otevírání her z facebooku v záložkách, tracking cookie atdmt

Zpráva

petr.ch · #1 Příspěvek od **petr.ch** » 16 led 2012 22:47

Dobrý večer, mám 2 problémy. Jeden je ten, že se mi od určitého data, kdy jsem se podíval na video, které se tvářilo jako z youtube, otevírají místo načtených stránek v záložkách automaticky různé pitomé hry, které je možné hrát na facebooku. Druhý problém je ten, že pokaždé, když nově otevřu mozillu, tak mi antivirový program zahlásí, že mám nějaký atdmt cookie, který nejde ale jakkoliv zablokovat, jen přidat mezi výjimky nebo ignorovat a podle toho co jsem se o něm dočetl, tak monitoruje a odesílá informace o tom, na jakých stránkách internetu se pohybuji a všechno co zde dělám. Tímto bych Vás chtěl poprosit o pomoc.

Děkuji

Log s RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2012-01-16 22:42:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 66 GB (65%) free of 102 GB
Total RAM: 4030 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:42:29, on 16.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kalendar\kalendar.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Kalendar] C:\Program Files (x86)\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbserver.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11391 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=f33bf061-68f7-444b-ac87-6d293ce8bf5f /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\00c28f6e-13e5-401c-97ac-8e00fa333c6c-194-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Firebird\bin\fbguard.exe" -s
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
WLIDSvcM.exe 2788
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Firebird\bin\fbserver.exe" -s
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgemca.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Kalendar\kalendar.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C5100 series#1325494276" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title> </Title><Text>Klávesa Caps Lock je zapnutá</Text><IconPath></IconPath><ID>69174100</ID><Path></Path><Parameters></Parameters></Toast></hpNotification>"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=22890167-bc45-4965-bc7d-6c2091dcfb50 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\df48ae63-fd86-4621-8a35-0547d644a626-eb4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Program Files (x86)\Winamp\winamp.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5544.b145400.451686191 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 5544 plugin \\.\pipe\gecko-crash-server-pipe.5544
"C:\Program Files (x86)\The KMPlayer\KMPlayer.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Uživatelská složka - NESMAZAT!!!\Plocha\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\1c0dt86i.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ec8030f7-c20a-464f-9b0e-13a3a9e97384}:1.0.2, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1894, smartwebprinting@hp.com:4.51, extension@firefox.com:1.0.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
npwachk.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npnul32.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\1c0dt86i.default\extensions\
centrumpomocnik@centrum.cz
extension@firefox.com
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-29 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-18 2710824]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-05-27 1128448]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-25 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-25 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-25 418840]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-06 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-06 379040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Kalendar"=C:\Program Files (x86)\Kalendar\kalendar.exe [2005-11-09 580608]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-04-14 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-27 336384]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-05-13 318520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2011-12-03 2415456]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-12-08 421736]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-11-29 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-01-13 17:38:12 ----D---- C:\Program Files\trend micro
2012-01-13 17:38:11 ----D---- C:\rsit
2012-01-13 16:48:58 ----D---- C:\Program Files (x86)\ModelHR
2012-01-13 16:48:53 ----A---- C:\Windows\GPInstall.exe
2012-01-13 15:43:15 ----A---- C:\Users\Uživatel\AppData\Roaming\cdr.ini
2012-01-13 15:43:12 ----A---- C:\Windows\WM8EUTIL.exe
2012-01-13 15:43:11 ----D---- C:\Program Files (x86)\CD to MP3 Freeware
2012-01-13 15:08:36 ----D---- C:\ProgramData\TEMP
2012-01-13 13:04:31 ----D---- C:\ProgramData\Kaspersky Lab
2012-01-13 10:20:01 ----SHD---- C:\$RECYCLE.BIN
2012-01-13 00:03:54 ----A---- C:\ComboFix.txt
2012-01-12 23:58:09 ----A---- C:\Windows\zip.exe
2012-01-12 23:58:09 ----A---- C:\Windows\SWSC.exe
2012-01-12 23:58:09 ----A---- C:\Windows\SWREG.exe
2012-01-12 23:58:09 ----A---- C:\Windows\sed.exe
2012-01-12 23:58:09 ----A---- C:\Windows\PEV.exe
2012-01-12 23:58:09 ----A---- C:\Windows\NIRCMD.exe
2012-01-12 23:58:09 ----A---- C:\Windows\MBR.exe
2012-01-12 23:58:09 ----A---- C:\Windows\grep.exe
2012-01-11 11:28:06 ----D---- C:\Users\Uživatel\AppData\Roaming\Apple Computer
2012-01-11 11:27:56 ----DC---- C:\Windows\system32\DRVSTORE
2012-01-11 11:27:56 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2012-01-11 11:27:56 ----A---- C:\Windows\system32\GEARAspi64.dll
2012-01-11 11:27:56 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2012-01-11 11:27:45 ----D---- C:\ProgramData\Apple Computer
2012-01-11 11:27:45 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-01-11 11:27:45 ----D---- C:\Program Files\iTunes
2012-01-11 11:27:45 ----D---- C:\Program Files\iPod
2012-01-11 11:27:45 ----D---- C:\Program Files (x86)\iTunes
2012-01-11 11:26:34 ----D---- C:\Program Files (x86)\Apple Software Update
2012-01-11 11:26:21 ----D---- C:\Program Files\Common Files\Apple
2012-01-11 11:26:10 ----D---- C:\Program Files\Bonjour
2012-01-11 11:26:10 ----D---- C:\Program Files (x86)\Bonjour
2012-01-11 11:25:55 ----D---- C:\ProgramData\Apple
2012-01-09 23:57:33 ----D---- C:\Windows\ERDNT
2012-01-09 23:53:37 ----D---- C:\Qoobox
2012-01-09 18:38:30 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2012-01-09 18:38:30 ----A---- C:\Windows\SYSWOW64\mkl_blueripple.dll
2012-01-09 18:38:29 ----D---- C:\Program Files (x86)\BRS
2012-01-09 18:38:13 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-01-09 18:38:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-01-09 18:38:13 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-01-09 18:38:13 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-01-09 18:38:10 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2012-01-09 18:38:10 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-01-09 00:43:14 ----D---- C:\Users\Uživatel\AppData\Roaming\Simulace_2009
2012-01-09 00:34:03 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-01-09 00:34:03 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-01-09 00:33:29 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2012-01-09 00:33:28 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-01-05 11:30:59 ----D---- C:\Program Files (x86)\MSXML 4.0
2012-01-04 17:32:27 ----D---- C:\Users\Uživatel\AppData\Roaming\EPSON
2012-01-04 17:27:17 ----A---- C:\Windows\system32\esxcwiad.dll
2012-01-04 15:18:43 ----D---- C:\Program Files (x86)\epson
2012-01-03 17:55:33 ----A---- C:\Windows\system32\E_ILMEDE.DLL
2012-01-03 17:55:33 ----A---- C:\Windows\system32\E_IBCBEDE.DLL
2012-01-03 17:55:33 ----A---- C:\Windows\system32\E_GCINST.DLL
2012-01-03 17:55:18 ----D---- C:\ProgramData\EPSON
2012-01-03 15:11:18 ----D---- C:\Program Files (x86)\Firebird
2012-01-03 15:10:29 ----D---- C:\TEMP
2012-01-02 15:07:29 ----D---- C:\ProgramData\Codemasters
2012-01-02 14:40:59 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2012-01-02 14:40:59 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2012-01-02 14:40:59 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2012-01-02 14:40:59 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2012-01-02 14:40:59 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-01-02 14:40:59 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-01-02 14:40:59 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-01-02 14:40:59 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2012-01-02 14:40:58 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2012-01-02 14:40:58 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2012-01-02 14:40:58 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-01-02 14:40:58 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-01-02 14:40:58 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-01-02 14:40:58 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-01-02 14:40:58 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-01-02 14:40:57 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2012-01-02 14:40:57 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2012-01-02 14:40:57 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2012-01-02 14:40:57 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-01-02 14:40:57 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-01-02 14:40:57 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-01-02 14:40:56 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2012-01-02 14:40:56 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2012-01-02 14:40:56 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2012-01-02 14:40:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2012-01-02 14:40:56 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-01-02 14:40:56 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-01-02 14:40:56 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-01-02 14:40:56 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-01-02 14:40:55 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2012-01-02 14:40:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2012-01-02 14:40:55 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2012-01-02 14:40:55 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2012-01-02 14:40:55 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-01-02 14:40:55 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-01-02 14:40:55 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-01-02 14:40:55 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-01-02 14:40:55 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-01-02 14:40:55 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-01-02 14:40:55 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-01-02 14:40:54 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2012-01-02 14:40:54 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2012-01-02 14:40:54 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2012-01-02 14:40:54 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-01-02 14:40:54 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-01-02 14:40:54 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-01-02 14:40:54 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-01-02 13:01:21 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2012-01-02 13:01:21 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2012-01-02 13:01:21 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2012-01-02 13:01:21 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2012-01-02 13:01:21 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-01-02 13:01:21 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-01-02 13:01:21 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-01-02 13:01:20 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2012-01-02 13:01:20 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-01-02 13:01:19 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2012-01-02 13:01:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2012-01-02 13:01:19 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2012-01-02 13:01:19 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2012-01-02 13:01:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2012-01-02 13:01:19 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-01-02 13:01:19 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-01-02 13:01:19 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-01-02 13:01:19 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-01-02 13:01:19 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-01-02 13:01:17 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2012-01-02 13:01:17 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2012-01-02 13:01:17 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2012-01-02 13:01:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2012-01-02 13:01:17 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-01-02 13:01:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-01-02 13:01:17 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-01-02 13:01:17 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-01-02 13:01:15 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2012-01-02 13:01:15 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2012-01-02 13:01:15 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-01-02 13:01:15 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-01-02 13:01:14 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2012-01-02 13:01:14 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2012-01-02 13:01:14 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-01-02 13:01:14 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-01-02 13:01:13 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2012-01-02 13:01:13 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2012-01-02 13:01:13 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2012-01-02 13:01:13 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2012-01-02 13:01:13 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-01-02 13:01:13 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-01-02 13:01:13 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-01-02 13:01:13 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-01-02 13:01:12 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2012-01-02 13:01:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2012-01-02 13:01:12 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-01-02 13:01:12 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-01-02 13:01:11 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2012-01-02 13:01:11 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2012-01-02 13:01:11 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2012-01-02 13:01:11 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2012-01-02 13:01:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2012-01-02 13:01:11 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-01-02 13:01:11 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-01-02 13:01:11 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-01-02 13:01:11 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-01-02 13:01:11 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-01-02 13:01:10 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2012-01-02 13:01:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2012-01-02 13:01:10 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2012-01-02 13:01:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2012-01-02 13:01:10 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-01-02 13:01:10 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-01-02 13:01:10 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-01-02 13:01:10 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-01-02 13:01:09 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2012-01-02 13:01:09 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2012-01-02 13:01:09 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2012-01-02 13:01:09 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2012-01-02 13:01:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2012-01-02 13:01:09 ----A---- C:\Windows\system32\xinput1_3.dll
2012-01-02 13:01:09 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-01-02 13:01:09 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-01-02 13:01:09 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-01-02 13:01:09 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-01-02 13:01:08 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2012-01-02 13:01:08 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-01-02 13:01:07 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2012-01-02 13:01:07 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2012-01-02 13:01:07 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2012-01-02 13:01:07 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-01-02 13:01:07 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-01-02 13:01:07 ----A---- C:\Windows\system32\d3dx10.dll
2012-01-02 13:01:06 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2012-01-02 13:01:06 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2012-01-02 13:01:06 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2012-01-02 13:01:06 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-01-02 13:01:06 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-01-02 13:01:06 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-01-02 13:01:05 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2012-01-02 13:01:05 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-01-02 13:01:05 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-01-02 13:01:03 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2012-01-02 13:01:03 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2012-01-02 13:01:03 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2012-01-02 13:01:03 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2012-01-02 13:01:03 ----A---- C:\Windows\system32\xinput1_2.dll
2012-01-02 13:01:03 ----A---- C:\Windows\system32\xinput1_1.dll
2012-01-02 13:01:03 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-01-02 13:01:03 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-01-02 13:01:02 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2012-01-02 13:01:02 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-01-02 13:01:01 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2012-01-02 13:01:01 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2012-01-02 13:01:01 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2012-01-02 13:01:01 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-01-02 13:01:01 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-01-02 13:01:01 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-01-02 13:01:00 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2012-01-02 13:01:00 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2012-01-02 13:01:00 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2012-01-02 13:01:00 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-01-02 13:01:00 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-01-02 13:01:00 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-01-02 13:01:00 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-01-02 12:45:06 ----D---- C:\Windows\SYSWOW64\directx
2012-01-02 12:27:18 ----A---- C:\Windows\system32\wrap_oal.dll
2012-01-02 12:27:17 ----D---- C:\Program Files (x86)\OpenAL
2012-01-02 12:27:17 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-01-02 12:27:17 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-01-02 12:27:17 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2012-01-02 12:27:17 ----A---- C:\Windows\system32\OpenAL32.dll
2012-01-02 12:27:16 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2012-01-02 12:27:16 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-01-02 12:13:19 ----D---- C:\Program Files (x86)\Codemasters
2012-01-02 09:51:35 ----D---- C:\ProgramData\WEBREG
2012-01-02 09:51:32 ----D---- C:\Users\Uživatel\AppData\Roaming\HP
2012-01-02 09:50:16 ----D---- C:\ProgramData\Hewlett-Packard
2012-01-02 09:47:00 ----D---- C:\ProgramData\HP Product Assistant
2012-01-02 09:46:41 ----D---- C:\Windows\SYSWOW64\spool
2012-01-02 09:44:24 ----D---- C:\Program Files (x86)\HP
2012-01-02 09:44:23 ----D---- C:\Config.Msi
2012-01-02 09:43:08 ----D---- C:\Program Files\HP
2012-01-02 09:42:20 ----N---- C:\Windows\hpomdl18.dat
2012-01-02 09:42:20 ----A---- C:\Windows\hpoins18.dat
2012-01-02 09:42:12 ----D---- C:\ProgramData\HP
2012-01-02 09:42:09 ----A---- C:\Windows\system32\hpzids40.dll
2012-01-02 09:42:08 ----A---- C:\Windows\system32\hpowiav1.dll
2012-01-02 09:42:08 ----A---- C:\Windows\system32\hpovst01.dll
2012-01-02 09:42:08 ----A---- C:\Windows\system32\hpotiop1.dll
2012-01-01 20:50:04 ----D---- C:\Program Files (x86)\Kooperativa
2012-01-01 20:50:02 ----D---- C:\Program Files (x86)\Borland
2012-01-01 20:50:02 ----A---- C:\Windows\SYSWOW64\GDS32.DLL
2012-01-01 20:49:54 ----A---- C:\Windows\SYSWOW64\DBCLIENT.DLL
2012-01-01 20:49:52 ----D---- C:\Program Files\Common Files\Borland Shared
2012-01-01 20:47:26 ----D---- C:\Program Files\Kooperativa
2011-12-31 01:33:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-12-28 15:33:11 ----D---- C:\Program Files (x86)\Microsoft Works
2011-12-28 15:32:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2011-12-28 15:32:42 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-12-28 15:31:00 ----D---- C:\Program Files\Microsoft Office
2011-12-28 15:30:56 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-12-28 15:30:25 ----D---- C:\ProgramData\Microsoft Help
2011-12-28 15:30:25 ----D---- C:\Program Files (x86)\Microsoft Office
2011-12-28 15:29:43 ----RD---- C:\MSOCache
2011-12-28 15:27:57 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-12-28 15:27:51 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-12-28 15:27:16 ----D---- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
2011-12-28 15:27:16 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-12-28 15:04:07 ----D---- C:\Program Files (x86)\uTorrent
2011-12-28 15:02:44 ----D---- C:\Users\Uživatel\AppData\Roaming\uTorrent
2011-12-28 15:01:50 ----D---- C:\Program Files (x86)\QIP
2011-12-28 14:58:20 ----D---- C:\Users\Uživatel\AppData\Roaming\Stardock
2011-12-28 14:58:19 ----HDC---- C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2011-12-28 14:58:17 ----D---- C:\Program Files (x86)\Stardock
2011-12-28 14:32:46 ----D---- C:\Program Files (x86)\Kalendar
2011-12-27 18:12:30 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2011-12-27 18:12:30 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2011-12-27 18:10:58 ----D---- C:\Program Files (x86)\Winamp Detect
2011-12-27 18:10:44 ----D---- C:\Users\Uživatel\AppData\Roaming\Winamp
2011-12-27 02:21:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-12-27 02:21:54 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-27 02:21:53 ----A---- C:\Windows\SYSWOW64\url.dll
2011-12-27 02:21:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-12-27 02:21:53 ----A---- C:\Windows\system32\url.dll
2011-12-27 02:21:53 ----A---- C:\Windows\system32\iertutil.dll
2011-12-27 02:21:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-12-27 02:21:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-12-27 02:21:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-12-27 02:21:52 ----A---- C:\Windows\system32\wininet.dll
2011-12-27 02:21:52 ----A---- C:\Windows\system32\urlmon.dll
2011-12-27 02:21:52 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-27 02:21:52 ----A---- C:\Windows\system32\ieui.dll
2011-12-27 02:21:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-12-27 02:21:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-12-27 02:21:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-12-27 02:21:51 ----A---- C:\Windows\system32\jscript9.dll
2011-12-27 02:21:51 ----A---- C:\Windows\system32\jscript.dll
2011-12-27 02:21:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-12-27 02:21:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-12-27 02:21:49 ----A---- C:\Windows\system32\mshtml.dll
2011-12-27 02:21:48 ----A---- C:\Windows\system32\ieframe.dll
2011-12-26 20:02:27 ----D---- C:\Program Files (x86)\The KMPlayer
2011-12-26 19:58:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-12-26 19:56:58 ----D---- C:\Users\Uživatel\AppData\Roaming\GHISLER
2011-12-26 19:56:58 ----D---- C:\Program Files\totalcmd
2011-12-26 19:56:58 ----A---- C:\Windows\UC.PIF
2011-12-26 19:56:58 ----A---- C:\Windows\RAR.PIF
2011-12-26 19:56:58 ----A---- C:\Windows\NOCLOSE.PIF
2011-12-26 19:56:58 ----A---- C:\Windows\LHA.PIF
2011-12-26 19:56:58 ----A---- C:\Windows\ARJ.PIF
2011-12-26 19:48:52 ----D---- C:\Users\Uživatel\AppData\Roaming\Mozilla
2011-12-26 19:45:51 ----A---- C:\Windows\system32\win32k.sys
2011-12-26 19:45:51 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-26 19:45:48 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-26 19:45:48 ----A---- C:\Windows\system32\EncDec.dll
2011-12-26 19:45:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-26 19:45:43 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2012-01-16 22:40:47 ----D---- C:\Windows\Temp
2012-01-16 18:10:27 ----D---- C:\ProgramData\MFAData
2012-01-16 18:10:25 ----D---- C:\Windows\system32\drivers\AVG
2012-01-16 16:57:56 ----D---- C:\Windows\system32\config
2012-01-16 10:38:17 ----D---- C:\Windows\System32
2012-01-16 10:38:17 ----D---- C:\Windows\inf
2012-01-16 10:38:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-15 19:00:19 ----SHD---- C:\System Volume Information
2012-01-14 19:06:48 ----SHD---- C:\Windows\Installer
2012-01-14 19:06:16 ----D---- C:\Windows\SysWOW64
2012-01-13 17:38:12 ----RD---- C:\Program Files
2012-01-13 16:48:58 ----RD---- C:\Program Files (x86)
2012-01-13 16:48:54 ----D---- C:\Windows
2012-01-13 16:03:51 ----D---- C:\Windows\system32\drivers
2012-01-13 15:08:36 ----D---- C:\ProgramData
2012-01-13 00:02:31 ----D---- C:\Windows\Prefetch
2012-01-13 00:02:31 ----A---- C:\Windows\system.ini
2012-01-13 00:02:27 ----D---- C:\Windows\system32\drivers\etc
2012-01-13 00:00:45 ----D---- C:\Windows\SYSWOW64\drivers
2012-01-13 00:00:45 ----D---- C:\Windows\AppPatch
2012-01-13 00:00:44 ----D---- C:\Program Files\Common Files
2012-01-13 00:00:44 ----D---- C:\Program Files (x86)\Common Files
2012-01-11 11:26:27 ----D---- C:\Windows\system32\DriverStore
2012-01-11 11:26:00 ----D---- C:\Windows\winsxs
2012-01-11 11:23:32 ----D---- C:\Windows\system32\drivers\UMDF
2012-01-09 23:57:33 ----D---- C:\Windows\system32\catroot
2012-01-09 18:37:39 ----RSD---- C:\Windows\assembly
2012-01-09 18:27:27 ----SD---- C:\ProgramData\Microsoft
2012-01-09 15:11:09 ----D---- C:\Windows\system32\catroot2
2012-01-09 12:43:26 ----SD---- C:\Users\Uživatel\AppData\Roaming\Microsoft
2012-01-06 13:58:59 ----HD---- C:\ProgramData\Common Files
2012-01-05 14:20:38 ----D---- C:\Windows\Microsoft.NET
2012-01-05 12:58:57 ----D---- C:\Windows\Logs
2012-01-05 11:21:50 ----RSD---- C:\Windows\Fonts
2012-01-05 11:20:24 ----A---- C:\Windows\win.ini
2012-01-04 17:27:14 ----D---- C:\Windows\twain_32
2012-01-03 15:10:29 ----D---- C:\Windows\system
2012-01-02 12:33:09 ----D---- C:\Windows\system32\Tasks
2012-01-02 12:13:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-02 10:56:02 ----D---- C:\Windows\system32\LogFiles
2011-12-31 01:34:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-12-31 01:34:38 ----D---- C:\Windows\system32\cs-CZ
2011-12-31 01:27:28 ----D---- C:\Windows\SYSWOW64\en-US
2011-12-31 01:27:28 ----D---- C:\Windows\system32\en-US
2011-12-31 01:21:34 ----D---- C:\Windows\SoftwareDistribution
2011-12-29 01:20:43 ----D---- C:\Users\Uživatel\AppData\Roaming\Skype
2011-12-29 00:37:22 ----D---- C:\Windows\system32\NDF
2011-12-28 21:52:42 ----D---- C:\Windows\rescache
2011-12-28 15:33:03 ----D---- C:\Program Files (x86)\MSBuild
2011-12-28 15:32:53 ----D---- C:\Windows\ShellNew
2011-12-28 15:31:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-12-28 13:58:00 ----D---- C:\Program Files (x86)\LibreOffice 3.4
2011-12-27 18:14:12 ----D---- C:\Program Files (x86)\Winamp
2011-12-27 12:39:24 ----D---- C:\Windows\SYSWOW64\migration
2011-12-27 12:39:24 ----D---- C:\Program Files\Internet Explorer
2011-12-27 12:39:24 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-27 12:39:22 ----D---- C:\Windows\system32\migration
2011-12-27 02:23:05 ----A---- C:\Windows\system32\MRT.exe
2011-12-25 15:22:27 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-28 254528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-27 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-27 303616]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-01-06 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-09-27 2374656]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-01-06 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-01-06 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-01-06 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-01-06 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-01-06 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-01-06 279200]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-05-13 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-11-29 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-03-25 12262336]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-06-10 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-06-10 208896]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-05-27 528384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-04-18 1413168]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-27 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-06 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-06 53920]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2009-07-29 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2009-07-29 126464]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [2007-12-12 65536]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-13 317496]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-05-27 301568]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [2007-12-12 1531989]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 934760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 17 led 2012 07:01

Zdravím.

Odinstaluj doplněk pro Firefox s názvem Firefox Rozšíření Aktualizace 1.0.0 => nahoře ve Firefoxu klikni do toho oranžového Firefox >> Správce doplňků >> Rozšíření a ten Firefox Rozsireni Aktualizace 1.0.0 dej odebrat.

Potom stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukonči všechny programy!
Pokud používáš Win Vista či Win 7, klikni na RogueKiller pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Zvol možnost 2 a potvrď [Enter].
Utilita provede svou činnost a dá log - ten mi sem vlož.
Nyní znovu stejný postup, ale zvol možnost 3 a poté ještě jednou s možností 4 - logy mi sem opět vlož.

petr.ch · #3 Příspěvek od **petr.ch** » 17 led 2012 11:56

doplněk odinstalován, scany jsem udělal.

log 2:

RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Uživatel [Admin rights]
Mode: Remove -- Date : 01/17/2012 11:53:29

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] eadda33940526c70cdd50e2264828c1d
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 107479 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 210126848 | Size: 532548 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

log 3:

RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Uživatel [Admin rights]
Mode: HOSTSFix -- Date : 01/17/2012 11:53:36

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost

¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

log 4:

RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Uživatel [Admin rights]
Mode: ProxyFix -- Date : 01/17/2012 11:53:41

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

#4 Příspěvek od **Mc_Murphy** » 17 led 2012 13:51

Fixni v HJT níže uvedené položky.

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\Uživatel.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

petr.ch · #5 Příspěvek od **petr.ch** » 17 led 2012 14:56

Postupoval jsem podle instrukcí, ale během scanu OTL mi vyskočilo nemožnost vytvoření nějakého souboru cmd.bat na plochu a scan přestal od té doby pracovat

#6 Příspěvek od **Mc_Murphy** » 17 led 2012 15:00

Tohle je chyba OTL. Při jednom příkazu dochází ke konfliktu s antivirem. Bohužel, autorovi se zatím nedaří tuto chybu odstranit.

Použij pro OTL takto upravený script:

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
%SystemDrive%\PhysicalMBR.bin /md5

Postup samozřejmě stejný, jako je uvedeno dříve.

petr.ch · #7 Příspěvek od **petr.ch** » 17 led 2012 16:40

ještě než jsem si přečetl další zprávu, tak jsem restartoval počítač a zkusil to znova. Teď už bez problémů.

tady je soubor otl.txt:

OTL logfile created on: 17.1.2012 16:30:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Uživatelská složka - NESMAZAT!!!\Plocha
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 58,79% Memory free
7,87 Gb Paging File | 5,87 Gb Available in Paging File | 74,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,10 Gb Total Space | 67,09 Gb Free Space | 67,02% Space Free | Partition Type: NTFS
Drive D: | 495,97 Gb Total Space | 269,51 Gb Free Space | 54,34% Space Free | Partition Type: NTFS
Drive F: | 4,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.17 14:00:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\OTL.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.05.13 21:00:36 | 000,317,496 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011.04.14 18:17:18 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2009.08.13 11:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files (x86)\QIP\qip.exe
PRC - [2007.12.12 01:05:04 | 001,531,989 | ---- | M] (The Firebird Project) -- C:\Program Files (x86)\Firebird\bin\fbserver.exe
PRC - [2007.12.12 01:05:04 | 000,065,536 | ---- | M] (The Firebird Project) -- C:\Program Files (x86)\Firebird\bin\fbguard.exe
PRC - [2005.11.09 21:12:44 | 000,580,608 | ---- | M] () -- C:\Program Files (x86)\Kalendar\kalendar.exe

========== Modules (No Company Name) ==========

MOD - [2009.07.14 17:14:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\QIP\Plugins\docking.dll
MOD - [2005.11.09 21:12:44 | 000,580,608 | ---- | M] () -- C:\Program Files (x86)\Kalendar\kalendar.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.05.27 11:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.04.27 09:31:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.05.13 21:00:36 | 000,317,496 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.01.06 20:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.01.06 20:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.10.22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.29 09:11:46 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2009.07.29 09:11:46 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.12.12 01:05:04 | 001,531,989 | ---- | M] (The Firebird Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.12 01:05:04 | 000,065,536 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.12.28 15:27:57 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.11.29 06:45:40 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011.10.07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011.09.13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.08.08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.07.11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.07.11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.07.11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.06.10 17:00:38 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.06.10 17:00:36 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.27 11:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.05.13 20:51:16 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.04.27 10:09:00 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.04.27 08:55:02 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.18 11:42:50 | 001,413,168 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.25 18:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.25 18:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.31 03:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.06 20:07:32 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.01.06 20:07:30 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.01.06 20:07:30 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.01.06 20:07:30 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.01.06 20:07:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.01.06 20:07:26 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.01.06 20:07:26 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.27 11:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\S-1-5-21-640237403-1379443736-898641451-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-640237403-1379443736-898641451-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-640237403-1379443736-898641451-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngineName: "Google"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}:1.0.2
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1894
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..keyword.URL: ""

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011.12.26 19:45:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.01.02 09:47:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.30 11:01:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.14 19:06:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.01.02 09:47:41 | 000,000,000 | ---D | M]

[2011.12.26 19:58:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Extensions
[2012.01.17 11:25:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\1c0dt86i.default\extensions
[2011.12.26 19:48:57 | 000,000,000 | ---D | M] (Centrum.cz nastavenĂ) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\1c0dt86i.default\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.12.26 19:48:57 | 000,000,000 | ---D | M] (Centrum domĂ©novĂ˝ pomocnĂk) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\1c0dt86i.default\extensions\centrumpomocnik@centrum.cz
[2011.12.26 19:58:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.12.26 19:45:56 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
[2012.01.02 09:47:41 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1C0DT86I.DEFAULT\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
[2010.01.12 21:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.12.30 11:01:46 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.30 11:01:46 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2011.12.30 11:01:46 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.30 11:01:46 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.30 11:01:46 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.01.17 11:53:36 | 000,000,021 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-640237403-1379443736-898641451-1000..\Run: [Kalendar] C:\Program Files (x86)\Kalendar\kalendar.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-640237403-1379443736-898641451-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-640237403-1379443736-898641451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.113.139.94 195.113.136.35
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A30FB067-B7D0-4101-86B7-3A8713127F06}: DhcpNameServer = 188.92.8.18 188.92.8.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A58FE1C3-933D-43FF-966E-D974AF59E76E}: DhcpNameServer = 192.168.15.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFDD23B9-00FD-4733-AC38-4C3A9D8F86AC}: DhcpNameServer = 195.113.139.94 195.113.136.35
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.17 14:00:51 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\OTL.exe
[2012.01.17 11:50:15 | 000,000,000 | ---D | C] -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\RK_Quarantine
[2012.01.13 17:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.13 17:38:11 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.13 16:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modelová hypotéka
[2012.01.13 16:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ModelHR
[2012.01.13 16:48:53 | 000,796,672 | ---- | C] (Qsc) -- C:\Windows\GPInstall.exe
[2012.01.13 16:47:35 | 014,812,625 | ---- | C] (Qsc) -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\iHR_515_b1.exe
[2012.01.13 15:43:14 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop
[2012.01.13 15:43:13 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
[2012.01.13 15:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
[2012.01.13 15:43:12 | 000,880,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\WM8EUTIL.exe
[2012.01.13 15:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD to MP3 Freeware
[2012.01.13 15:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.01.13 13:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.01.13 10:20:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.01.12 23:58:09 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.01.12 23:58:09 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.01.12 23:58:09 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.01.11 11:28:07 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Apple Computer
[2012.01.11 11:28:06 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Apple Computer
[2012.01.11 11:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.01.11 11:27:56 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012.01.11 11:27:56 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012.01.11 11:27:56 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012.01.11 11:27:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.01.11 11:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.01.11 11:27:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.01.11 11:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.01.11 11:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.01.11 11:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012.01.11 11:26:36 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Local\Apple
[2012.01.11 11:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.01.11 11:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.01.11 11:26:10 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.01.11 11:26:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.01.11 11:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.01.11 11:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

========== Files - Modified Within 7 Days ==========

[2012.01.17 16:31:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.17 16:24:56 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012.01.17 16:24:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.17 14:17:03 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.17 14:17:03 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.17 14:00:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\OTL.exe
[2012.01.17 11:53:36 | 000,000,021 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.01.17 11:25:35 | 000,787,456 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\RogueKiller.exe
[2012.01.17 10:53:17 | 086,841,102 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.01.16 21:00:42 | 000,000,122 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\Model_hr.ini
[2012.01.16 20:09:35 | 000,000,855 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\User_hr.cds
[2012.01.16 18:13:32 | 000,070,259 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Perspektiva7BN_Petr Dvorský.pdf
[2012.01.16 18:09:56 | 000,251,548 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.01.16 18:01:04 | 006,837,088 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\petr dvorský.pdf
[2012.01.16 17:12:05 | 002,302,913 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Uniqa Telnice.pdf
[2012.01.16 10:38:17 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.16 10:38:17 | 000,666,444 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.01.16 10:38:17 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.16 10:38:17 | 000,140,108 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.01.16 10:38:17 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.16 10:29:15 | 3169,603,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.13 17:37:32 | 000,935,175 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\RSITx64.exe
[2012.01.13 16:48:59 | 000,001,795 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Modelová hypotéka.lnk
[2012.01.13 16:48:53 | 000,796,672 | ---- | M] (Qsc) -- C:\Windows\GPInstall.exe
[2012.01.13 16:48:21 | 014,812,625 | ---- | M] (Qsc) -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\iHR_515_b1.exe
[2012.01.13 16:03:33 | 000,000,040 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\cdr.ini
[2012.01.11 11:28:02 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.11 11:23:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.01.10 23:11:34 | 000,048,995 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Oznámení změn.pdf
[2012.01.10 19:26:45 | 000,499,205 | ---- | M] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\zajíc marek.pdf

========== Files Created - No Company Name ==========

[2012.01.17 14:04:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.17 11:25:34 | 000,787,456 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\RogueKiller.exe
[2012.01.16 18:13:32 | 000,070,259 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Perspektiva7BN_Petr Dvorský.pdf
[2012.01.16 18:00:50 | 006,837,088 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\petr dvorský.pdf
[2012.01.16 17:11:52 | 002,302,913 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Uniqa Telnice.pdf
[2012.01.13 17:37:17 | 000,935,175 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\RSITx64.exe
[2012.01.13 17:27:04 | 000,000,122 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\Model_hr.ini
[2012.01.13 16:54:05 | 000,000,855 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\User_hr.cds
[2012.01.13 16:48:59 | 000,001,795 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Modelová hypotéka.lnk
[2012.01.13 16:48:54 | 000,007,538 | ---- | C] () -- C:\Windows\Czech_CZ.gpl
[2012.01.13 15:43:15 | 000,000,040 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\cdr.ini
[2012.01.12 23:58:09 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.01.12 23:58:09 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.01.12 23:58:09 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.01.12 23:58:09 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.01.12 23:58:09 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.01.11 11:28:02 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.01.11 11:26:34 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.01.11 11:23:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.01.10 23:11:34 | 000,048,995 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\Oznámení změn.pdf
[2012.01.10 19:26:45 | 000,499,205 | ---- | C] () -- D:\Uživatelská složka - NESMAZAT!!!\Plocha\zajíc marek.pdf
[2012.01.02 09:42:20 | 000,223,872 | ---- | C] () -- C:\Windows\hpoins18.dat
[2012.01.02 09:42:20 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2012.01.01 20:49:54 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2011.12.31 01:33:41 | 001,555,048 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.28 13:11:46 | 000,000,017 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2011.11.29 06:58:32 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.11.29 06:58:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.11.29 06:50:19 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011.10.21 10:27:52 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.21 10:27:52 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.21 10:22:52 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.04.27 10:05:50 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.04.18 11:40:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.03.25 18:16:08 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.17 22:05:12 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.11.29 07:37:07 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Ashampoo
[2011.11.29 07:47:39 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\AVG2012
[2011.12.28 15:28:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2012.01.04 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\EPSON
[2011.12.26 19:57:11 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\GHISLER
[2011.11.29 07:40:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\LibreOffice
[2012.01.09 00:43:14 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Simulace_2009
[2011.12.28 14:58:20 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Stardock
[2011.11.29 06:56:01 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Synaptics
[2012.01.17 14:22:14 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\uTorrent
[2011.11.29 07:41:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\XnView
[2009.07.14 06:08:49 | 000,009,468 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< netsvc >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\SysNative\drivers\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[23 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.11.29 07:39:40 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Adobe
[2012.01.11 11:28:45 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Apple Computer
[2011.11.29 07:37:07 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Ashampoo
[2011.11.29 07:01:53 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ATI
[2011.11.29 07:47:39 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\AVG2012
[2011.12.28 15:28:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2012.01.04 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\EPSON
[2011.12.26 19:57:11 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\GHISLER
[2011.11.29 07:01:39 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Hewlett-Packard
[2012.01.02 09:52:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\HP
[2011.11.29 07:05:51 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\hpqLog
[2011.11.29 06:15:59 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Identities
[2011.11.29 07:40:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\LibreOffice
[2011.11.29 08:02:50 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Macromedia
[2011.04.12 09:45:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Center Programs
[2012.01.09 12:43:26 | 000,000,000 | --SD | M] -- C:\Users\Uživatel\AppData\Roaming\Microsoft
[2011.12.26 19:48:57 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla
[2012.01.09 00:43:14 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Simulace_2009
[2011.12.29 01:20:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Skype
[2011.12.28 14:58:20 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Stardock
[2011.11.29 06:56:01 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Synaptics
[2012.01.17 14:22:14 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\uTorrent
[2011.12.27 18:16:09 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2011.11.29 06:50:36 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\WinRAR
[2011.11.29 07:41:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >
[2011.11.29 07:01:39 | 000,794,112 | ---- | M] (Hewlett-Packard Company) -- C:\Users\Uživatel\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe
[2012.01.10 16:11:34 | 000,094,710 | R--- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Installer\{FA632E53-37C3-44E4-BAE7-AEC897066D98}\_67C087D12847560214C0DF.exe
[2011.11.29 06:58:31 | 000,010,134 | R--- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Installer\{FBDD9391-0A40-EBCE-B4D6-56952CD5F8B4}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >

< %userprofile%\Desktop\*.* >
[2012.01.13 15:43:14 | 000,001,004 | ---- | M] () -- C:\Users\Uživatel\Desktop\Free CD to MP3 Converter.lnk

< %ALLUSERSPROFILE%\Plocha\*.* >

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2009.06.07 18:56:52 | 003,787,880 | ---- | M] () -- \downloads\hudba 2\Kate Voegele All Songs@160 kbps VBR MP3Pro\Kate Voegele - Where the Sidewalk Cracks.mp3

< *keygen* /s >
[2004.01.02 00:26:20 | 000,035,328 | ---- | M] () -- \DesetiPrsty\instalace\keygen.exe

< *loader* /s >
[2008.04.08 09:54:14 | 000,000,115 | ---- | M] () -- \hry\GRID\audio\audio_loader.xml
[2008.04.17 21:02:14 | 000,001,028 | ---- | M] () -- \hry\GRID\Osd\osd_loader.xml
[2007.09.27 17:01:28 | 005,569,843 | ---- | M] () -- \hudba\Toploader-Dancing In The Moonlight.mp3

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2004.01.02 00:12:10 | 000,000,026 | ---- | M] () -- \DesetiPrsty\instalace\SERIAL NUMBER.txt

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"NUSB3MON" = "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" -- [2011.04.14 18:17:18 | 000,113,288 | ---- | M] (Renesas Electronics Corporation)
"StartCCC" = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun -- [2011.04.27 09:28:48 | 000,336,384 | ---- | M] (Advanced Micro Devices, Inc.)
"QLBController" = C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start -- [2011.05.13 20:57:56 | 000,318,520 | ---- | M] (Hewlett-Packard Company)
"SunJavaUpdateSched" = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" -- [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.)
"Adobe ARM" = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated)
"AVG_TRAY" = "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" -- [2011.12.03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.)
"GrooveMonitor" = "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" -- [2008.10.25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation)
"hpqSRMon" = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe -- [2008.07.22 18:33:36 | 000,150,528 | ---- | M] (Hewlett-Packard)
"HP Software Update" = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe -- [2007.05.08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard)
"APSDaemon" = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -- [2011.11.01 23:25:58 | 000,059,240 | ---- | M] (Apple Inc.)
"iTunesHelper" = "C:\Program Files (x86)\iTunes\iTunesHelper.exe" -- [2011.12.08 01:36:42 | 000,421,736 | ---- | M] (Apple Inc.)

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Kalendar" = C:\Program Files (x86)\Kalendar\kalendar.exe -- [2005.11.09 21:12:44 | 000,580,608 | ---- | M] ()
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 04:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
"NUSB3MON" = "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" -- [2011.04.14 18:17:18 | 000,113,288 | ---- | M] (Renesas Electronics Corporation)
"StartCCC" = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun -- [2011.04.27 09:28:48 | 000,336,384 | ---- | M] (Advanced Micro Devices, Inc.)
"QLBController" = C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start -- [2011.05.13 20:57:56 | 000,318,520 | ---- | M] (Hewlett-Packard Company)
"SunJavaUpdateSched" = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" -- [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.)
"Adobe ARM" = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" -- [2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated)
"AVG_TRAY" = "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" -- [2011.12.03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.)
"GrooveMonitor" = "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" -- [2008.10.25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation)
"hpqSRMon" = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe -- [2008.07.22 18:33:36 | 000,150,528 | ---- | M] (Hewlett-Packard)
"HP Software Update" = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe -- [2007.05.08 16:24:20 | 000,054,840 | ---- | M] (Hewlett-Packard)
"APSDaemon" = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -- [2011.11.01 23:25:58 | 000,059,240 | ---- | M] (Apple Inc.)
"iTunesHelper" = "C:\Program Files (x86)\iTunes\iTunesHelper.exe" -- [2011.12.08 01:36:42 | 000,421,736 | ---- | M] (Apple Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.17 16:31:46 | 000,000,512 | ---- | M] () MD5=EADDA33940526C70CDD50E2264828C1D -- C:\PhysicalMBR.bin

< End of report >

petr.ch · #8 Příspěvek od **petr.ch** » 17 led 2012 16:41

A zde extras.txt:

OTL Extras logfile created on: 17.1.2012 16:30:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Uživatelská složka - NESMAZAT!!!\Plocha
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 58,79% Memory free
7,87 Gb Paging File | 5,87 Gb Available in Paging File | 74,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,10 Gb Total Space | 67,09 Gb Free Space | 67,02% Space Free | Partition Type: NTFS
Drive D: | 495,97 Gb Total Space | 269,51 Gb Free Space | 54,34% Space Free | Partition Type: NTFS
Drive F: | 4,26 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-640237403-1379443736-898641451-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{41B19F41-8A6F-4422-AD69-CF3B408F382C}" = AVG 2012
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64C0356C-C3E0-032C-3A3D-341FD4623165}" = ATI Catalyst Install Manager
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6D830209-41C2-4D6B-BA25-4EF98807D9FB}" = AVG 2012
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{CB6F2A94-9A12-4CB0-8BB4-E36F4F2DF643}" = HP HotKey Support
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D7166FE7-32BA-0C4E-CEC7-E3F84470FC60}" = ccc-utility64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E63C9DDB-74E0-5A5F-7979-32905406D899}" = WMV9/VC-1 Video Playback
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"AVG" = AVG 2012
"EPSON SX100 Series" = Odinstalace tiskárny EPSON SX100 Series
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F18668B-C7CE-5BC3-3878-E3DDC53EC228}" = CCC Help Greek
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F6D9B10-93CF-57D6-A8C6-61742B549F8C}" = CCC Help Hungarian
"{11775B47-F0F5-0D99-9CCB-ADF2F7B4793B}" = CCC Help Korean
"{1590A987-E170-860F-E565-FB8B3E0D5E2A}" = CCC Help Czech
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1BD1DC49-0B70-0E91-B2FC-58A749838800}" = CCC Help Russian
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{29985347-1105-D77E-6AA0-EDC1B30906F5}" = CCC Help Thai
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2BA5F085-B901-C43E-595C-618C2B005810}" = CCC Help Danish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F92F040-AEA9-59A2-4897-3313579EB777}" = Catalyst Control Center Profiles Mobile
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3917BE34-FF0E-8814-79C2-F398B9F5DC71}" = Catalyst Control Center Localization All
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51B5FC11-B3FC-E703-1430-B02E1E0102E8}" = CCC Help Turkish
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5D6590E6-5E21-583B-4399-868589376986}" = Catalyst Control Center Graphics Previews Common
"{61B2A4A8-85BF-4C14-5052-5E314B5FDCCA}" = CCC Help German
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68DF4A5B-B921-53B6-37BE-6C5B62813DAD}" = CCC Help Swedish
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{737DCE46-824C-40BA-8776-81D9D1DB04AB}" = Catalyst Control Center - Branding
"{763DCEBA-0B72-0C7D-61CF-620CE14FC161}" = Catalyst Control Center
"{778D3250-3061-C6BD-BADB-559B8177F59F}" = CCC Help Norwegian
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E0828BE-44C3-F051-3100-F6FAEE573D55}" = CCC Help Chinese Standard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9A0049D3-078F-9470-14CE-F1E69752F512}" = CCC Help Portuguese
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A53EE2F2-B7B3-B49F-B6BF-96EF8D2D9F26}" = CCC Help Italian
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{B19F4FF8-E3BA-1BB8-4F47-48D91F28C479}" = CCC Help Polish
"{B7CC9483-5BAF-4F14-0563-2C2674661112}" = Catalyst Control Center InstallProxy
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCE50A92-CEDE-E2C0-5783-601A3B3DC63E}" = CCC Help Finnish
"{CD09EBBD-793E-6903-6335-642A470D0B23}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E330ABB9-2BD8-504C-B959-26C889CC14C2}" = CCC Help Dutch
"{E3F745B0-29B9-9483-3962-A1EDD958C24E}" = CCC Help Chinese Traditional
"{EEE1FF07-FDE5-0EFB-45F3-0FE909C6E539}" = CCC Help Japanese
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FA632E53-37C3-44E4-BAE7-AEC897066D98}" = Simulace_PCS
"{FB1F181C-3CF3-5341-59F8-2C9A78BB66C5}" = CCC Help Spanish
"{FBDD9391-0A40-EBCE-B4D6-56952CD5F8B4}" = PX Profile Update
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCE18696-8A12-B6A9-9C3B-7545EB5FE5EB}" = CCC Help English
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"FBDBServer_1_5_is1" = Firebird 1.5.5
"Fences" = Fences
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Hledik - Poradce - MAKFAC,AWD,MBI" = Poradce - MAKFAC,AWD,MBI, verze 1.32/1
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InterBase 6 Client Open Edition - 6.0.2.0" = InterBase 6 Client Open Edition - 6.0.2.0
"ISOS_is1" = ISOS 5.3.3.0 (Externí síť, XP,Vista,Win7)
"Kalendář_is1" = Kalendář v0.1.21
"Kalkulátory_is1" = ČSOBP Kalkulátory 1.5.0.0 (MOBILITY)
"Modelová hypotéka" = Modelová hypotéka
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"OpenAL" = OpenAL
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XnView_is1" = XnView 1.98.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-640237403-1379443736-898641451-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#9 Příspěvek od **Mc_Murphy** » 18 led 2012 06:39

Ano, i to se stane. Restart řeší většinu problémů ve Windows.

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1C0DT86I.DEFAULT\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[23 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

:Files
C:\$RECYCLE.BIN
C:\DesetiPrsty\instalace\keygen.exe /d
C:\DesetiPrsty\instalace\SERIAL NUMBER.txt /d
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
"SunJavaUpdateSched"=-
"Adobe ARM"=-
"hpqSRMon"=-
"HP Software Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
"SunJavaUpdateSched"=-
"Adobe ARM"=-
"hpqSRMon"=-
"HP Software Update"=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

petr.ch · #10 Příspěvek od **petr.ch** » 18 led 2012 10:24

další log:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Uživatel
->Temp folder emptied: 15741249 bytes
->Temporary Internet Files folder emptied: 14281187 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 84001983 bytes
->Flash cache emptied: 9102 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 313213 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 6553944 bytes

Total Files Cleaned = 115,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Uživatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Prefs.js: "" removed from browser.search.selectedEngine
Prefs.js: "" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7815BE26-237D-41A8-A98F-F7BD75F71086}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31AA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP99DE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD680.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP498F.tmp\System.Web.RegularExpressions.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP498F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4E6D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP71A7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7772.tmp\System.ServiceModel.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7772.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA43C.tmp\ehiwmp.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA43C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD6EF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\twain_32\hpqgnds2.tmp deleted successfully.
========== FILES ==========
C:\$RECYCLE.BIN\S-1-5-21-640237403-1379443736-898641451-1000 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
File\Folder C:\DesetiPrsty\instalace\keygen.exe not found.
File\Folder C:\DesetiPrsty\instalace\SERIAL NUMBER.txt not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\StartCCC not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\hpqSRMon not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update not found.

OTL by OldTimer - Version 3.2.31.0 log created on 01182012_101522

Files\Folders moved on Reboot...
C:\Users\Uživatel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

#11 Příspěvek od **Mc_Murphy** » 18 led 2012 10:46

OK, OTL provedlo, co mělo.

Jak je na tom počítač? Můžeme dočistit?

petr.ch · #12 Příspěvek od **petr.ch** » 18 led 2012 11:18

můžeme, počítač už funguje o něco líp. Co bude další krok??

#13 Příspěvek od **Mc_Murphy** » 18 led 2012 14:37

Tak to jsem rád.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stáhni a spusť.
Pro potvrzení volby mačkej A, Enter.
Po použití utilitu smaž.
Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir).

Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

petr.ch · #14 Příspěvek od **petr.ch** » 18 led 2012 17:16

Mc_Murphy moc děkuju za pomoc, velice si jí cením

po tom, co jsem udělal posledně popsané kroky a odinstaloval parodii antiviru jménem AVG a nahradil NODem, tak se už žádné problémy neobjevují. Ještě jednou díky

#15 Příspěvek od **Mc_Murphy** » 18 led 2012 17:22

Není vůbec zač.

Každopádně! NOD není zadarmo! Jestli jsi si tento antivir legálně nezakoupil a cracknul, moc Ti to nepomůže. To bych opravdu nerad viděl!
Ano, AVG není moc dobrý antivir, to je fakt. Každopádně platí, co jsem psal předtím.

VIRY.CZ

otevírání her z facebooku v záložkách, tracking cookie atdmt

otevírání her z facebooku v záložkách, tracking cookie atdmt

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a

Re: otevírání her z facebooku v záložkách, tracking cookie a