VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-01-29 20:03:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 279 MB (0%) free of 114 GB
Total RAM: 2046 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:43, on 29.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Heroes of Newerth\hon.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com?pr=photopos2_0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6792 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.1.0, plugin3@gameplaylabs.com:3.0, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, jqs@sun.com:1.0, {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}:2.0, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\
plugin3@gameplaylabs.com
{20a82645-c095-46ed-80e3-08825760534b}
{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}]
PhotoPos Toolbar - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll [2009-09-30 91584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-10-25 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - PhotoPos Toolbar - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll [2009-09-30 91584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"MP10_EnsureFileVer"=C:\WINDOWS\inf\unregmp2.exe [2008-04-14 208896]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-27 98304]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-04-07 69632]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-07 16859136]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-01-03 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ImageMixer HDD Camera Monitor.lnk]
C:\PROGRA~1\PIXELA\IMAGEM~1\HDDCAM~1.EXE [2007-01-04 2117632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2011-03-03 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-06-27 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.lhacm"=lhacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-01-29 20:03:34 ----D---- C:\Program Files\trend micro
2012-01-25 14:20:39 ----D---- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
2012-01-21 11:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-18 17:46:22 ----D---- C:\Program Files\Heroes of Newerth
2012-01-14 12:52:20 ----A---- C:\WINDOWS\system32\ChCfg.exe
2012-01-14 12:51:37 ----A---- C:\WINDOWS\Alcmtr.exe
2012-01-14 12:51:31 ----A---- C:\WINDOWS\HideWin.exe
2012-01-12 21:19:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2012-01-12 21:19:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ubisoft
2012-01-12 18:08:49 ----D---- C:\Program Files\Ubisoft
2012-01-12 14:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-12 14:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-12 14:39:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-12 14:39:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-12 14:39:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-08 18:26:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Red Alert 3
2012-01-08 13:35:57 ----HD---- C:\WINDOWS\msdownld.tmp
2011-12-31 00:17:29 ----D---- C:\Program Files\Activision

======List of files/folders modified in the last 1 month======

2012-01-29 20:03:38 ----D---- C:\WINDOWS\Prefetch
2012-01-29 20:03:35 ----D---- C:\WINDOWS\Temp
2012-01-29 20:03:34 ----RD---- C:\Program Files
2012-01-29 19:56:07 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2012-01-29 12:55:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-29 12:48:20 ----D---- C:\WINDOWS\network diagnostic
2012-01-29 12:46:14 ----D---- C:\WINDOWS
2012-01-29 12:46:12 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-29 09:40:41 ----D---- C:\WINDOWS\pss
2012-01-28 18:44:23 ----A---- C:\WINDOWS\NeroDigital.ini
2012-01-28 12:21:59 ----D---- C:\Program Files\Mozilla Firefox
2012-01-27 19:15:44 ----D---- C:\Program Files\ESET
2012-01-27 08:02:17 ----D---- C:\WINDOWS\system32\config
2012-01-26 22:19:19 ----D---- C:\WINDOWS\system32
2012-01-26 22:19:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-25 10:39:01 ----D---- C:\Program Files\Mozilla Thunderbird
2012-01-24 21:22:20 ----SHD---- C:\WINDOWS\Installer
2012-01-21 20:53:10 ----D---- C:\Program Files\Garena
2012-01-21 11:48:35 ----HD---- C:\WINDOWS\inf
2012-01-21 11:48:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-21 09:44:47 ----D---- C:\WINDOWS\$hf_mig$
2012-01-18 18:09:04 ----D---- C:\WINDOWS\system32\Restore
2012-01-18 17:46:55 ----D---- C:\WINDOWS\system32\DirectX
2012-01-16 21:42:10 ----D---- C:\WINDOWS\Minidump
2012-01-15 21:17:35 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2012-01-15 19:42:22 ----D---- C:\Program Files\World of Warcraft
2012-01-14 12:52:21 ----D---- C:\WINDOWS\system32\RTCOM
2012-01-14 12:52:20 ----D---- C:\WINDOWS\system32\drivers
2012-01-13 17:46:57 ----RSD---- C:\WINDOWS\assembly
2012-01-13 17:32:01 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-12 21:35:50 ----D---- C:\WINDOWS\Debug
2012-01-12 21:33:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2012-01-12 14:40:06 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 20:20:49 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-11 15:36:09 ----D---- C:\WINDOWS\WinSxS
2011-12-30 20:48:33 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mumble

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-29 232512]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-11-22 271360]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-11-22 18048]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-06-27 7022080]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-07 4713472]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2011-01-14 277352]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-05-17 101904]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-06-27 643072]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravím.

Tak jako první tam vidím dva antiviry AVG a ESET NOD32 Antivirus. Oba jsou placené, takže nepočítám, že bys je měl oba legálně, nebo?

Jeden z nich musí jít pryč, jinak Ti bude system kolidovat. Tak jak to uděláme?

No, avg byla trialka poslední měsíc. NOD byl placený rok, a teď uvažuju, jestli dokoupit, nebo ne. Je to stolní PC a za rok kupuju noťas na výšku. Klidně bych vymazal oba

V PC musíš mít jen jeden antivir a samozřejmě legální. Pokud AVG vypršel trial limit - pryč s ním. Jestli ESETu končí licence - pryč s ním nebo znovu dokoupit. Žádné nelegality! A pokud odpálíš oba, vyber si jeden z free variant zabezpečení, čili Avast!, Avira nebo MSE. Mít v dnešní době počítač bez antiviru není zrovna rozumné řešení.

Vidím to na ten Avast, oboje zruším, license doběhla asi před měsícem cca.

OK. Oba odinstaluj a na AVG potom použij tento jejich remover a na ESET zase tento. Oba zajistí, aby z PC zmizely opravdu všechny soubory s nimi svázané.

Až bude čisto, nainstaluj tedy ten Avast! Free Antivirus a hoď mi sem aktuální log ze RSITu. Kdyby byly problémy, napiš.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-01-31 19:30:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (2%) free of 114 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:20, on 31.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Documents and Settings\Administrator\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com?pr=photopos2_0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [AvgRemover] C:\Documents and Settings\Administrator\Dokumenty\Downloads\avg_remover_stf_x86_2012_1796.exe /run_number=2 /ndis_nextstep=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6231 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.1.0, plugin3@gameplaylabs.com:3.0, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, jqs@sun.com:1.0, {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}:2.0, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.25"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\
plugin3@gameplaylabs.com
{20a82645-c095-46ed-80e3-08825760534b}
{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}]
PhotoPos Toolbar - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll [2009-09-30 91584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-10-25 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - PhotoPos Toolbar - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll [2009-09-30 91584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"MP10_EnsureFileVer"=C:\WINDOWS\inf\unregmp2.exe [2008-04-14 208896]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-27 98304]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-04-07 69632]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-07 16859136]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgRemover"=C:\Documents and Settings\Administrator\Dokumenty\Downloads\avg_remover_stf_x86_2012_1796.exe [2012-01-31 1692968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-01-03 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ImageMixer HDD Camera Monitor.lnk]
C:\PROGRA~1\PIXELA\IMAGEM~1\HDDCAM~1.EXE [2007-01-04 2117632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2011-03-03 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-06-27 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.lhacm"=lhacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-01-31 19:21:05 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-01-31 19:21:04 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-01-31 19:21:03 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-01-31 19:21:02 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-01-31 19:21:02 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-01-31 19:21:01 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-01-31 19:21:01 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-01-31 19:21:00 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-01-31 19:20:35 ----A---- C:\WINDOWS\avastSS.scr
2012-01-31 19:20:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-01-31 19:20:09 ----D---- C:\Program Files\AVAST Software
2012-01-31 19:20:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-01-29 20:03:34 ----D---- C:\Program Files\trend micro
2012-01-25 14:20:39 ----D---- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
2012-01-21 11:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-18 17:46:22 ----D---- C:\Program Files\Heroes of Newerth
2012-01-14 12:52:20 ----A---- C:\WINDOWS\system32\ChCfg.exe
2012-01-14 12:51:37 ----A---- C:\WINDOWS\Alcmtr.exe
2012-01-14 12:51:31 ----A---- C:\WINDOWS\HideWin.exe
2012-01-12 21:19:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2012-01-12 21:19:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ubisoft
2012-01-12 18:08:49 ----D---- C:\Program Files\Ubisoft
2012-01-12 14:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-12 14:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-12 14:39:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-12 14:39:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-12 14:39:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-08 18:26:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Red Alert 3
2012-01-08 13:35:57 ----HD---- C:\WINDOWS\msdownld.tmp

======List of files/folders modified in the last 1 month======

2012-01-31 19:29:33 ----D---- C:\WINDOWS\Temp
2012-01-31 19:21:31 ----D---- C:\WINDOWS\Prefetch
2012-01-31 19:21:05 ----D---- C:\WINDOWS\system32\drivers
2012-01-31 19:20:49 ----SHD---- C:\WINDOWS\Installer
2012-01-31 19:20:47 ----D---- C:\WINDOWS\WinSxS
2012-01-31 19:20:35 ----D---- C:\WINDOWS
2012-01-31 19:20:34 ----D---- C:\WINDOWS\system32
2012-01-31 19:20:09 ----RD---- C:\Program Files
2012-01-31 19:12:27 ----D---- C:\Program Files\Mozilla Thunderbird
2012-01-31 19:10:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-31 19:10:14 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2012-01-31 14:55:49 ----HD---- C:\WINDOWS\inf
2012-01-31 14:55:46 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-30 18:02:57 ----D---- C:\WINDOWS\system32\config
2012-01-29 12:48:20 ----D---- C:\WINDOWS\network diagnostic
2012-01-29 09:40:41 ----D---- C:\WINDOWS\pss
2012-01-28 18:44:23 ----A---- C:\WINDOWS\NeroDigital.ini
2012-01-28 12:21:59 ----D---- C:\Program Files\Mozilla Firefox
2012-01-26 22:19:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-21 20:53:10 ----D---- C:\Program Files\Garena
2012-01-21 11:48:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-21 09:44:47 ----D---- C:\WINDOWS\$hf_mig$
2012-01-18 18:09:04 ----D---- C:\WINDOWS\system32\Restore
2012-01-18 17:46:55 ----D---- C:\WINDOWS\system32\DirectX
2012-01-16 21:42:10 ----D---- C:\WINDOWS\Minidump
2012-01-15 21:17:35 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2012-01-15 19:42:22 ----D---- C:\Program Files\World of Warcraft
2012-01-14 12:52:21 ----D---- C:\WINDOWS\system32\RTCOM
2012-01-13 17:46:57 ----RSD---- C:\WINDOWS\assembly
2012-01-13 17:32:01 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-12 21:35:50 ----D---- C:\WINDOWS\Debug
2012-01-12 21:33:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2012-01-12 14:40:06 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 20:20:49 ----D---- C:\WINDOWS\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-29 232512]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-11-22 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-11-22 18048]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-06-27 7022080]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-07 4713472]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2011-01-14 277352]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-05-17 101904]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Nokia USB Serial Port Driver ; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-06-27 643072]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

OK, jdeme dál.

Uvolni nějaké místo na systémovém disku C:\ => 2 GB je opravdu málo, systém se dusí! Měl bys mít okolo 10 GB volného, jinak se bude systém zpomalovat.

Aktualizuj MS Internet Explorer na poslední verzi. I když používáš prohlížeč Mozilla Firefox, aktualizace řeší spoustu problémů i v systému samotném.

Potom fixni v HJT níže uvedené položky.

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com?pr=photopos2_0
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O3 - Toolbar: PhotoPos Toolbar - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files\PhotoposComTbr\PhotoposComTbrLib.dll
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\RunOnce: [AvgRemover] C:\Documents and Settings\Administrator\Dokumenty\Downloads\avg_remover_stf_x86_2012_1796.exe /run_number=2 /ndis_nextstep=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

Dále stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

OTL Extras logfile created on: 1.2.2012 15:35:38 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 75,81% Memory free
3,85 Gb Paging File | 3,25 Gb Available in Paging File | 84,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,78 Gb Total Space | 27,74 Gb Free Space | 24,82% Space Free | Partition Type: NTFS
Drive D: | 4,27 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: DOMA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II -- ()
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay -- (Ubisoft Entertainment)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07201ED7-59CE-D4CB-694D-E27E499D2697}" = CCC Help Korean
"{0ECF230E-312C-736E-FF48-FFFA90343790}" = CCC Help Danish
"{0F0E426B-9C54-8302-44A9-02BFEDBB6E70}" = Catalyst Control Center Localization All
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2463291F-A2AB-12F7-0D4B-9BDEC978F165}" = ATI Problem Report Wizard
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{27211BD9-25C2-F400-F1B2-3E20AA1BEA29}" = CCC Help Czech
"{2741C9EE-D279-28D4-A256-C83FF7428404}" = CCC Help Hungarian
"{2CDF3DBD-05CA-FC13-02DB-FD3EB172A61C}" = ATI AVIVO Codecs
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35AC4231-95AB-A963-09AB-422304E5A9A3}" = CCC Help German
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{552AE631-915C-1855-B568-F7789D5514A4}" = CCC Help Polish
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6290D291-F5EA-0AB4-85F5-C9211E97C160}" = CCC Help French
"{6408E48C-797F-A0A5-FCA2-BC9673CAA43A}" = CCC Help Italian
"{6CEBE9C8-A4B6-96A6-BDB8-75BE6399A0B4}" = Catalyst Control Center
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D45EF03-E8EE-4355-81C3-F918CBCF1033}" = Nero 8
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{751910E3-ECF1-44D0-BF3F-2936A4424514}" = ImageMixer3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AFE5C80-C3E0-2EBF-D278-DFD73FA9AB88}" = CCC Help Portuguese
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93B6C606-7862-9E35-A5C6-F23A52671060}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E819623-0977-4900-B158-E6F664CB9A96}" = CCC Help Spanish
"{A1CA3ED1-6CBC-0B21-B22E-E800C084AE47}" = CCC Help Dutch
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3A97DBB-D6D3-F798-53B5-4F0ACBB637F8}" = Catalyst Control Center Graphics Previews Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{AD2EFC45-2959-7131-22F7-2BF11178F7A9}" = CCC Help Japanese
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BD78127E-9111-A8C8-3BE5-5A77ABF4795E}" = CCC Help Norwegian
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C5A33D51-D6E0-1748-1BD5-700360AA92CF}" = CCC Help Chinese Traditional
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D23B3389-85E3-5207-5AAA-E6AEAA073B82}" = CCC Help Turkish
"{D5677124-6379-A3D2-50DA-40AD496EEF0E}" = CCC Help Thai
"{DC548306-7CEA-FAE7-E41A-3FC1EE2CF4F0}" = CCC Help Greek
"{E5DF4DDA-E877-DA6E-79AC-1CF413A4A742}" = CCC Help Russian
"{E6C631DB-FB0C-0B2A-BE0C-87F81B9CF33E}" = Catalyst Control Center InstallProxy
"{E9EA4986-5A70-7DCB-DA25-CF3C81F52D81}" = CCC Help English
"{F0C10253-F63B-BBD5-38FD-A0309A599C07}" = CCC Help Chinese Standard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F581CECE-2F0F-6432-69D5-6257E2689BE1}" = CCC Help Swedish
"{F75EC207-E7F4-0767-0A77-37FBD7B9F77D}" = ATI Catalyst Install Manager
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FE5ABF6A-0734-0D47-CA59-52055B99E45C}" = ccc-utility
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"Any Video Converter_is1" = Any Video Converter 3.2.3
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Citrix Program Neighborhood" = Citrix Program Neighborhood
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps (remove only)
"Garena" = Garena 2010
"Garena Classic 2011" = Garena Classic 2011
"hon" = Heroes of Newerth
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"Mumble" = Mumble and Murmur
"Photo Pos Pro" = Photo Pos Pro
"PhotoposComTbr" = Photopos Toolbar (Remove Toolbar Only)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.7
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Assassin´s Creed II DLC Unlocker" = Assassin´s Creed II DLC Unlocker
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.1.2012 7:34:45 | Computer Name = DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 8.1.2012 7:35:46 | Computer Name = DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.1.2012 13:41:20 | Computer Name = DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace ra3_1.0.game, verze 1.0.3174.697, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x725f736c.

Error - 8.1.2012 13:46:27 | Computer Name = DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace ra3_1.0.game, verze 1.0.3174.697, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x725f736c.

Error - 9.1.2012 8:33:41 | Computer Name = DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace vcredist_x64.exe, verze 4.0.1066.0, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 18.1.2012 13:08:15 | Computer Name = DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hon.exe, verze 0.1.54.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2012 8:00:09 | Computer Name = DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2012 8:00:11 | Computer Name = DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.1.2012 8:00:13 | Computer Name = DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.1.2012 15:45:36 | Computer Name = DOMA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hon.exe, verze 0.1.54.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 12.1.2012 11:41:57 | Computer Name = DOMA | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 14.1.2012 17:44:58 | Computer Name = DOMA | Source = System Error | ID = 1003
Description = Kód chyby 1000008e, parametr1 c0000005, parametr2 aa39d00b, parametr3
aa82471c, parametr4 00000000.

Error - 15.1.2012 14:21:04 | Computer Name = DOMA | Source = System Error | ID = 1003
Description = Kód chyby 1000008e, parametr1 c0000005, parametr2 aa71000b, parametr3
a649771c, parametr4 00000000.

Error - 16.1.2012 16:34:11 | Computer Name = DOMA | Source = System Error | ID = 1003
Description = Kód chyby 1000008e, parametr1 c0000005, parametr2 aa37600b, parametr3
a670771c, parametr4 00000000.

Error - 17.1.2012 8:53:01 | Computer Name = DOMA | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby SSDPSRV jako uživatel NT AUTHORITY\LocalService
se se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 17.1.2012 8:53:02 | Computer Name = DOMA | Source = Service Control Manager | ID = 7000
Description = Služba Služba rozpoznávání pomocí protokolu SSDP neuspěla při spuštění
v důsledku následující chyby: %%1069

Error - 19.1.2012 10:05:39 | Computer Name = DOMA | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby SSDPSRV jako uživatel NT AUTHORITY\LocalService
se se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 19.1.2012 10:05:39 | Computer Name = DOMA | Source = Service Control Manager | ID = 7000
Description = Služba Služba rozpoznávání pomocí protokolu SSDP neuspěla při spuštění
v důsledku následující chyby: %%1069

Error - 30.1.2012 15:18:15 | Computer Name = DOMA | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby SSDPSRV jako uživatel NT AUTHORITY\LocalService
se se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 30.1.2012 15:18:15 | Computer Name = DOMA | Source = Service Control Manager | ID = 7000
Description = Služba Služba rozpoznávání pomocí protokolu SSDP neuspěla při spuštění
v důsledku následující chyby: %%1069

< End of report >

OTL logfile created on: 1.2.2012 15:35:38 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 75,81% Memory free
3,85 Gb Paging File | 3,25 Gb Available in Paging File | 84,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,78 Gb Total Space | 27,74 Gb Free Space | 24,82% Space Free | Partition Type: NTFS
Drive D: | 4,27 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: DOMA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.02.01 15:33:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\OTL.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.07.09 05:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.15 10:15:36 | 000,417,792 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gKbdTask.exe
PRC - [2006.12.14 13:43:30 | 000,331,776 | ---- | M] () -- C:\Genius\ioCentre\gAutoScroll.exe
PRC - [2006.12.08 21:09:56 | 000,241,664 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gTaskBar.exe
PRC - [2006.12.04 19:36:24 | 000,630,784 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gMouseTask.exe
PRC - [2006.12.04 18:24:56 | 000,409,600 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gDeskMgm.exe
PRC - [2006.11.10 10:40:24 | 000,491,520 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gZoom.exe
PRC - [2006.11.10 10:06:18 | 000,315,392 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gTaskSwitch.exe
PRC - [2006.11.09 18:29:26 | 000,229,376 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gMGlass.exe
PRC - [2006.11.09 17:56:38 | 000,315,392 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gIMMgm.exe
PRC - [2006.11.09 17:12:42 | 000,487,424 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gAutoPan.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.01 09:10:15 | 001,697,280 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12020100\algo.dll
MOD - [2012.01.31 10:18:56 | 001,688,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12013100\algo.dll
MOD - [2012.01.11 20:20:15 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
MOD - [2012.01.11 15:35:59 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.10.14 16:29:17 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.14 16:28:32 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.13 18:28:44 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.13 18:28:39 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.13 18:28:27 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.13 15:12:25 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.13 15:12:11 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.07.09 05:51:17 | 000,329,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\ppgooglenaclpluginchrome.dll
MOD - [2011.07.09 05:51:16 | 003,649,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\pdf.dll
MOD - [2011.07.09 05:50:09 | 000,321,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\Locales\cs.dll
MOD - [2011.07.09 05:49:50 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avutil-50.dll
MOD - [2011.07.09 05:49:48 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avformat-52.dll
MOD - [2011.07.09 05:49:47 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avcodec-52.dll
MOD - [2011.07.09 03:31:29 | 006,333,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\gcswf32.dll
MOD - [2011.06.27 14:30:22 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.03.16 11:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2008.04.14 08:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.12.14 13:43:30 | 000,331,776 | ---- | M] () -- C:\Genius\ioCentre\gAutoScroll.exe

========== Win32 Services (SafeList) ==========

SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.11.22 19:18:47 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.11.22 19:18:45 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.10.29 12:02:38 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.06.27 21:27:40 | 007,022,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011.03.30 19:46:12 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011.01.14 15:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.05.17 13:04:06 | 000,101,904 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008.04.07 16:06:52 | 004,713,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.04.11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006.07.14 07:33:58 | 000,009,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2006.07.14 07:30:52 | 000,014,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2004.06.29 09:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2001.08.17 20:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029) Realtek RTL8029(AS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-515967899-1336601894-839522115-500\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-515967899-1336601894-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.1.0
FF - prefs.js..extensions.enabledItems: plugin3@gameplaylabs.com:3.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}:2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.10.25 15:18:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.01.31 19:20:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.29 16:54:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.12 14:40:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.03.11 09:09:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.10.25 15:18:53 | 000,000,000 | ---D | M]

[2011.03.11 09:09:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.03.11 09:09:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.01.28 12:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions
[2011.10.02 17:55:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.03 23:22:06 | 000,000,000 | ---D | M] (PhotoPos Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
[2011.03.13 12:08:13 | 000,000,000 | ---D | M] (XfireXO) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2012.01.05 09:12:09 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.06.06 16:06:29 | 000,000,000 | ---D | M] (Media Plugin) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com
[2012.01.28 12:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.06.06 16:06:12 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.06.06 16:12:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.09 20:52:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.11.17 18:05:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\PLUGIN3@GAMEPLAYLABS.COM
[2011.10.25 15:18:53 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011.06.09 20:52:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.06.07 11:58:58 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.06.07 11:58:58 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.06.07 11:58:58 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.07 11:58:58 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.07 11:58:58 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://search.avg.com/?d=4e300fd5&v=7.5 ... earchTerms}
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms}
CHR - Extension: avast! WebRep = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2011.07.29 18:55:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-515967899-1336601894-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1336601894-839522115-500\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe (TODO: <Company name>)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-1336601894-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CC6DA60-22E8-4356-A977-5D534CB2DCD5}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.03 10:03:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.31 19:21:05 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.01.31 19:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2012.01.31 19:21:04 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.01.31 19:21:03 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.01.31 19:21:02 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.01.31 19:21:02 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.01.31 19:21:01 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.01.31 19:21:01 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.01.31 19:21:00 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.01.31 19:20:35 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.01.31 19:20:34 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.01.31 19:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.01.31 19:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.01.29 21:27:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2012.01.29 20:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.02.01 15:38:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.02.01 15:19:03 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.02.01 15:16:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.31 19:21:05 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.01.31 19:21:01 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.01.30 17:06:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.28 18:44:23 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.01.28 12:42:34 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.28 12:22:46 | 000,067,414 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\jidlo.pdf
[2012.01.26 22:19:19 | 000,605,772 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.26 22:19:19 | 000,600,416 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.01.26 22:19:19 | 000,136,366 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.01.26 22:19:19 | 000,115,240 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.01.25 16:09:14 | 000,148,259 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\WoWScrnShot_012412_233659.jpg
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.01 15:38:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.31 19:21:05 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.01.28 12:22:46 | 000,067,414 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\jidlo.pdf
[2012.01.25 16:09:12 | 000,148,259 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\WoWScrnShot_012412_233659.jpg
[2012.01.14 12:52:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.12.02 19:26:42 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.11.22 19:18:47 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.11.22 19:18:45 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.09.25 19:08:33 | 000,000,840 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\SRDownloader.nast
[2011.08.28 14:01:42 | 000,000,020 | ---- | C] () -- C:\WINDOWS\level.ini
[2011.08.03 23:25:22 | 000,000,098 | -HS- | C] () -- C:\WINDOWS\WSYS049.SYS
[2011.08.03 23:25:22 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\syoepk_lib0.dll
[2011.08.03 23:21:45 | 000,201,437 | ---- | C] () -- C:\WINDOWS\Photo Pos Pro Uninstaller.exe
[2011.07.29 18:47:39 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.29 18:47:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.07.29 18:47:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.07.29 18:47:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.07.29 18:47:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.06.27 15:23:20 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.06.17 19:51:41 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin
[2011.06.06 14:21:24 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011.06.06 14:21:24 | 000,234,142 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.06.06 14:21:24 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011.05.25 16:14:30 | 000,051,186 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\room_v3.dat
[2011.05.02 16:38:19 | 000,073,280 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.04.04 07:34:35 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
[2011.04.03 09:54:48 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\default.pls
[2011.03.28 18:25:13 | 000,046,658 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\room.dat
[2011.03.24 14:29:21 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.03.13 17:58:23 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.03.11 09:02:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.03.04 20:11:51 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.03 15:52:55 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\gHidPnp.sys
[2011.03.03 15:52:55 | 000,009,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\gMouUsb.sys
[2011.03.03 14:33:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.03.03 13:45:09 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011.03.03 10:54:10 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.03.03 10:52:42 | 000,122,136 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.03 10:27:19 | 000,002,216 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011.03.03 10:27:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011.03.03 10:05:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.03.03 10:01:12 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.04.06 11:10:15 | 000,225,411 | ---- | C] () -- C:\WINDOWS\System32\PosPrKpLib.dll
[2010.04.06 11:10:07 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\PosTickerLib.dll
[2005.09.23 12:52:14 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\OneWay.dll
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002.09.20 17:19:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002.06.02 15:05:40 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\1Way.dll
[2001.10.25 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 13:00:00 | 000,605,772 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 13:00:00 | 000,600,416 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 13:00:00 | 000,136,366 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 13:00:00 | 000,115,240 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2012.01.25 14:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
[2011.05.02 15:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AnvSoft
[2011.03.03 21:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.06.10 17:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2011.10.25 15:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DDMSettings
[2011.03.07 08:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICAClient
[2011.10.29 12:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LucasArts
[2011.12.30 20:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mumble
[2011.07.11 16:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nokia
[2011.10.29 12:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2011.03.11 10:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2011.07.11 15:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2011.12.28 23:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Photopos
[2011.08.03 23:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PhotoposComtb
[2011.06.06 14:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PriceGong
[2012.01.08 18:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Red Alert 3
[2011.03.11 09:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thunderbird
[2012.01.12 21:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ubisoft
[2012.01.12 21:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2012.01.31 19:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.03.03 21:49:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.06.18 16:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.08.03 23:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EmailNotifier
[2011.07.17 20:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.04.03 12:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2011.07.11 15:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaAccount
[2011.07.11 15:48:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2011.07.11 15:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.12.24 13:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PIXELA
[2012.01.12 21:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft

========== Purity Check ==========

========== Custom Scans ==========

< netsvc >

< MD5 for: ATAPI.SYS >
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 00:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2002.09.20 17:05:14 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=82CD2AA659D68781D29BA87421BE0E40 -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\8f16f2c99d61e8a3f56cae802afe0e1a\i386\autochk.exe

< MD5 for: CDROM.SYS >
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2002.08.29 00:27:56 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2002.09.20 17:05:24 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2002.08.29 00:05:04 | 000,129,920 | ---- | M] (Microsoft Corporation) MD5=308709E92843DFF3A5CDCA069F6F5C61 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2002.09.20 17:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SVCHOST.EXE >
[2001.10.25 13:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2002.08.29 00:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2002.09.20 17:05:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2002.09.20 17:05:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< %systemroot%*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\612ac4e8031ebf78ac577edc0631f08e\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\612ac4e8031ebf78ac577edc0631f08e\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8d98e4fcc1fda6508056ced9f2044d1c\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8d98e4fcc1fda6508056ced9f2044d1c\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.01.25 14:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
[2011.03.28 20:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2011.05.02 15:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AnvSoft
[2011.03.03 15:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2011.03.03 21:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.06.10 17:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2011.10.25 15:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DDMSettings
[2011.11.24 15:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DivX
[2011.03.21 18:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\dvdcss
[2011.06.10 17:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2011.03.07 08:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ICAClient
[2011.03.03 10:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.03.03 15:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
[2011.03.03 15:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Logitech
[2011.10.29 12:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LucasArts
[2011.04.10 17:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.07.29 11:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2011.07.27 11:50:50 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2011.03.11 09:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2011.12.30 20:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mumble
[2011.03.13 20:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2011.07.11 16:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nokia
[2011.10.29 12:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2011.03.11 10:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2011.07.11 15:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2011.12.28 23:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Photopos
[2011.08.03 23:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PhotoposComtb
[2011.06.06 14:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PriceGong
[2012.01.08 18:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Red Alert 3
[2012.02.01 15:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.08.23 09:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2011.04.02 16:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.03.12 18:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\teamspeak2
[2011.03.11 09:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thunderbird
[2012.01.12 21:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ubisoft
[2012.01.12 21:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2012.01.15 21:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2011.03.03 17:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2011.03.13 17:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Yahoo!

< %APPDATA%\*.exe /s >
[2011.03.03 15:51:18 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2011.03.03 15:49:23 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{56918C0C-0D87-4CA6-92BF-4975A43AC719}\ARPPRODUCTICON.exe
[2011.03.03 15:50:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
[2011.10.29 12:02:55 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_608C664E7FE74399BD9423C46245F4D7\LatestDLMgr.exe
[2010.10.15 21:41:18 | 000,043,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_608C664E7FE74399BD9423C46245F4D7\SpeedstarterCZ.exe
[2010.10.23 00:29:06 | 001,472,552 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_608C664E7FE74399BD9423C46245F4D7\ZrychleniPocitace.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.03.03 10:51:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.03.03 10:51:20 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.03.03 10:51:20 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.01.31 19:21:01 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.01.30 17:06:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >
[2011.11.10 21:05:21 | 000,022,133 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\220px-Koeh-267.jpg
[2011.06.17 22:41:22 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Any Video Converter.lnk
[2011.07.17 22:16:09 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\EVEREST Home Edition.lnk
[2011.11.27 11:39:30 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Fraps.lnk
[2011.11.27 11:36:26 | 002,647,214 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Frps.3.4.0_[RH].rar
[2012.01.11 19:13:47 | 000,083,659 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\fyzina_A.jpg
[2012.01.11 19:13:58 | 000,080,325 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Fyzina_B.jpg
[2011.08.18 20:39:11 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Garena Classic.lnk
[2011.06.06 19:19:57 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Garena.lnk
[2011.07.15 11:33:32 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Google Chrome.lnk
[2012.01.18 17:52:44 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Heroes of Newerth.lnk
[2012.01.28 12:22:46 | 000,067,414 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\jidlo.pdf
[2011.03.07 09:09:54 | 000,001,681 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\KARAT.lnk
[2011.03.07 16:29:27 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Mumble (2).lnk
[2012.01.28 00:10:45 | 000,001,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\music.txt
[2011.08.03 23:21:45 | 000,001,634 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Photo Pos Pro.lnk
[2011.11.15 20:21:17 | 000,022,767 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Rómský dotazník -.pdf
[2012.01.22 13:55:32 | 000,015,096 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\s.odt
[2012.01.08 12:20:22 | 000,105,569 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\savci_1.jpg
[2012.01.08 12:21:05 | 000,147,580 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Savci_2.jpg
[2012.01.08 12:21:17 | 000,128,013 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Savci_3.jpg
[2012.01.08 12:21:24 | 000,145,468 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Savci_4.jpg
[2012.01.15 20:09:35 | 000,057,155 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\stukonoska_modr.odt
[2012.01.25 16:09:14 | 000,148,259 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\WoWScrnShot_012412_233659.jpg
[2012.01.08 15:14:48 | 000,380,830 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\ze je kunka overpower... neverim.w3g
[2011.03.03 17:24:02 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - Wow.lnk
[2011.03.11 08:57:19 | 000,000,434 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Zástupce - Zvuky a zvuková zařízení.lnk

< %userprofile%\Desktop\*.* >

< %ALLUSERSPROFILE%\Plocha\*.* >
[2011.07.19 18:35:06 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2012.01.13 17:46:01 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Assassin's Creed II.lnk
[2012.01.31 19:21:05 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.03.03 16:02:18 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.12.24 13:33:14 | 000,000,220 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ImageMixer Homepage.url
[2011.12.24 13:32:41 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ImageMixer3 for Panasonic.lnk
[2011.07.29 11:26:10 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.03.11 09:01:56 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.03.11 09:08:29 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Thunderbird.lnk
[2011.03.18 15:22:55 | 000,002,254 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero Home.lnk
[2011.03.18 15:22:55 | 000,002,352 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart.lnk
[2011.12.24 13:33:14 | 000,000,220 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PIXELA Product Registration.url
[2012.02.01 15:19:03 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2009.03.08 09:59:14 | 000,163,840 | ---- | M] () -- \Program Files\Garena Classic\plugins\UI\AvoidCrackPlugin.dll
[2009.03.08 09:59:14 | 000,163,840 | ---- | M] () -- \Program Files\Garena\plugins\UI\AvoidCrackPlugin.dll

< *keygen* /s >

< *loader* /s >
[2005.08.30 14:13:18 | 000,000,681 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\dynswfloader.swf
[2005.08.30 14:13:18 | 000,008,203 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\Macromedia\Dreamweaver 8\Configuration\Content\Welcome\Flash\testing_dynswfloader.swf
[2011.12.28 11:09:28 | 000,010,144 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\conduitCommon\modules\3.8.1.0\ExternalLibraryLoader.jsm
[2011.12.28 11:09:28 | 000,010,144 | ---- | M] () -- \Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2011.09.25 19:08:39 | 000,000,840 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Data aplikací\SRDownloader.nast
[2008.07.31 08:15:22 | 000,003,080 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\WoW-TBC\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2008.07.31 08:15:22 | 000,004,295 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\WoW-TBC\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2008.07.31 09:02:50 | 000,008,460 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\WoW-TBC\Logs\Downloader.log
[2008.02.04 12:32:50 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2008.06.24 13:45:14 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2010.06.07 21:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.03.11 10:04:22 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 21:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.03.11 10:04:34 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 16:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.11.15 11:03:14 | 002,335,304 | ---- | M] () -- \Program Files\World of Warcraft\BackgroundDownloader.exe
[2010.09.18 12:26:16 | 002,711,048 | ---- | M] () -- \Program Files\World of Warcraft\WoW-3.3.3.11723-to-3.3.5.12213-enGB-downloader.exe
[2010.09.18 12:35:16 | 002,710,448 | ---- | M] () -- \Program Files\World of Warcraft\WoW-3.3.5.12213-to-3.3.5.12340-enGB-downloader.exe
[2009.08.28 12:25:54 | 000,003,026 | ---- | M] () -- \Program Files\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2009.08.28 12:25:54 | 000,004,261 | ---- | M] () -- \Program Files\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010.07.02 23:54:26 | 000,000,382 | ---- | M] () -- \Program Files\World of Warcraft\Interface\AddOns\Prat-3.0\pullouts\Prat-3.0_Loader\Prat-3.0_Loader.toc
[2010.09.18 12:38:08 | 000,088,743 | ---- | M] () -- \Program Files\World of Warcraft\Logs\Downloader.log
[2002.09.20 17:03:42 | 000,031,744 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.03 22:59:38 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2004.07.19 18:54:20 | 000,131,072 | ---- | M] () -- \8f16f2c99d61e8a3f56cae802afe0e1a\i386\system.runtime.serialization.formatters.soap.dll
[2004.08.17 14:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2008.10.03 22:51:08 | 000,007,977 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\WoW-TBC\Interface\AddOns\Omen\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2008.10.03 22:51:08 | 000,000,219 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\WoW-TBC\Interface\AddOns\Omen\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2011.08.30 16:58:34 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.dll
[2011.10.13 15:12:42 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60831.0\System.Runtime.Serialization.ni.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.07.03 07:11:24 | 000,009,066 | ---- | M] () -- \Program Files\World of Warcraft\Interface\Ace3\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.07.03 07:11:24 | 000,000,219 | ---- | M] () -- \Program Files\World of Warcraft\Interface\Ace3\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.06.03 05:54:42 | 000,009,066 | ---- | M] () -- \Program Files\World of Warcraft\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.06.03 05:54:42 | 000,000,219 | ---- | M] () -- \Program Files\World of Warcraft\Interface\AddOns\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.03.30 13:21:40 | 000,009,066 | ---- | M] () -- \Program Files\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.03.30 13:21:40 | 000,000,219 | ---- | M] () -- \Program Files\World of Warcraft\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2002.09.20 16:21:56 | 000,062,208 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2012.01.11 15:35:58 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.03.05 22:51:49 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.14 16:30:19 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.14 16:28:45 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 07:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 18:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AGRSMMSG" = AGRSMMSG.exe -- [2004.06.29 09:06:38 | 000,088,363 | ---- | M] (Agere Systems)
"ioCentre" = C:\Genius\ioCentre\gTaskBar.exe -- [2006.12.08 21:09:56 | 000,241,664 | ---- | M] (TODO: <Company name>)
"RTHDCPL" = RTHDCPL.EXE -- [2008.04.07 16:06:52 | 016,859,136 | ---- | M] (Realtek Semiconductor Corp.)
"avast" = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui -- [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software)

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.02.01 15:38:32 | 000,000,512 | ---- | M] () MD5=7F7E68E37A2FD2F53274B4A191456409 -- C:\PhysicalMBR.bin

========== Files - Unicode (All) ==========
[2011.04.11 20:24:20 | 000,000,072 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\䮰͝
[2011.04.11 20:24:20 | 000,000,072 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\䮰͝

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

Znovu spusť OTL.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

:Services
JavaQuickStarterService
Nero BackItUp Scheduler 3
NMIndexingService

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-515967899-1336601894-839522115-500\..\URLSearchHook: - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.1.0
FF - prefs.js..extensions.enabledItems: plugin3@gameplaylabs.com:3.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}:2.0
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
[2011.08.03 23:22:06 | 000,000,000 | ---D | M] (PhotoPos Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
[2011.03.13 12:08:13 | 000,000,000 | ---D | M] (XfireXO) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2012.01.05 09:12:09 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.06.06 16:06:29 | 000,000,000 | ---D | M] (Media Plugin) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com
[2011.06.06 16:06:12 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\7C8WPOQ8.DEFAULT\EXTENSIONS\PLUGIN3@GAMEPLAYLABS.COM
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://search.avg.com/?d=4e300fd5&v=7.5 ... -chrome&q={searchTerms}
O3 - HKU\S-1-5-21-515967899-1336601894-839522115-500\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-1336601894-839522115-500\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\612ac4e8031ebf78ac577edc0631f08e\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\612ac4e8031ebf78ac577edc0631f08e\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8d98e4fcc1fda6508056ced9f2044d1c\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8d98e4fcc1fda6508056ced9f2044d1c\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT

:Files
C:\Program Files\ESET
C:\Program Files\AVG
C:\Program Files\PhotoposComTbr
C:\Documents and Settings\Administrator\Data aplikací\AVG10
C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
C:\WINDOWS\msdownld.tmp
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\AVG\AVG10\avgmfapx.exe"=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

Po skončení procesu "doufám,že skončení" se PC restartoval a vyjel log

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 26712288 bytes
->Temporary Internet Files folder emptied: 1564722 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 52835919 bytes
->Google Chrome cache emptied: 88282213 bytes
->Flash cache emptied: 6151 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1139202 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26222 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 50839708 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 35246 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 211,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service Nero BackItUp Scheduler 3 stopped successfully!
Service Nero BackItUp Scheduler 3 deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-515967899-1336601894-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-515967899-1336601894-839522115-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
Prefs.js: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.1.0 removed from extensions.enabledItems
Prefs.js: plugin3@gameplaylabs.com:3.0 removed from extensions.enabledItems
Prefs.js: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280 removed from extensions.enabledItems
Prefs.js: {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}:2.0 removed from extensions.enabledItems
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=8\ deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.2.183.39\npGoogleOneClick8.dll moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\searchbar folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\options folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\uwa folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\panels\images folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\panels\css folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib\panels folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin\lib folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\skin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\data\weather folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\data\search folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\data\rss folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\data folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\content\newtab\images folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\content\newtab folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\content\lib folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\7c8wpoq8.default\extensions\plugin3@gameplaylabs.com folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry value HKEY_USERS\S-1-5-21-515967899-1336601894-839522115-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-515967899-1336601894-839522115-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP110.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP123.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP131.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP148E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1670.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP254.tmp\PresentationBuildTasks.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP254.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2702.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP283.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI1A8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1B3.tmp deleted successfully.
C:\WINDOWS\Installer\MSI284.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\612ac4e8031ebf78ac577edc0631f08e\BIT48.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\8d98e4fcc1fda6508056ced9f2044d1c\BIT2.tmp deleted successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\ESET not found.
C:\Program Files\AVG\AVG8 folder moved successfully.
C:\Program Files\AVG folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\searchbar folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\options folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib\panels folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin\lib folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\skin folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\data\weather folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\data\search folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\data\rss folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\data folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\content\newtab\images folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\content\newtab folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\content\lib folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome\content folder moved successfully.
C:\Program Files\PhotoposComTbr\chrome folder moved successfully.
C:\Program Files\PhotoposComTbr folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\AVG10\cfgall folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\AVG10 folder moved successfully.
File\Folder C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
File\Folder C:\WINDOWS\msdownld.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File move failed. C:\WINDOWS\Temp\_avast_\unp145374335.tmp scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\AVG\AVG10\avgmfapx.exe not found.

OTL by OldTimer - Version 3.2.31.0 log created on 02012012_170834

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast_\unp145374335.tmp not found!
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Stof píše:Po skončení procesu "doufám,že skončení" se PC restartoval a vyjel log

Vůbec nechápu, co jsi tím myslel...

OTL provedlo, co mělo.

Jak je na tom počítač, dočístíme?

To jsem rád. No zůstala jenom tapeta plochy bez ikonek, přebliklo to a OTL hodilo okenko, že upravy vyžadují restart či co . Po restartu mi to hodilo okno s logem, co jsem postnul podle navodu

. Vše je v pořádku.
Počítač je na tom řekl bych dobře.

Jo takhle. No tak to je normální, protože kdyby šlo vše smazat jen tak, lusknutím prstu, tak bych Ti napsal, co máš smazat a je hotovo, ale jak smažeš proces, který zrovna běží? Nebo složku, ve které je právě běžící služba? To nejde, takže musíš udělat to, aby se naplánovalo smazání při restartu ještě před náběhem systému a spuštění daného procesu, služby nebo havěti. Pochopeno?

Takže dočistíme...

Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

VIRY.CZ

Prosim o kontrolu logu

Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu