- C:\WINDOWS\system32\drivers\HPZius12.sys
2011-12-27 10:32:21 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2011-12-27 10:32:20 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2011-12-27 10:32:20 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2011-12-27 10:32:20 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2011-12-27 10:32:20 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2011-12-27 10:32:20 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2011-12-27 10:30:37 ----D---- C:\Program Files\HP
2011-12-27 10:28:23 ----N---- C:\WINDOWS\hpomdl04.dat
2011-12-27 10:28:23 ----A---- C:\WINDOWS\hpoins04.dat
2011-12-22 11:51:07 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Opera
2011-12-22 11:50:01 ----D---- C:\Program Files\Opera
2011-12-17 20:09:56 ----A---- C:\WINDOWS\DIIUnin.dat
2011-12-17 20:09:54 ----A---- C:\WINDOWS\DIIUnin.pif
2011-12-17 20:09:53 ----A---- C:\WINDOWS\DIIUnin.exe
2011-12-17 19:44:25 ----D---- C:\Program Files\Diablo II
2011-12-16 21:14:22 ----ASH---- C:\hiberfil.sys
2011-12-16 21:04:55 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-12-16 21:01:54 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2011-12-16 21:01:49 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2011-12-16 21:01:41 ----RA---- C:\WINDOWS\system32\ativvaxx.dat
2011-12-16 21:01:41 ----RA---- C:\WINDOWS\system32\atiicdxx.dat
2011-12-16 21:01:22 ----D---- C:\Program Files\ATI Technologies
2011-12-16 20:13:03 ----SHD---- C:\Config.Msi
2011-12-16 15:59:22 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\YoWindow

======List of files/folders modified in the last 1 month======

2012-01-15 19:52:04 ----D---- C:\WINDOWS\Prefetch
2012-01-15 19:51:56 ----RD---- C:\Program Files
2012-01-15 19:43:00 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-01-15 19:43:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2012-01-15 18:59:04 ----D---- C:\WINDOWS\TEMP
2012-01-15 13:52:47 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\ICQ
2012-01-15 11:30:37 ----D---- C:\WINDOWS
2012-01-15 11:29:19 ----HD---- C:\WINDOWS\inf
2012-01-15 11:21:04 ----SD---- C:\WINDOWS\Tasks
2012-01-15 11:00:11 ----SHD---- C:\WINDOWS\Installer
2012-01-15 10:59:14 ----D---- C:\WINDOWS\system32
2012-01-15 10:37:01 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-15 09:08:17 ----D---- C:\WINDOWS\system32\config
2012-01-15 08:59:44 ----D---- C:\WINDOWS\system32\cs-cz
2012-01-15 08:58:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-15 08:56:57 ----D---- C:\WINDOWS\system32\wbem
2012-01-14 23:14:42 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-14 23:00:33 ----D---- C:\WINDOWS\system32\CatRoot
2012-01-14 23:00:08 ----RSD---- C:\WINDOWS\assembly
2012-01-14 22:59:39 ----D---- C:\WINDOWS\system32\XPSViewer
2012-01-14 22:39:40 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-01-14 22:39:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-14 22:38:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-14 14:13:37 ----D---- C:\Program Files\Canon
2012-01-14 14:11:10 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-13 16:00:57 ----D---- C:\Program Files\Microsoft Games
2012-01-12 17:57:30 ----RSD---- C:\WINDOWS\Fonts
2012-01-12 17:56:35 ----D---- C:\Program Files\Common Files\Adobe
2012-01-12 15:26:38 ----A---- C:\WINDOWS\NeroDigital.ini
2012-01-12 06:13:12 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-12 06:12:16 ----D---- C:\WINDOWS\Debug
2012-01-11 13:01:16 ----D---- C:\Program Files\Java
2012-01-11 10:26:40 ----D---- C:\WINDOWS\system32\DirectX
2012-01-11 09:30:26 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-10 16:00:35 ----D---- C:\Program Files\The KMPlayer
2012-01-08 12:45:13 ----SH---- C:\boot.ini
2012-01-08 12:45:13 ----A---- C:\WINDOWS\win.ini
2012-01-08 12:45:13 ----A---- C:\WINDOWS\system.ini
2012-01-08 12:19:32 ----SD---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Microsoft
2012-01-07 19:39:01 ----D---- C:\WINDOWS\system32\drivers
2012-01-07 18:12:10 ----D---- C:\WINDOWS\pss
2012-01-07 17:33:38 ----D---- C:\Program Files\Codemasters
2012-01-07 15:48:34 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Hamachi
2012-01-07 13:44:19 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Skype
2012-01-06 14:39:02 ----D---- C:\WINDOWS\system32\LogFiles
2012-01-05 19:37:51 ----D---- C:\Program Files\Gothic II
2012-01-01 10:21:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-12-30 11:08:02 ----D---- C:\Program Files\EA GAMES
2011-12-30 09:40:46 ----D---- C:\WINDOWS\WinSxS
2011-12-27 10:39:43 ----D---- C:\Program Files\Common Files
2011-12-27 10:32:52 ----D---- C:\WINDOWS\twain_32
2011-12-17 19:56:51 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2011-12-16 21:14:59 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\ATI
2011-12-16 21:02:08 ----RD---- C:\WINDOWS\Web
2011-12-16 20:52:08 ----D---- C:\Program Files\Ahead
2011-12-16 20:40:23 ----AC---- C:\WINDOWS\Wininit.ini
2011-12-16 20:34:56 ----D---- C:\WINDOWS\Registration
2011-12-16 20:29:54 ----D---- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2003-10-28 20016]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-19 664064]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-22 2829824]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2010-11-19 223128]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768]
S1 MpKsl070bb8b1;MpKsl070bb8b1; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C7445AB1-6597-40FD-9716-476111923052}\MpKsl070bb8b1.sys []
S1 MpKsl31d10f63;MpKsl31d10f63; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9970F881-F73F-47EE-98ED-6C33C937016D}\MpKsl31d10f63.sys []
S1 MpKsl69880052;MpKsl69880052; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{06E728BF-D619-40F0-8451-D75B484C837F}\MpKsl69880052.sys []
S1 MpKsl79f2bbef;MpKsl79f2bbef; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8AA294BD-598C-4407-9374-C5F4BB51F3C0}\MpKsl79f2bbef.sys []
S1 MpKsl8fad96f8;MpKsl8fad96f8; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F621BCD7-FADE-4F7A-A324-4AA3896A80E2}\MpKsl8fad96f8.sys []
S1 MpKsl91f0b8fb;MpKsl91f0b8fb; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{44CEA3D9-3B55-4784-BA78-115F5AEB844A}\MpKsl91f0b8fb.sys []
S1 MpKsla98f82e1;MpKsla98f82e1; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{CAA5E146-09E6-4E6B-AFDE-8358EB0459E0}\MpKsla98f82e1.sys []
S1 MpKslcddfc850;MpKslcddfc850; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{04399801-F678-4EF4-9B79-52FB6D5B7C59}\MpKslcddfc850.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-09-14 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-04-26 26624]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-08 494424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-22 430080]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-11-22 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim a pekny den preji

Odinstalujte Advanced SystemCare 5 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Trvate na antiviru od avg? u nas neni moc obliben - vysoka zatez systemu, slabsi schopnost detekce haveti

Děkuji za odpověď
Odinstaluji a smažu -tak jak jste my poradil.
Zeptal bych se ještě prosím na jednu věc. Antivir si vezmu tedy od avastu,nainstaluji cc kleaner ,a teď ten dotaz. zdá se my že se ihned po startu počítače spouští příliš mnoho programů, které nejsem schopen rozpoznat-k čemu patří a proč se pouští.Který program nebo jak se lze v tomto chaosu vyznat?A co vy na avast?

Avg dejte do pryc a pak pouzijte jeste remover http://download.avg.com/filedir/util/su ... 1_1184.exe

Avast Free http://www.avast.com/cs-cz/free-antivirus-download mohu jen doporucit

CCleaner zatim instalovat nemusite, uklizet budem az po ukonceni leceni a cisteni

Zbytecnostni po startu je tam opravdu hodne, ale to poresime pomoci OTL ktere bude nasledovat

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

extras
OTL Extras logfile created on: 16.1.2012 12:33:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Jaroslav - Růžička\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 757,00 Mb Available Physical Memory | 73,96% Memory free
2,40 Gb Paging File | 2,10 Gb Available in Paging File | 87,39% Paging File free
Paging file location(s): C:\pagefile.sys 0 0F:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 63,45 Gb Free Space | 42,57% Space Free | Partition Type: NTFS

Computer Name: KRYTON | User Name: Jaroslav - Růžička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"56565:TCP" = 56565:TCP:*:Enabled:Pando Media Booster
"56565:UDP" = 56565:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5985:TCP" = 5985:TCP:*:Enabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Enabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
"56565:TCP" = 56565:TCP:*:Enabled:Pando Media Booster
"56565:UDP" = 56565:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe
"C:\Program Files\ICQ7.6\ICQ.exe" = C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\Stronghold2.exe" = C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\Stronghold2.exe:*:Enabled:Stronghold 2 -- (Firefly Studios)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe
"C:\Program Files\ICQ7.6\ICQ.exe" = C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6 -- (ICQ, LLC.)
"C:\Program Files\Diablo II\Game.exe" = C:\Program Files\Diablo II\Game.exe:*:Enabled:Diablo II -- (Blizzard North)
"C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Lionheart\Lionheart.exe" = C:\Documents and Settings\Jaroslav - Růžička\Plocha\hry\Lionheart\Lionheart.exe:*:Enabled:Lionheart -- (Reflexive Entertainment, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Jaroslav - Růžička\Plocha\ETM_0.1.1_-_Win7\ETM 0.1.1.exe" = C:\Documents and Settings\Jaroslav - Růžička\Plocha\ETM_0.1.1_-_Win7\ETM 0.1.1.exe:*:Enabled:ETM 0.1.1

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = The Sims 2 Univerzita
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216027F0}" = Java(TM) 6 Update 27
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2F143483-68D6-4234-9346-724056818193}" = ATI Catalyst Control Center
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3713C93E-16C1-4311-81BC-337E9E7C9D76}_is1" = Gothic II
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}" = MSTS Patch 1.7.0519
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Pro Teenagery Kolekce
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5ED9E38C-9A96-49D8-89B3-92E278003FCF}" = TRS2006
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Pro rodinnou zábavu - Kolekce
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Móda Kolekce
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Pro luxusní život - Kolekce
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Život v bytě
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Pojďme slavit! Kolekce
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Šťastnou cestu
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Noční život
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"C-Media Audio Driver" = C-Media WDM Audio Driver
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"čeština do hry Vampire the Masquerade: Bloodlines_is1" = verze 1.01
"Diablo II" = Diablo II
"DivXCodec" = DivX 4.12 Codec
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"Freelancer 1.0" = Freelancer
"Hamachi" = Hamachi 1.0.3.0
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}" = Vampire - The Masquerade Bloodlines
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"Scorpions WinCheater 2.07 (s databází 118)_is1" = Scorpions WinCheater
"The KMPlayer" = The KMPlayer (remove only)
"Train Simulator 1.0" = Microsoft Train Simulator
"Traktor 2_is1" = Traktor 2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD" = XviD MPEG-4 Codec
"XviD_is1" = XviD 1.1 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14.1.2012 17:19:06 | Computer Name = KRYTON | Source = MsiInstaller | ID = 1023
Description = Aktualizaci WPF_WPF2_CSY produktu Microsoft .NET Framework 3.0 Service
Pack 2 Language Pack - CSY nebylo možné nainstalovat. Kód chyby: 1603. Další informace
naleznete v souboru protokolu C:\DOCUME~1\JAROSL~1\LOCALS~1\Temp\dd_NET_Framework_30LP_Agile_Setup2A94.txt.

Error - 14.1.2012 17:19:06 | Computer Name = KRYTON | Source = MsiInstaller | ID = 1023
Description = Aktualizaci NETFX30_CA_CSY produktu Microsoft .NET Framework 3.0 Service
Pack 2 Language Pack - CSY nebylo možné nainstalovat. Kód chyby: 1603. Další informace
naleznete v souboru protokolu C:\DOCUME~1\JAROSL~1\LOCALS~1\Temp\dd_NET_Framework_30LP_Agile_Setup2A94.txt.

Error - 14.1.2012 17:39:53 | Computer Name = KRYTON | Source = Windows Search Service | ID = 3026
Description =

Error - 14.1.2012 17:39:53 | Computer Name = KRYTON | Source = Windows Search Service | ID = 3026
Description =

Error - 14.1.2012 17:39:53 | Computer Name = KRYTON | Source = Windows Search Service | ID = 3026
Description =

Error - 14.1.2012 17:39:53 | Computer Name = KRYTON | Source = Windows Search Service | ID = 3026
Description =

Error - 14.1.2012 17:39:53 | Computer Name = KRYTON | Source = Windows Search Service | ID = 3026
Description =

Error - 14.1.2012 17:40:30 | Computer Name = KRYTON | Source = Windows Search Service | ID = 3024
Description =

Error - 15.1.2012 13:09:27 | Computer Name = KRYTON | Source = Application Error | ID = 1000
Description = Chybující aplikace train.exe, verze 1.16.5.912, chybující modul train.exe,
verze 1.16.5.912, adresa chyby 0x0031bf00.

Error - 16.1.2012 6:36:21 | Computer Name = KRYTON | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

[ System Events ]
Error - 10.1.2012 8:17:21 | Computer Name = KRYTON | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.1.2012 8:17:21 | Computer Name = KRYTON | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 11.1.2012 2:22:32 | Computer Name = KRYTON | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0019666B0C44
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 12.1.2012 0:54:56 | Computer Name = KRYTON | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0019666B0C44
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 13.1.2012 2:31:41 | Computer Name = KRYTON | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0019666B0C44
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 14.1.2012 4:04:34 | Computer Name = KRYTON | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.2 pro síťovou kartu s adresou 0019666B0C44
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 14.1.2012 17:20:29 | Computer Name = KRYTON | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Sada Microsoft .NET Framework 3.5 Service Pack 1 (KB951847)
x86 Language Pack.

Error - 15.1.2012 3:56:25 | Computer Name = KRYTON | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 16.1.2012 4:39:16 | Computer Name = KRYTON | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 0019666B0C44
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 16.1.2012 6:13:55 | Computer Name = KRYTON | Source = Service Control Manager | ID = 7034
Description = Služba Advanced SystemCare Service 5 byla neočekávaně ukončena. Tento
stav nastal již 1krát.

< End of report >

otl
OTL logfile created on: 16.1.2012 12:33:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Jaroslav - Růžička\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 757,00 Mb Available Physical Memory | 73,96% Memory free
2,40 Gb Paging File | 2,10 Gb Available in Paging File | 87,39% Paging File free
Paging file location(s): C:\pagefile.sys 0 0F:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 63,45 Gb Free Space | 42,57% Space Free | Partition Type: NTFS

Computer Name: KRYTON | User Name: Jaroslav - Růžička | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.16 12:29:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jaroslav - Růžička\Plocha\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.09.25 09:12:20 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005.11.08 23:00:38 | 000,128,920 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe

========== Modules (No Company Name) ==========

MOD - [2012.01.16 10:05:04 | 001,678,336 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12011600\algo.dll
MOD - [2011.12.30 09:40:35 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a49cc754\mscorlib.dll
MOD - [2011.12.30 09:40:25 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6cca8676\system.drawing.dll
MOD - [2011.12.30 09:39:59 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_06d22826\system.xml.dll
MOD - [2011.12.30 09:39:45 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_41653684\system.windows.forms.dll
MOD - [2011.12.30 09:36:53 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_8498108e\system.dll
MOD - [2011.12.30 09:36:32 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2011.12.30 09:36:31 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2011.12.30 09:36:29 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011.12.27 10:41:02 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2011.12.27 10:41:02 | 000,006,144 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2011.12.27 10:40:56 | 000,614,400 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
MOD - [2011.12.27 10:40:56 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqietpz.resources.dll
MOD - [2011.12.27 10:40:21 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2011.12.27 10:40:21 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2011.12.27 10:39:47 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.66__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2011.12.27 10:39:47 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.66__9cf889f53ea9b907\lead.drawing.dll
MOD - [2011.12.27 10:39:47 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.66__9cf889f53ea9b907\lead.dll
MOD - [2011.12.27 10:39:47 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.66__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2011.12.27 10:39:46 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2011.12.27 10:39:45 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2011.12.27 10:39:45 | 000,241,664 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2011.12.27 10:39:45 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2011.12.27 10:39:45 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2011.12.27 10:39:45 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2011.12.27 10:39:44 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
MOD - [2011.12.27 10:39:44 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2011.12.27 10:39:44 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2011.12.27 10:39:44 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2011.12.27 10:38:21 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
MOD - [2011.12.27 10:38:21 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2011.12.27 10:38:21 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
MOD - [2011.12.27 10:38:21 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2011.12.27 10:38:21 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
MOD - [2011.12.27 10:38:20 | 000,557,056 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
MOD - [2011.11.28 15:00:24 | 001,619,456 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11112801\algo.dll
MOD - [2011.11.28 12:19:40 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11112801\aswRep.dll
MOD - [2010.11.19 09:53:20 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2010.11.19 09:53:19 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2010.11.19 09:53:19 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2010.11.19 09:53:18 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2010.11.19 09:52:03 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.19 09:52:03 | 000,180,224 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_cs_b77a5c561934e089\system.windows.forms.resources.dll
MOD - [2010.11.19 09:51:07 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2005.07.27 10:17:00 | 000,007,168 | ---- | M] () -- C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll
MOD - [2004.01.28 05:16:18 | 000,307,200 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2004.01.22 09:36:28 | 000,120,832 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2004.03.18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.09.14 13:27:00 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2011.04.26 10:21:06 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2010.11.19 11:34:02 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2010.11.19 11:32:49 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2006.11.22 04:25:08 | 002,829,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.08.03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
IE - HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
IE - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-861567501-1659004503-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - prefs.js..network.proxy.type: 0

FF - user.js..browser.search.defaultenginename: "Facemoods Search"
FF - user.js..browser.search.selectedEngine: ""
FF - user.js..browser.search.useDBForOrder: true
FF - user.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - user.js..extensions.enabledItems: jqs@sun.com:1.0
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - user.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.01.16 11:31:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.07 09:12:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010.11.19 10:16:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Extensions
[2012.01.16 11:02:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\extensions
[2010.11.21 10:34:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2009.11.18 18:37:08 | 000,002,254 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\askcom.xml
[2012.01.14 14:37:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin-1.xml
[2011.05.08 08:06:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin-2.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin.xml
[2010.12.29 19:46:54 | 000,002,307 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\inbox-hledn.xml
[2012.01.11 13:01:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.01.11 13:01:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2012.01.16 11:31:50 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010.11.25 13:44:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.01.12 10:48:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.12.21 08:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.14 16:08:46 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.12.21 07:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 07:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 07:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 07:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 07:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.03.02 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0200855718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B49B4C93-2FAF-48DD-8B9B-E77CE70E9D71}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jaroslav - Růžička\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jaroslav - Růžička\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.19 09:34:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.16 12:29:38 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jaroslav - Růžička\Plocha\OTL.exe
[2012.01.16 11:57:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jaroslav - Růžička\Recent
[2012.01.16 11:32:08 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.01.16 11:32:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2012.01.16 11:32:07 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.01.16 11:32:06 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.01.16 11:32:06 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.01.16 11:32:05 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.01.16 11:32:05 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.01.16 11:32:05 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.01.16 11:32:05 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.01.16 11:31:46 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.01.16 11:31:46 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.01.16 11:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.01.16 11:11:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Temp
[2012.01.16 11:10:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2012.01.16 11:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2012.01.16 11:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.16 11:06:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2012.01.16 11:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.01.16 11:06:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav - Růžička\Local Settings\Data aplikací\Google
[2012.01.15 19:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.15 11:19:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2012.01.15 10:31:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Auran
[2012.01.15 10:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\Auran
[2012.01.14 22:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Windows Search
[2012.01.14 22:41:21 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2012.01.14 22:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2012.01.14 22:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Open Rails
[2012.01.14 14:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Kroll Ontrack
[2012.01.13 21:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2012.01.12 17:56:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2012.01.12 17:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav - Růžička\WINDOWS
[2012.01.11 13:01:40 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.01.11 13:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.01.11 13:01:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.01.10 13:09:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav - Růžička\Local Settings\Data aplikací\Electronic Arts
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.01.16 12:36:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.16 12:29:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jaroslav - Růžička\Plocha\OTL.exe
[2012.01.16 11:45:22 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.01.16 11:35:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.16 11:35:28 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.16 11:08:21 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.01.16 09:39:15 | 000,013,726 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.15 08:56:52 | 000,444,548 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.15 08:56:52 | 000,441,332 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.01.15 08:56:52 | 000,084,082 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.01.15 08:56:52 | 000,072,424 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.01.12 18:10:10 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.01.12 15:26:38 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.01.10 19:57:46 | 000,000,000 | ---- | M] () -- C:\WINDOWS\dxinfo.INI
[2012.01.10 14:53:33 | 000,176,640 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.16 12:36:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.16 11:08:21 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.01.10 19:57:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\dxinfo.INI
[2011.12.27 10:28:23 | 000,104,283 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2011.12.27 10:28:23 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2011.12.17 20:09:56 | 000,034,502 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2011.12.16 21:01:54 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.12.16 21:01:41 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2011.12.16 21:01:41 | 000,138,101 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.12.16 17:23:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.11.27 16:58:03 | 000,020,312 | ---- | C] () -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2011.09.01 07:13:51 | 000,229,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2011.06.10 11:54:20 | 000,019,549 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2011.02.28 18:33:21 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.01.27 08:44:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2011.01.12 19:33:51 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011.01.12 19:33:51 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011.01.12 19:33:51 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011.01.12 16:49:37 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.01.12 08:29:03 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2011.01.12 08:29:03 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2011.01.12 08:29:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2011.01.04 13:07:57 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010.12.29 15:10:20 | 000,000,292 | ---- | C] () -- C:\WINDOWS\vtmb.ini
[2010.12.17 11:46:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe
[2010.12.17 11:45:45 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010.12.04 18:48:18 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2010.11.22 08:24:37 | 000,176,640 | ---- | C] () -- C:\Documents and Settings\Jaroslav - Růžička\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.19 20:13:59 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.19 18:08:10 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010.11.19 14:57:34 | 000,054,767 | ---- | C] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\mdbu.bin
[2010.11.19 13:12:29 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.11.19 11:39:26 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.11.19 11:34:02 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2010.11.19 11:32:49 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd4093.sys
[2010.11.19 11:22:09 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2010.11.19 11:22:08 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010.11.19 11:22:08 | 000,000,010 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010.11.19 11:22:07 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2010.11.19 11:22:07 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2010.11.19 11:22:06 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2010.11.19 11:22:06 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2010.11.19 11:22:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2010.11.19 11:04:32 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.11.19 10:24:49 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.19 10:23:39 | 000,290,088 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.19 10:16:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.19 09:52:14 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Jaroslav - Růžička\Local Settings\Data aplikací\fusioncache.dat
[2010.11.19 09:36:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.19 09:31:25 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.03.02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 13:00:00 | 000,444,548 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 13:00:00 | 000,441,332 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 13:00:00 | 000,084,082 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 13:00:00 | 000,072,424 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 11:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1997.06.13 23:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2012.01.16 11:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.09.02 07:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2012.01.16 11:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.01.18 15:23:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.01.18 15:48:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2011.01.18 16:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2011.01.18 16:17:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2011.01.18 16:41:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX
[2011.01.18 15:48:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2011.01.18 15:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2011.01.18 15:48:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2012.01.01 10:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2011.01.18 16:49:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2011.01.18 15:48:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2011.01.18 15:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2011.08.29 14:06:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.03.27 09:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Firefly Studios
[2011.02.28 14:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Formix
[2011.05.08 06:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.11.27 16:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2012.01.16 11:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.03.01 16:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2011.11.03 19:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.11.26 17:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Canneverbe_Limited
[2011.01.22 08:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Canon
[2011.08.21 07:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\facemoods.com
[2011.07.15 18:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\FS2009 Fruit-importer
[2012.01.15 13:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\ICQ
[2011.12.16 20:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit
[2011.01.19 16:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Jpeg Resampler
[2012.01.14 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Open Rails
[2011.01.09 17:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\OpenOffice.org
[2012.01.07 09:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Opera
[2011.06.19 10:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Unity
[2011.01.12 08:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\ViStart
[2012.01.14 22:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Windows Search
[2012.01.15 08:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\YoWindow

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.11.19 10:22:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.11.19 10:22:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.11.19 10:22:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.11.19 10:22:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.11.19 10:22:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.11.19 10:22:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[26 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\1f6ea043c039594efcc873b793d081c9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\1f6ea043c039594efcc873b793d081c9\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\TEMP\*.tmp files -> C:\WINDOWS\TEMP\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.19 13:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Adobe
[2011.08.10 06:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Ahead
[2010.12.04 18:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Apple Computer
[2011.12.16 21:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\ATI
[2010.11.26 17:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Canneverbe_Limited
[2011.01.22 08:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Canon
[2010.11.19 20:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\CyberLink
[2011.08.21 07:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\facemoods.com
[2011.01.19 16:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\FastStone
[2011.07.15 18:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\FS2009 Fruit-importer
[2012.01.07 15:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Hamachi
[2012.01.15 13:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\ICQ
[2010.11.19 09:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Identities
[2011.12.16 20:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit
[2011.01.19 16:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Jpeg Resampler
[2010.11.19 11:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Macromedia
[2012.01.08 12:19:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Microsoft
[2010.11.19 11:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Motive
[2010.11.19 10:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla
[2010.11.20 11:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Nero
[2012.01.14 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Open Rails
[2011.01.09 17:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\OpenOffice.org
[2011.01.09 17:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\OpenOffice.org2
[2012.01.07 09:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Opera
[2011.07.26 16:04:47 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\SecuROM
[2012.01.07 13:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Skype
[2011.08.06 19:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\skypePM
[2010.11.23 07:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Sun
[2010.11.30 20:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\teamspeak2
[2011.06.19 10:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Unity
[2011.01.12 08:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\ViStart
[2012.01.14 22:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Windows Search
[2012.01.15 08:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\YoWindow

< %APPDATA%\*.exe /s >
[2011.12.27 10:37:03 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe
[2011.12.16 21:04:57 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.19 11:34:02 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys
[2010.11.19 11:32:49 | 000,664,064 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[2010.11.19 11:32:49 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd4093.sys

< %systemroot%\System32\config\*.sav >
[2010.11.19 10:23:03 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.11.19 10:23:03 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.11.19 10:23:02 | 000,442,368 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.01.16 11:45:22 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.01.15 08:56:52 | 000,084,082 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.01.15 08:56:52 | 000,072,424 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.01.15 08:56:52 | 000,441,332 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.01.15 08:56:52 | 000,444,548 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.01.14 22:39:30 | 001,080,706 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.01.16 09:39:15 | 000,013,726 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.16 12:36:24 | 000,000,512 | ---- | M] () MD5=F084130EBA51BD63F3B7A46D85D825FD -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2007.05.26 09:16:59 | 003,074,346 | ---- | M] () -- \Documents and Settings\Jaroslav - Růžička\Plocha\hry\DOTA\plus_crack.zip
[2005.03.15 14:15:38 | 000,174,928 | ---- | M] () -- \Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\meshes\Buildings\castle_wall_crack.DDS
[2005.03.18 20:32:18 | 000,524,416 | ---- | M] () -- \Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\meshes\Buildings\castle_wall_crack.heightmap.DDS
[2005.06.13 12:47:10 | 000,699,180 | ---- | M] () -- \Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\meshes\Buildings\castle_wall_crack.normalmap.DDS
[2005.03.07 15:28:46 | 000,043,832 | ---- | M] () -- \Documents and Settings\Jaroslav - Růžička\Plocha\hry\Stronghold 2 DeLuxe\terrain\cracked_peat.dds
[2008.05.05 03:44:44 | 000,164,172 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Tools\default-12-maptxt\la_crackhouse_1 - default.txt
[2004.10.14 12:08:52 | 000,000,614 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Tools\default-12-python\crackhouse\crackhouse.py
[2007.02.13 22:30:30 | 003,298,219 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Vampire\maps\la_crackhouse_1.bsp
[2007.02.13 22:30:42 | 000,056,516 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Vampire\maps\graphs\la_crackhouse_1.ain
[2011.01.02 11:31:15 | 000,000,010 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Vampire\maps\graphs\la_crackhouse_1.loc
[2006.11.16 18:27:18 | 000,000,733 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Vampire\python\crackhouse\crackhouse.py
[2011.01.02 11:31:11 | 000,001,443 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Vampire\python\crackhouse\crackhouse.pyc
[2007.05.01 23:25:02 | 000,003,872 | ---- | M] () -- \Program Files\Activision\Vampire - Bloodlines\Vampire\vdata\system\npctemplate_crackhouse.txt
[2001.03.31 14:04:18 | 000,296,564 | ---- | M] () -- \Program Files\Diablo II\crack d2.exe

< *keygen* /s >

< *loader* /s >
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2009.05.22 16:52:00 | 000,019,456 | ---- | M] () -- \Program Files\Euro Truck Simulator\lib\loaders.dll
[2011.09.10 08:50:31 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.09.10 08:50:32 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.09.10 08:50:31 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.6\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.09.15 19:18:22 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.6\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.09.10 08:51:06 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.6\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.01.13 21:54:44 | 000,000,105 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2001.05.08 02:43:30 | 000,010,617 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader.s
[2001.05.08 02:43:30 | 000,001,286 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader.sd
[2001.05.08 02:43:32 | 000,016,734 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Shapes\US2Loader1.s
[2001.05.08 02:45:08 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\US2Loader.ace
[2001.05.08 02:45:08 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\US2Loader1.ace
[2001.05.08 02:46:12 | 000,175,082 | ---- | M] () -- \Program Files\Microsoft Games\Train Simulator\ROUTES\USA2\Textures\Snow\US2Loader.ace
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.12.23 14:37:10 | 000,071,008 | ---- | M] () -- \TopCD\Traktor 2\PhysXLoader.dll
[2010.12.23 14:28:40 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_baleLoader.dds
[2010.12.23 14:28:40 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_deutzFrontloaderBalefork.dds
[2010.12.23 14:28:40 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_deutzFrontloaderPalletfork.dds
[2010.12.23 14:28:42 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_deutzFrontloaderShovel.dds
[2010.12.23 14:26:38 | 006,936,663 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.i3d
[2010.12.23 14:26:36 | 000,007,803 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.xml
[2010.12.23 14:26:38 | 000,696,448 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_diffuse.dds
[2010.12.23 14:26:36 | 000,174,904 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_normal.dds
[2010.12.23 14:26:36 | 000,174,904 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_specular.dds
[2010.12.23 14:26:38 | 000,115,296 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.i3d
[2010.12.23 14:26:36 | 000,000,515 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.xml
[2010.12.23 14:26:38 | 000,136,285 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.i3d
[2010.12.23 14:26:36 | 000,000,517 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.xml
[2010.12.23 14:26:38 | 000,105,628 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderShovel.i3d
[2010.12.23 14:26:38 | 000,000,710 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderShovel.xml
[2010.12.23 14:28:16 | 000,615,989 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoader.i3d
[2010.12.23 14:28:16 | 000,008,640 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoader.xml
[2010.12.23 14:28:16 | 000,174,904 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoaderWheel_diffuse.dds
[2010.12.23 14:28:16 | 000,699,192 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoader_diffuse.dds
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[3 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... pl=11&qkw=%s&tbid=%tb_id&%language
IE - HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
IE - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\URLSearchHook: - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.search.defaultenginename: "Facemoods Search"
FF - user.js..browser.search.selectedEngine: ""
FF - user.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - user.js..network.proxy.type: 0
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
[2009.11.18 18:37:08 | 000,002,254 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\askcom.xml
[2012.01.14 14:37:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin-1.xml
[2011.05.08 08:06:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin-2.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin.xml
[2010.12.29 19:46:54 | 000,002,307 | ---- | M] () -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\inbox-hledn.xml
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1659004503-682003330-1004\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
[2011.09.02 07:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2012.01.16 11:10:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.11.27 16:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2011.08.21 07:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\facemoods.com
[2011.12.16 20:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[26 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\1f6ea043c039594efcc873b793d081c9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\1f6ea043c039594efcc873b793d081c9\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\TEMP\*.tmp files -> C:\WINDOWS\TEMP\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"KernelFaultCheck"=-
"Cmaudio"=-
"SunJavaUpdateSched"=-
"facemoods"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NetFxUpdate_v1.1.4322"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=-
"Advanced SystemCare 5"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

:files
C:\Program Files\facemoods.com
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\AVG2012
C:\Program Files\AVG
C:\Documents and Settings\All Users\Data aplikací\AVG2012
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zase děkuji-pořád se opakuji.
Podle návodu jsem vložil,opravil a přikládám výsledek.

All processes killed
========== OTL ==========
Service HidServ stopped successfully!
Service HidServ deleted successfully!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-861567501-1659004503-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-861567501-1659004503-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "Facemoods Search" removed from browser.search.defaultenginename
Prefs.js: "" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.1.9&q=" removed from keyword.URL
Prefs.js: 0 removed from network.proxy.type
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\FireFox\Profiles\c9814q6i.default\user.js moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\Mozilla\Firefox\Profiles\c9814q6i.default\searchplugins\inbox-hledn.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-861567501-1659004503-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-861567501-1659004503-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}\ not found.
Registry value HKEY_USERS\S-1-5-21-861567501-1659004503-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-861567501-1659004503-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
C:\Documents and Settings\All Users\Data aplikací\AVG10\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG10 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG2012\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG2012 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster 3\BackLnk folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster 3 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster\Essentials folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster\BackLnk folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\facemoods.com\facemoods folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\facemoods.com folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Smart Defrag 2 folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\IObit Uninstaller folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\IObit Malware Fighter folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5\Smart RAM folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5\DiskCheck folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5\Disk Cleaner folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Toolbox folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Startup Manager folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Smart RAM folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\PMonitor folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Log folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Driver Manager\DriverBackup folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Driver Manager folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\DiskCheck folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Disk Cleaner folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4\Backup folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\IObit folder moved successfully.
C:\WINDOWS\002571_.tmp deleted successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP124.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP198.tmp\System.Data.Services.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP198.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP260.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP261.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP284.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP287.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP303.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP347.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP350.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP381.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP393.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP400.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP446.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP52B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP54.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP541.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI11.tmp deleted successfully.
C:\WINDOWS\Installer\MSI14.tmp deleted successfully.
C:\WINDOWS\Installer\MSI15.tmp deleted successfully.
C:\WINDOWS\Installer\MSI16.tmp deleted successfully.
C:\WINDOWS\Installer\MSI17.tmp deleted successfully.
C:\WINDOWS\Installer\MSI18.tmp deleted successfully.
C:\WINDOWS\Installer\MSI19.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI44.tmp deleted successfully.
C:\WINDOWS\Installer\MSI79.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt7A.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltF.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\1f6ea043c039594efcc873b793d081c9\BIT361.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\SET38.tmp deleted successfully.
C:\WINDOWS\system32\SET3D.tmp deleted successfully.
C:\WINDOWS\twain_32\hpqgends.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\facemoods not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NetFxUpdate_v1.1.4322 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 5 not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
File\Folder C:\Program Files\facemoods.com not found.
File\Folder C:\Documents and Settings\Jaroslav - Růžička\Data aplikací\AVG2012 not found.
File\Folder C:\Program Files\AVG not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\AVG2012 not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jaroslav - Růžička
->Temp folder emptied: 22636093 bytes
->Temporary Internet Files folder emptied: 4022467 bytes
->Java cache emptied: 1713226 bytes
->FireFox cache emptied: 118283692 bytes
->Flash cache emptied: 487 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 2727392 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16514 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 16521658 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 253589 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 159,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Jaroslav - Růžička
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 01162012_192548

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Neni zac, OTL udelalo co melo, jak se chova PC

Takže snad zase na dlouho vám děkuji za pomoc. Pc je rychlejší a celkově se mu jistě ulevilo.
Poslední věc na kterou bych se chtěl optat je, My jsme tady spolu vytvářely nějaké skeny a tak podobně. Jde my o to -co všechno se skrývá v těch logech-co jsme spolu vytvořily?? Mám tady bankovnictví a hesla k ůčtům na netu.Je to tam všechno vidět?Je tak snadné mě ty data -nechci to říct.ale ukrást-získat bez mého vědomí? Stáhnout my je z počítače přes nějaký program?

Skeny co jsme delali neodhaluji zadna soukroma data, nedejboze hesla, budte v klidu...

Jeste pouklizime po mazadlech a skenerech

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Hotovo.
Prosím ještě no o názor profesionála. Antivir zadarmo není antivir, že? Poradíte my nějaký fireval-co by my alespoň zdánlivě zabezpečil při bankovních pracech? Obávám se že windows toho pro mě moc neudělá.
Díky.

jaroslav.24 píše:Antivir zadarmo není antivir, že?

Tohle je hloupost. Avast Free hrave strci do kapsy i nektere placene antiviry.

Z FW mohu doporucit ZoneAlarm ci Comodo.

Nami doporucene zabezpeceni PC mate zde http://www.viry.cz/forum/viewtopic.php?f=29&t=6152

VIRY.CZ

Prosím o kontrolu pc

Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc

Re: Prosím o kontrolu pc