Zřejmě vir z facebooku :(

[Lucinella87]

Dobrý den,

už vážně nemohu dál, proto mi kamarád doporučil vás Sama jsem naprostý laik, co se týče počítačů, proto se obracím na vás

Asi jako každý má účet na facebooku, jednou jsem zřejmě klikla na nějaký odkaz a od té doby to je šílenost. Probíhá to zhruba tak, že mám prohlížeč Mozillu a když chci otevřít jakýkoliv odkaz, kliknu na záložku třeba Seznam.cz a automaticky mi tam najíždí aplikace od facebooku jako Cityville, Farmville atd.

Nevím, jestli je to dobře nebo ne, ale všechny moje potřebný soubory jako školu, hudbu, filmy, soubory stáhla na externí disk, kdyby mi náhodou přestal jít notebook. Mohl se mi stáhnout vir i tam?

A zde je můj log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucie at 2012-01-16 10:51:43
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 41 GB (68%) free of 60 GB
Total RAM: 895 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:51:51, on 16.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Lucie\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Lucie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Společná komponenta pro aplikace společnosti Seznam.cz - {EA837F47-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O24 - Desktop Component AutorunsDisabled: (no name) - (no file)

--
End of file - 10257 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Norton Security Scan for Lucie.job
C:\WINDOWS\tasks\RMSchedule.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.6&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
wikipedia-cz.xml

C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\
centrumpomocnik@centrum.cz
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{800b5000-a755-47e1-992b-48a1c1357f07}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin.xml
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}]
Zvýrazňovač slov Lištičky - C:\Program Files\Seznam.cz\listicka.dll [2009-03-18 686744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-04-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F47-5AD1-443E-AE34-FFE03CBF3099}]
Společná komponenta pro aplikace společnosti Seznam.cz - C:\Program Files\Seznam.cz\core.dll [2009-03-18 990872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"NPSStartup"= []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Facebook Update"=C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2011-11-13 137536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-09-13 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2010-12-13 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Documents and Settings\Lucie\Data aplikací\QipGuard\QipGuard.exe [2010-12-13 187776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-08-08 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\QIP 2010\qip.exe"="C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=serwvdrv.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.divxa32"=msaud32_divx.acm
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-01-14 13:39:20 ----D---- C:\rsit
2012-01-14 13:39:20 ----D---- C:\Program Files\trend micro
2012-01-13 14:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-13 14:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-13 13:57:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-13 13:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-13 13:55:57 ----A---- C:\WINDOWS\imsins.BAK
2012-01-13 13:55:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-09 17:43:34 ----D---- C:\Program Files\CCleaner
2012-01-07 14:01:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\KONICA MINOLTA
2012-01-07 14:01:47 ----A---- C:\WINDOWS\BRWMARK.INI
2012-01-04 14:26:38 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys

======List of files/folders modified in the last 1 month======

2012-01-16 10:31:17 ----D---- C:\WINDOWS\Prefetch
2012-01-16 08:15:06 ----D---- C:\WINDOWS\Temp
2012-01-16 08:14:15 ----SD---- C:\WINDOWS\Tasks
2012-01-16 08:09:45 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-15 22:51:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-15 09:32:33 ----D---- C:\WINDOWS
2012-01-14 21:03:59 ----HD---- C:\WINDOWS\inf
2012-01-14 13:39:20 ----RD---- C:\Program Files
2012-01-13 14:41:14 ----D---- C:\WINDOWS\system32
2012-01-13 14:04:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-13 13:59:59 ----D---- C:\WINDOWS\Debug
2012-01-13 13:59:55 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-13 13:57:31 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-13 13:57:29 ----SHD---- C:\WINDOWS\Installer
2012-01-13 13:57:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-01-09 17:49:52 ----D---- C:\Documents and Settings\Lucie\Data aplikací\uTorrent
2012-01-08 10:27:54 ----SD---- C:\Documents and Settings\Lucie\Data aplikací\Microsoft
2012-01-07 12:38:15 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-07 12:38:13 ----RSD---- C:\WINDOWS\assembly
2012-01-07 10:59:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-07 10:58:39 ----D---- C:\WINDOWS\WinSxS
2012-01-04 14:26:39 ----D---- C:\WINDOWS\system32\drivers
2011-12-30 16:28:42 ----D---- C:\Program Files\Mozilla Firefox
2011-12-23 10:37:13 ----D---- C:\Documents and Settings\Lucie\Data aplikací\Intelli-studio

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl2af831b6;MpKsl2af831b6; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EA558844-B232-4016-9970-BACB4680121D}\MpKsl2af831b6.sys []
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-09-27 20747]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-08-08 1681408]
R3 BCM43XX;Ovladač síťového adaptéru ASUS 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-09 27520]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-08-09 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-08-09 7808]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
S1 MpKsl7ad9957e;MpKsl7ad9957e; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A6849AA-44EA-4388-8103-D360132D5C8F}\MpKsl7ad9957e.sys []
S3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-09-21 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-09-21 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-09-21 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 MpKsl045a0282;MpKsl045a0282; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1384FE8C-F4A9-4F8E-A093-41DE1F18EFF5}\MpKsl045a0282.sys []
S4 MpKsl13e5b21b;MpKsl13e5b21b; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1384FE8C-F4A9-4F8E-A093-41DE1F18EFF5}\MpKsl13e5b21b.sys []
S4 MpKsl1c04f5cc;MpKsl1c04f5cc; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D11B65D3-0C46-47EB-AB84-FDD1B3780A9A}\MpKsl1c04f5cc.sys []
S4 MpKsl21f9a841;MpKsl21f9a841; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DC4FB3F6-6A12-480E-80EE-71CD64110DD8}\MpKsl21f9a841.sys []
S4 MpKsl31a5711a;MpKsl31a5711a; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4C9164D9-C890-490A-83AF-DBAA6D3AC6AF}\MpKsl31a5711a.sys []
S4 MpKsl8769bbdd;MpKsl8769bbdd; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DC4FB3F6-6A12-480E-80EE-71CD64110DD8}\MpKsl8769bbdd.sys []
S4 MpKsl936dce10;MpKsl936dce10; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D483A472-47A4-4397-A54A-F1A6FF761AD7}\MpKsl936dce10.sys []
S4 MpKsl9d75261a;MpKsl9d75261a; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C9CD2B28-FFEA-4F53-9641-522593D5BCE5}\MpKsl9d75261a.sys []
S4 MpKslc857e0ae;MpKslc857e0ae; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DC4FB3F6-6A12-480E-80EE-71CD64110DD8}\MpKslc857e0ae.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 ASWLSVC;ASWLSVC; C:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-08-08 401408]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-04-18 153376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-28 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-28 135664]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-12-13 820008]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-09-12 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Děkuji moc za pomoc

[vyosek]

Zdravim, pekne dopoledne preji a vitam vas u nas na foru

Vas log se studuje a pracuje se na nem .
Prosim o strpeni!

[vyosek]

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Odinstalujte doplnek pro FF s nazvem Firefox Rozsireni Aktualizace 1.0.0 - nahore ve Firefoxu kliknete do toho oranzoveho Firefox - Spravce doplnku - Rozsireni a ten Firefox Rozsireni Aktualizace 1.0.0 dejte odebrat

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\*.* /s
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[Lucinella87]

Dobrý den,
jsem si říkala, proč se konverzace utnula a teď jsem zjistila, že se mi to neodeslalo, tak ještě jednou

OTL Extras logfile created on: 16.1.2012 11:42:34 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Lucie\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

895,17 Mb Total Physical Memory | 391,69 Mb Available Physical Memory | 43,76% Memory free
2,12 Gb Paging File | 1,61 Gb Available in Paging File | 76,15% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 39,68 Gb Free Space | 67,73% Space Free | Partition Type: NTFS
Drive D: | 53,19 Gb Total Space | 51,51 Gb Free Space | 96,84% Space Free | Partition Type: NTFS

Computer Name: ASUS | User Name: Lucie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\QIP 2010\qip.exe" = C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010 -- (QIP)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{379B5735-78C9-43A4-91F0-6274D2D8280E}" = ATI Catalyst Control Center
"{40261D0A-A385-4C1A-A7DE-5F270D9B1029}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.7 - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"AtcL2" = Attansic L2 Fast Ethernet Driver
"ATI Display Driver" = ATI Display Driver
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"DVDFab Ghosthunter release_is1" = DVDFab Ghosthunter release 6.0.1.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HControl" = ATK0100 ACPI UTILITY
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"jKiwi" = jKiwi
"KONICA MINOLTA magicolor 1690MF" = KONICA MINOLTA magicolor 1690MF
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NSS" = Norton Security Scan
"Opera 11.60.1185" = Opera 11.60
"Picasa 3" = Picasa 3
"SeznamListicka2" = Seznam Lištička 2
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zoner Photo Studio 8_is1" = Zoner Photo Studio 8

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
"QIP 2010" = QIP 2010 3.1.4983
"QipGuard" = QIP Internet Guardian

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29.12.2011 14:43:39 | Computer Name = ASUS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 9.0.0.4367, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.12.2011 14:44:20 | Computer Name = ASUS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 9.0.0.4367, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.12.2011 15:06:36 | Computer Name = ASUS | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.6545.5000, P3
msptls.dll, P4 12.0.6654.5000, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 29.12.2011 16:52:22 | Computer Name = ASUS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 9.0.0.4367, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 29.12.2011 16:52:22 | Computer Name = ASUS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 9.0.0.4367, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.1.2012 17:39:19 | Computer Name = ASUS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 7.1.2012 6:01:19 | Computer Name = ASUS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0,
P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 7.1.2012 8:48:15 | Computer Name = ASUS | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
P4 3.0.8402.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 10.1.2012 16:10:16 | Computer Name = ASUS | Source = Google Update | ID = 20
Description =

Error - 12.1.2012 13:10:16 | Computer Name = ASUS | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 11.1.2012 8:58:22 | Computer Name = ASUS | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby stisvc.

Error - 11.1.2012 11:12:17 | Computer Name = ASUS | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 12.1.2012 13:17:29 | Computer Name = ASUS | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.

Error - 13.1.2012 9:44:03 | Computer Name = ASUS | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.

Error - 13.1.2012 11:09:08 | Computer Name = ASUS | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.

Error - 13.1.2012 17:26:25 | Computer Name = ASUS | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.

Error - 14.1.2012 4:32:16 | Computer Name = ASUS | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 14.1.2012 8:25:38 | Computer Name = ASUS | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.

Error - 14.1.2012 10:01:44 | Computer Name = ASUS | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.

Error - 14.1.2012 16:03:43 | Computer Name = ASUS | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.


< End of report >

To je ten první, teď ještě ten druhý

[Lucinella87]

A zde ještě ten druhý

OTL logfile created on: 16.1.2012 11:41:15 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Lucie\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

895,17 Mb Total Physical Memory | 391,69 Mb Available Physical Memory | 43,76% Memory free
2,12 Gb Paging File | 1,61 Gb Available in Paging File | 76,15% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 39,68 Gb Free Space | 67,73% Space Free | Partition Type: NTFS
Drive D: | 53,19 Gb Total Space | 51,51 Gb Free Space | 96,84% Space Free | Partition Type: NTFS

Computer Name: ASUS | User Name: Lucie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.16 11:38:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucie\Dokumenty\Stažené soubory\OTL.exe
PRC - [2011.12.30 16:28:22 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.10.14 10:37:40 | 000,110,592 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2006.08.10 15:08:04 | 002,379,776 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2006.07.25 20:20:20 | 000,537,600 | ---- | M] () -- C:\WINDOWS\system32\ASWL2K.exe
PRC - [2006.05.16 10:42:52 | 001,777,664 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006.05.10 07:22:00 | 002,134,016 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2006.04.07 16:36:46 | 000,290,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006.02.06 22:00:20 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2006.01.27 17:17:50 | 000,221,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006.01.23 20:47:32 | 000,073,728 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2006.01.02 15:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2004.05.06 11:21:04 | 000,496,640 | ---- | M] () -- C:\WINDOWS\system32\ASWLSVC.exe


========== Modules (No Company Name) ==========

MOD - [2012.01.07 12:37:31 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
MOD - [2012.01.07 10:58:43 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2012.01.07 10:58:40 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.12.30 16:28:21 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.10.20 13:24:32 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.19 12:41:14 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.19 12:41:02 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.19 12:40:39 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.19 12:38:53 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.19 12:38:42 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.09.26 07:14:22 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2006.10.14 10:37:40 | 000,110,592 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
MOD - [2006.08.24 08:32:26 | 000,163,840 | R--- | M] () -- C:\WINDOWS\ATK0100\ASUSNet.dll
MOD - [2006.08.10 15:08:04 | 002,379,776 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
MOD - [2006.07.25 20:20:20 | 000,537,600 | ---- | M] () -- C:\WINDOWS\system32\ASWL2K.exe
MOD - [2005.07.22 20:30:20 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\TosCommAPI.dll
MOD - [2004.10.14 09:18:24 | 000,040,960 | ---- | M] () -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll
MOD - [2004.07.20 16:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
MOD - [2004.05.28 03:13:10 | 000,057,344 | R--- | M] () -- C:\WINDOWS\ATK0100\CMSSC.dll
MOD - [2004.05.06 11:21:04 | 000,496,640 | ---- | M] () -- C:\WINDOWS\system32\ASWLSVC.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.11.21 10:49:24 | 000,247,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2004.05.06 11:21:04 | 000,496,640 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC)


========== Driver Services (SafeList) ==========

DRV - [2012.01.16 08:09:14 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EA558844-B232-4016-9970-BACB4680121D}\MpKsl2af831b6.sys -- (MpKsl2af831b6)
DRV - [2009.11.16 09:21:50 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.09.21 09:55:36 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.09.21 09:55:36 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.09.21 09:55:36 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2006.11.03 02:32:30 | 004,394,496 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.10.12 15:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006.08.14 04:40:24 | 000,027,776 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atl02_xp.sys -- (AtcL002)
DRV - [2006.08.09 07:15:14 | 001,116,544 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
DRV - [2006.08.09 07:15:14 | 000,007,808 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
DRV - [2006.08.08 13:59:14 | 001,681,408 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.05.18 20:46:16 | 000,110,976 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006.05.09 10:21:54 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006.05.09 09:33:54 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006.04.19 12:57:44 | 000,047,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006.03.21 16:04:24 | 000,889,472 | R--- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006.03.16 09:45:12 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2006.03.15 09:52:40 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2005.08.01 15:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.11 17:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005.02.17 16:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005.01.06 12:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004.05.28 03:13:04 | 000,016,269 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\ATK0100\ASNDIS5.sys -- (ASNDIS5)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.3&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.3.6&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.22 10:02:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.22 10:02:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.30 16:28:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.29 08:48:52 | 000,000,000 | ---D | M]

[2010.09.28 17:56:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Extensions
[2012.01.16 11:38:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions
[2010.10.30 13:33:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.27 21:41:21 | 000,000,000 | ---D | M] (Centrum.cz nastavenĂ) -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.12.27 21:41:21 | 000,000,000 | ---D | M] (Centrum domĂ©novĂ˝ pomocnĂ­k) -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz
[2012.01.16 11:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\staged
[2012.01.16 11:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\staged\extension@firefox.com
[2012.01.14 09:38:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-1.xml
[2011.08.15 19:33:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-2.xml
[2011.09.01 07:38:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-3.xml
[2011.09.08 21:01:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-4.xml
[2011.10.01 21:57:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-5.xml
[2011.11.09 15:44:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-6.xml
[2011.06.20 19:41:40 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin.xml
[2010.12.30 23:57:28 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\qip-search.xml
[2011.12.27 21:41:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.01 09:30:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.12.27 21:41:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.12.27 21:41:10 | 000,000,000 | ---D | M] (Centrum.cz nastavenĂ) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.12.27 21:41:11 | 000,000,000 | ---D | M] (Centrum doménový pomocník) -- C:\Program Files\Mozilla Firefox\distribution\extensions\centrumpomocnik@centrum.cz
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LUCIE\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7PYC5OUL.DEFAULT\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LUCIE\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7PYC5OUL.DEFAULT\EXTENSIONS\CENTRUMPOMOCNIK@CENTRUM.CZ
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LUCIE\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7PYC5OUL.DEFAULT\EXTENSIONS\EXTENSION@FIREFOX.COM.XPI
[2011.12.30 16:28:23 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.18 18:01:41 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.17 03:57:21 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Lucie\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Lucie\Local Settings\Data aplikac\u00ED\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: uTorrentBar = C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj\2.3.0.15_0\
CHR - Extension: DivX HiQ = C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\

O1 HOSTS File: ([2006.03.02 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Zvýrazňovač slov Lištičky) - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Společná komponenta pro aplikace společnosti Seznam.cz) - {EA837F47-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.dll ()
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-1659004503-2049760794-839522115-1004..\Run: [Facebook Update] C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 10.10.10.10 10.10.11.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FEF9E11-C930-4DA7-96D1-E86E5CED4F6F}: DhcpNameServer = 192.168.1.1 10.10.10.10 10.10.11.11
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\skype4com - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:AutorunsDisabled () -
O24 - Desktop WallPaper: C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.27 21:52:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{da4e9226-d576-11df-8a6b-001bfc13c329}\Shell - "" = AutoRun
O33 - MountPoints2\{da4e9226-d576-11df-8a6b-001bfc13c329}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{fe3eb19c-412e-11e0-8b67-001bfcc21977}\Shell - "" = AutoRun
O33 - MountPoints2\{fe3eb19c-412e-11e0-8b67-001bfcc21977}\Shell\AutoRun\command - "" = G:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.14 13:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.14 13:39:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.11 16:16:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lucie\Recent
[2012.01.09 17:43:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2012.01.09 17:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.01.16 11:46:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.16 09:10:05 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004UA.job
[2012.01.16 08:14:16 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012.01.16 08:08:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.15 10:28:31 | 002,691,234 | ---- | M] () -- C:\Documents and Settings\Lucie\Plocha\MY na Klínech.jpg
[2012.01.15 10:27:12 | 000,316,917 | ---- | M] () -- C:\Documents and Settings\Lucie\Plocha\IMG-20120113-00029.jpg
[2012.01.15 10:26:36 | 000,480,236 | ---- | M] () -- C:\Documents and Settings\Lucie\Plocha\IMG-20120113-00027.jpg
[2012.01.15 00:33:58 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\Lucie\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.14 21:10:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004Core.job
[2012.01.13 14:04:31 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.11 17:00:54 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Lucie\Plocha\Microsoft Office Word 2007.lnk
[2012.01.09 17:43:37 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.16 11:46:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.15 10:28:30 | 002,691,234 | ---- | C] () -- C:\Documents and Settings\Lucie\Plocha\MY na Klínech.jpg
[2012.01.15 10:25:16 | 000,316,917 | ---- | C] () -- C:\Documents and Settings\Lucie\Plocha\IMG-20120113-00029.jpg
[2012.01.15 10:25:10 | 000,480,236 | ---- | C] () -- C:\Documents and Settings\Lucie\Plocha\IMG-20120113-00027.jpg
[2012.01.13 13:55:57 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.01.09 17:43:37 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.01.07 14:01:47 | 000,000,407 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.08.31 13:02:27 | 000,031,910 | ---- | C] () -- C:\WINDOWS\MSUMLT0G.INI
[2011.07.22 21:35:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.05.18 21:04:30 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.05.18 21:04:30 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.05.18 21:03:50 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Lucie\Data aplikací\$_hpcst$.hpc
[2011.02.08 12:48:26 | 000,298,597 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2011.02.08 12:48:26 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\crt.dat
[2010.12.26 21:21:12 | 000,054,772 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.11.06 14:09:28 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.06 14:08:40 | 000,109,056 | ---- | C] () -- C:\Documents and Settings\Lucie\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.06 09:46:34 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2010.09.29 11:16:29 | 000,045,056 | R--- | C] () -- C:\WINDOWS\StkUnist.exe
[2010.09.29 11:16:29 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\SynSvc_.exe
[2010.09.29 11:16:28 | 000,014,848 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynSam.sys
[2010.09.29 11:16:28 | 000,007,808 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynScan.sys
[2010.09.29 11:16:20 | 000,498,688 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynPin.sys
[2010.09.29 11:16:20 | 000,028,800 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynCamd.sys
[2010.09.29 11:16:19 | 001,116,544 | R--- | C] () -- C:\WINDOWS\System32\drivers\SynMini.sys
[2010.09.28 17:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.09.28 17:44:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll
[2010.09.28 17:44:41 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.09.28 17:44:41 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2010.09.28 17:44:41 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.09.28 17:44:39 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010.09.28 10:15:50 | 000,000,329 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.09.28 09:47:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2010.09.27 23:36:18 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.09.27 23:29:56 | 000,270,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.27 22:51:58 | 000,537,600 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2010.09.27 22:51:58 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2010.09.27 22:51:58 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2010.09.27 22:31:31 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.09.27 22:17:12 | 000,132,584 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.09.27 22:08:35 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2010.09.27 22:07:08 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2010.09.27 21:57:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.09.27 21:49:31 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006.03.02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 13:00:00 | 000,436,042 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 13:00:00 | 000,432,964 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 13:00:00 | 000,079,888 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 13:00:00 | 000,068,938 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.09.02 13:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 20:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005.01.17 07:10:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2004.08.09 07:00:42 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2004.07.20 16:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 13:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[1999.10.26 16:00:00 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\KBADM08A.DAT
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2011.05.11 20:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.10.29 10:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2012.01.07 14:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KONICA MINOLTA
[2011.10.29 10:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Premium
[2011.05.18 21:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2011.04.18 18:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.12.23 23:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.07.25 22:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer
[2011.07.25 21:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer Pro
[2010.11.14 22:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\COWON
[2010.10.27 18:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\gtk-2.0
[2011.10.18 13:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\ICQ
[2010.12.22 10:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Local
[2011.09.04 15:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Opera
[2010.12.27 19:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\QIP
[2010.12.27 00:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\QipGuard
[2011.04.17 13:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Registry Mechanic
[2011.05.18 21:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Samsung
[2012.01.09 17:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\uTorrent
[2010.09.28 10:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Zoner
[2012.01.14 21:10:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004Core.job
[2012.01.16 09:10:05 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004UA.job
[2012.01.16 08:14:16 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011.10.18 14:50:20 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job

========== Purity Check ==========



========== Custom Scans ==========


< >

< >


< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.09.29 08:07:37 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.09.29 08:07:37 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.09.29 08:07:37 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.09.29 08:07:37 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.02.08 02:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.09.29 08:07:37 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.09.29 08:07:37 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2005.09.29 00:35:25 | 000,134,272 | ---- | M] (Microsoft Corporation) MD5=A3961B9456DE472D2F152C9DE950FFA5 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\04e222f62cd1236cb253218d2480bbe3\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\04e222f62cd1236cb253218d2480bbe3\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\6949e561e90644f3d1c3be688847dd9b\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\6949e561e90644f3d1c3be688847dd9b\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\bf692ac3c760a4c9d1994efe7a7f3af9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\bf692ac3c760a4c9d1994efe7a7f3af9\*.tmp -> ]
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.10.06 10:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Adobe
[2010.11.07 13:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Ahead
[2010.12.24 00:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Apple Computer
[2010.09.27 22:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\ATI
[2011.07.25 22:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer
[2011.07.25 21:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer Pro
[2010.11.14 22:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\COWON
[2011.01.21 22:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\DivX
[2010.09.28 10:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\GRETECH
[2010.10.27 18:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\gtk-2.0
[2011.10.18 13:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\ICQ
[2010.09.27 22:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Identities
[2010.09.28 10:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\InstallShield
[2011.12.23 10:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Intelli-studio
[2010.12.22 10:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Local
[2010.09.28 10:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Macromedia
[2012.01.08 10:27:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Lucie\Data aplikací\Microsoft
[2010.09.28 17:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla
[2011.09.04 15:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Opera
[2010.12.27 19:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\QIP
[2010.12.27 00:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\QipGuard
[2011.04.17 13:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Registry Mechanic
[2011.05.18 21:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Samsung
[2011.11.01 10:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Skype
[2011.01.31 17:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Sun
[2011.07.22 20:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\U3
[2012.01.09 17:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\uTorrent
[2010.11.14 22:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\WinRAR
[2010.09.28 10:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucie\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2010.12.13 16:06:30 | 000,187,776 | ---- | M] (QIP.ru) -- C:\Documents and Settings\Lucie\Data aplikací\QipGuard\QipGuard.exe
[2011.05.18 21:07:27 | 000,704,512 | ---- | M] (TODO: <Company name>) -- C:\Documents and Settings\Lucie\Data aplikací\Samsung\New PC Studio\LiveUpdate\NPSUpdateAgent.exe
[2006.12.14 09:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\U3\temp\cleanup.exe
[2007.02.12 16:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Lucie\Data aplikací\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2011.10.18 14:50:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012.01.14 21:10:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004Core.job
[2012.01.16 09:10:05 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004UA.job
[2011.10.22 08:22:21 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.10.22 08:22:22 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.01.16 08:14:16 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011.10.18 14:50:18 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\Tasks\Norton Security Scan for Lucie.job
[2011.10.18 14:50:20 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.09.27 23:28:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.09.27 23:28:04 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.09.27 23:28:04 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.01.13 13:59:55 | 052,128,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Facebook Update" = "C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2011.11.13 21:05:03 | 000,137,536 | ---- | M] (Facebook Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AutorunsDisabled]
"ICQ" = "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2011.08.01 09:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.12.30 16:28:22 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2011.12.10 20:42:04 | 000,949,104 | ---- | M] (Opera Software) MD5=734CACDE3E6D1882AAE2C6F8F8BE4F93 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.01.05 10:48:46 | 001,047,024 | ---- | M] (Google Inc.) MD5=E5C93E2CF6C7B903799CF99F71286E1A -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\*.* /s >
[2012.01.09 10:34:47 | 000,015,655 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\extension@firefox.com.xpi
[2010.04.20 17:13:56 | 000,002,112 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome.manifest
[2010.04.20 17:13:56 | 000,001,269 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\install.rdf
[2010.04.20 17:13:56 | 000,000,424 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences\defaults.js
[2010.04.20 17:13:56 | 000,029,112 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome\chrome_user.jar
[2011.11.15 19:28:08 | 000,000,226 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome.manifest
[2011.11.16 14:18:05 | 000,001,284 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\install.rdf
[2011.11.01 10:51:40 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\license.txt
[2011.11.01 10:51:39 | 000,004,536 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\components\centrum-autocomplete.js
[2011.11.01 10:51:40 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\defaults\preferences\wips.js
[2011.11.16 14:12:38 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\content\button.xul
[2011.11.16 13:36:31 | 000,023,101 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\content\common.js
[2011.11.16 22:08:05 | 000,001,592 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\content\settings.xul
[2011.11.04 14:58:54 | 000,005,980 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\content\toolbar.xul
[2011.11.01 10:51:39 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\locale\cs\toolbar.dtd
[2011.11.01 10:51:39 | 000,000,136 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\locale\cs\wips.properties
[2011.11.01 10:51:39 | 000,006,243 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\skin\classic\ext_icon.png
[2011.11.14 11:05:07 | 000,003,402 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\skin\classic\settings.png
[2011.11.14 13:00:57 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\chrome\skin\classic\toolbar.css
[2011.11.04 10:01:33 | 000,002,940 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\searchplugins\centrum-cz.xml
[2011.11.04 10:05:21 | 000,002,884 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\searchplugins\stahuj-cz.xml
[2011.08.16 08:42:46 | 000,000,469 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome.manifest
[2011.11.16 20:07:09 | 000,001,073 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\install.rdf
[2011.08.22 13:56:15 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\defaults\preferences\prefs.js
[2011.08.16 08:15:47 | 000,000,841 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\content\contents.rdf
[2011.11.15 19:25:42 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\content\ff-overlay.js
[2011.08.15 06:15:50 | 000,000,539 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\content\ff-overlay.xul
[2011.11.03 16:32:58 | 000,018,032 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\content\netError.xhtml
[2011.11.04 13:47:42 | 000,009,476 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\content\images\centrum_logo.png
[2011.08.16 09:00:34 | 000,003,584 | -HS- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\content\images\Thumbs.db
[2008.06.20 07:08:14 | 000,001,047 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\skin\classic\about.css
[2009.07.01 13:55:34 | 000,002,593 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\skin\classic\chpomocnik.png
[2011.08.15 15:35:11 | 000,000,586 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\skin\classic\contents.rdf
[2011.11.16 20:08:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\extensions\centrumpomocnik@centrum.cz\chrome\skin\classic\overlay.css

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.16 11:46:29 | 000,000,512 | ---- | M] () MD5=B8CDACAFE4C803A3A7F9773B0DFE2AD5 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.10.04 21:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat

< *keygen* /s >

< *loader* /s >
[2011.10.29 10:17:38 | 000,010,144 | ---- | M] () -- \Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\conduitCommon\modules\3.7.0.6\ExternalLibraryLoader.jsm
[2012.01.09 17:44:01 | 000,000,673 | ---- | M] () -- \Documents and Settings\Lucie\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj\2.3.0.15_0\Media\ajax-loader.gif
[2006.07.14 09:39:46 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2011.05.11 20:32:06 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.11 20:32:07 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.11 20:32:06 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.27 16:39:17 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.11 20:35:43 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.05.11 20:35:45 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2010.09.28 20:04:06 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[4 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

DĚKUJI mnohokrát za pomoc

[vyosek]

Tak jdeme dale at s ni zatocime

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
  SRV - [2010.11.21 10:49:24 | 000,247,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
  FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
  FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.6&q="
  FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  [2012.01.14 09:38:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-1.xml
  [2011.08.15 19:33:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-2.xml
  [2011.09.01 07:38:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-3.xml
  [2011.09.08 21:01:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-4.xml
  [2011.10.01 21:57:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-5.xml
  [2011.11.09 15:44:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-6.xml
  [2011.06.20 19:41:40 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin.xml
  [2010.12.30 23:57:28 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\qip-search.xml
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LUCIE\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7PYC5OUL.DEFAULT\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LUCIE\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7PYC5OUL.DEFAULT\EXTENSIONS\CENTRUMPOMOCNIK@CENTRUM.CZ
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LUCIE\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7PYC5OUL.DEFAULT\EXTENSIONS\EXTENSION@FIREFOX.COM.XPI
  O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
  O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
  O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
  O3 - HKU\S-1-5-21-1659004503-2049760794-839522115-1004\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
  O4 - HKLM..\Run: [NPSStartup] File not found
  O4 - HKU\S-1-5-21-1659004503-2049760794-839522115-1004..\Run: [Facebook Update] C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
  O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
  O18 - Protocol\Handler\AutorunsDisabled\skype4com - No CLSID value found
  O33 - MountPoints2\{da4e9226-d576-11df-8a6b-001bfc13c329}\Shell - "" = AutoRun
  O33 - MountPoints2\{fe3eb19c-412e-11e0-8b67-001bfcc21977}\Shell - "" = AutoRun
  [2010.12.23 23:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
  [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  [9 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\04e222f62cd1236cb253218d2480bbe3\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\04e222f62cd1236cb253218d2480bbe3\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\6949e561e90644f3d1c3be688847dd9b\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\6949e561e90644f3d1c3be688847dd9b\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\download\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\bf692ac3c760a4c9d1994efe7a7f3af9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\bf692ac3c760a4c9d1994efe7a7f3af9\*.tmp -> ]
  [4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
  [1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
  [2011.10.18 14:50:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
  [2012.01.14 21:10:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004Core.job
  [2012.01.16 09:10:05 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004UA.job
  [2011.10.22 08:22:21 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  [2011.10.22 08:22:22 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  [2012.01.16 08:14:16 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
  [2011.10.18 14:50:18 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\Tasks\Norton Security Scan for Lucie.job
  [2011.10.18 14:50:20 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
  @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
  
  :services
  gupdate
  gupdatem
  gusvc
  JavaQuickStarterService
  NBService
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Adobe Reader Speed Launcher"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "CTFMON.EXE"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
  
  :files
  C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update
  C:\Program Files\ICQ6Toolbar
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Lucinella87]

A nemusím tam zaškrtávat nic jako v předtím? Jako ty dny atd.

[vyosek]

NeNe, neni potreba

[Lucinella87]

All processes killed
========== OTL ==========
Error: No service named AppMgmt was found to stop!
Service\Driver key AppMgmt not found.
Error: No service named ICQ Service was found to stop!
Service\Driver key ICQ Service not found.
File C:\Program Files\ICQ6Toolbar\ICQ Service.exe not found.
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1659004503-2049760794-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1659004503-2049760794-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-21-1659004503-2049760794-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTor.dll not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.3&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.6&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-1.xml not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-2.xml not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-3.xml not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-4.xml not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-5.xml not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin-6.xml not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\icqplugin.xml not found.
File C:\Documents and Settings\Lucie\Data aplikací\Mozilla\Firefox\Profiles\7pyc5oul.default\searchplugins\qip-search.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTor.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTor.dll not found.
Registry value HKEY_USERS\S-1-5-21-1659004503-2049760794-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup not found.
Registry value HKEY_USERS\S-1-5-21-1659004503-2049760794-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update not found.
File C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\AutorunsDisabled\ not found.
File Protocol\Handler\AutorunsDisabled - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\AutorunsDisabled\skype4com\ not found.
File Protocol\Handler\AutorunsDisabled\skype4com - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{da4e9226-d576-11df-8a6b-001bfc13c329}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{da4e9226-d576-11df-8a6b-001bfc13c329}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe3eb19c-412e-11e0-8b67-001bfcc21977}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fe3eb19c-412e-11e0-8b67-001bfcc21977}\ not found.
Folder C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\ not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\WINDOWS\Installer\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\04e222f62cd1236cb253218d2480bbe3\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\6949e561e90644f3d1c3be688847dd9b\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\8058ebceb452c83425841a510aaccdfb\download\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\bf692ac3c760a4c9d1994efe7a7f3af9\*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp not found.
File/Folder C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp not found.
File C:\WINDOWS\Tasks\AppleSoftwareUpdate.job not found.
File C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004Core.job not found.
File C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-839522115-1004UA.job not found.
File C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
File C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\WINDOWS\Tasks\MP Scheduled Scan.job moved successfully.
File C:\WINDOWS\Tasks\Norton Security Scan for Lucie.job not found.
File C:\WINDOWS\Tasks\RMSchedule.job not found.
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 .
========== SERVICES/DRIVERS ==========
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
Error: No service named JavaQuickStarterService was found to stop!
Service\Driver key JavaQuickStarterService not found.
Error: No service named NBService was found to stop!
Service\Driver key NBService not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl\ not found.
========== FILES ==========
File\Folder C:\Documents and Settings\Lucie\Local Settings\Data aplikací\Facebook\Update not found.
File\Folder C:\Program Files\ICQ6Toolbar not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Lucie
->Temp folder emptied: 166447 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 166976902 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 9824916 bytes
->Flash cache emptied: 4634 bytes

User: NetworkService
->Temp folder emptied: 2743992 bytes
->Temporary Internet Files folder emptied: 1243906 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3599264 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 172748052 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 734196127 bytes

Total Files Cleaned = 1 041,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Lucie
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 01192012_185359

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[vyosek]

Fajn, jak se chova nas pacient

[Lucinella87]

Musím říct, že od včera ani jednou nenaskočilo okno, které bych sama nechtěla Takže jestli jste tímhle to moje trápení s PC ukončil, tak strašně moc děkuju

[vyosek]

Tak jeste uklidime po tech smrdutych mazadlech co jsme pouzili

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

napiste co Vas pocitacovy milacek, zda-li je vse OK

[Lucinella87]

Tak jsem to všechno udělala a asi dobrý, nevím, jak to poznám Prostě funguje zatím tak jak má

[vyosek]

Prostě funguje zatím tak jak má

Tohle je dulezity

Pokud tedy nejsou problemy ci dotazy, je to z me strany vse

[Lucinella87]

Děkuji mnohokrát