Hijackthis log Vyřešeno

[Crael]

Tu je ten OTL.txt


OTL logfile created on: 2. 3. 2010 22:35:10 - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Users\Admin\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 71,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 56,28 Gb Free Space | 57,69% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 197,80 Gb Free Space | 53,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN-PC
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)


========== Modules (SafeList) ==========

MOD - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\System32\drivers\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.Google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5D CA E4 5E 25 5E CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaultthis.engineName: "OurWorld.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledItems: {38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}:1.0.3.93
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems: {ec77b0da-98da-9637-7970-851a2ef686af}:4.6.6.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/22 13:30:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 19:08:58 | 000,000,000 | ---D | M]

[2009/11/06 23:03:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2009/11/06 23:03:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/03/02 16:27:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\z15iedo3.default\extensions
[2009/11/09 16:31:15 | 000,000,000 | ---D | M] () -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\z15iedo3.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}
[2010/01/06 17:40:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\z15iedo3.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/01/29 18:13:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\z15iedo3.default\extensions\staged-xpis
[2010/01/24 12:28:16 | 000,000,927 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\conduit.xml
[2009/11/13 17:53:19 | 000,000,694 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icq-search.xml
[2010/01/06 17:31:44 | 000,000,954 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-1.xml
[2010/01/13 21:32:22 | 000,000,954 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-2.xml
[2009/12/16 21:05:18 | 000,000,961 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin.xml
[2010/02/11 16:34:18 | 000,000,261 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\Search.xml
[2010/03/02 16:27:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/18 19:08:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/02/13 13:25:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010/02/11 16:34:15 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{ec77b0da-98da-9637-7970-851a2ef686af}
[2010/02/18 19:08:57 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/02/18 19:08:57 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010/02/13 13:25:26 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2010/02/18 19:08:57 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2010/01/23 20:09:37 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/02/05 16:02:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010/02/05 16:02:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/02/05 16:02:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/02/05 16:02:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/02/05 16:02:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/02/05 16:02:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/02/05 16:02:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/10/16 19:15:30 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/16 19:15:30 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009/10/16 19:15:30 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009/10/16 19:15:30 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009/10/16 19:15:30 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009/10/16 19:15:30 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010/03/02 19:26:56 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF10154.cfx File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.242.44.36 80.242.44.85
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/02 22:25:32 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/03/02 19:27:00 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010/03/02 19:25:59 | 000,000,000 | ---D | C] -- C:\Device
[2010/03/02 19:25:32 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\temp
[2010/03/02 16:10:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/02/28 20:23:03 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/02/28 16:51:09 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2010/02/28 16:51:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/02/28 16:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/02/28 16:51:02 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/02/28 16:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/28 10:58:40 | 000,000,000 | ---D | C] -- C:\dragon oath
[2010/02/25 16:57:04 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Mumble
[2010/02/25 16:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble
[2010/02/24 12:36:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/02/24 12:36:56 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010/02/24 12:36:56 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/02/24 12:36:56 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/02/24 12:36:56 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/02/24 12:36:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/23 16:49:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\WinZip
[2010/02/23 16:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/02/23 16:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/02/22 21:56:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\AliensVsPredator
[2010/02/21 19:43:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\SEGA
[2010/02/21 19:42:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010/02/21 19:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010/02/18 23:57:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\ApplicationHistory
[2010/02/18 23:42:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/02 22:30:03 | 000,000,994 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/02 22:29:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/02 22:29:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/02 22:29:51 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/02 22:29:16 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/02 22:29:16 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/02 22:29:13 | 007,340,032 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT
[2010/03/02 22:29:11 | 003,184,426 | -H-- | M] () -- C:\Users\Admin\AppData\Local\IconCache.db
[2010/03/02 22:02:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/02 19:27:03 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/03/02 19:26:56 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/03/01 00:18:22 | 000,011,163 | ---- | M] () -- C:\Users\Admin\Desktop\NÁVRATKA.docx
[2010/02/28 17:19:21 | 000,731,366 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/28 17:19:21 | 000,618,664 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/28 17:19:21 | 000,108,240 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/27 22:29:24 | 000,054,556 | ---- | M] () -- C:\Users\Admin\Desktop\15558_105000649512291_100000070704358_129006_626022_n.jpg
[2010/02/26 01:57:14 | 000,212,480 | ---- | M] () -- C:\Users\Admin\Desktop\Prezentace1.ppt
[2010/02/26 01:55:53 | 000,005,632 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/26 01:52:38 | 000,091,779 | ---- | M] () -- C:\Users\Admin\Desktop\Prezentace1.pptx
[2010/02/26 01:46:12 | 000,085,178 | ---- | M] () -- C:\Users\Admin\Desktop\pokus.pptx
[2010/02/26 01:40:51 | 000,011,273 | ---- | M] () -- C:\Users\Admin\Desktop\4usy.htm
[2010/02/26 01:05:56 | 000,410,535 | ---- | M] () -- C:\Users\Admin\Desktop\predmetpodnikania.gif
[2010/02/25 17:01:07 | 000,002,377 | ---- | M] () -- C:\Users\Admin\Documents\MumbleAutomaticCertificateBackup.p12
[2010/02/25 16:57:04 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Mumble.lnk
[2010/02/24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/02/18 23:57:53 | 000,000,093 | ---- | M] () -- C:\Users\Admin\AppData\Local\fusioncache.dat
[2010/02/18 18:59:42 | 000,047,880 | ---- | M] () -- C:\Users\Admin\Desktop\19765_108685782477041_100000068581184_222210_957101_n.jpg
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/01 00:18:21 | 000,011,163 | ---- | C] () -- C:\Users\Admin\Desktop\NÁVRATKA.docx
[2010/02/27 22:15:24 | 000,054,556 | ---- | C] () -- C:\Users\Admin\Desktop\15558_105000649512291_100000070704358_129006_626022_n.jpg
[2010/02/26 01:57:03 | 000,212,480 | ---- | C] () -- C:\Users\Admin\Desktop\Prezentace1.ppt
[2010/02/26 01:52:38 | 000,091,779 | ---- | C] () -- C:\Users\Admin\Desktop\Prezentace1.pptx
[2010/02/26 01:46:12 | 000,085,178 | ---- | C] () -- C:\Users\Admin\Desktop\pokus.pptx
[2010/02/26 01:40:51 | 000,011,273 | ---- | C] () -- C:\Users\Admin\Desktop\4usy.htm
[2010/02/26 01:05:55 | 000,410,535 | ---- | C] () -- C:\Users\Admin\Desktop\predmetpodnikania.gif
[2010/02/25 17:01:07 | 000,002,377 | ---- | C] () -- C:\Users\Admin\Documents\MumbleAutomaticCertificateBackup.p12
[2010/02/25 16:57:04 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Mumble.lnk
[2010/02/23 16:48:38 | 000,000,998 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/23 16:48:37 | 000,000,994 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/18 23:57:53 | 000,000,093 | ---- | C] () -- C:\Users\Admin\AppData\Local\fusioncache.dat
[2010/02/18 18:59:41 | 000,047,880 | ---- | C] () -- C:\Users\Admin\Desktop\19765_108685782477041_100000068581184_222210_957101_n.jpg
[2009/12/26 18:50:06 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/12/26 18:50:05 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/12/22 22:01:24 | 001,105,920 | ---- | C] () -- C:\Windows\System32\AutoRunGUI.dll
[2009/12/12 13:28:18 | 000,005,632 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/12 12:55:56 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/11/13 18:05:04 | 000,000,110 | ---- | C] () -- C:\Windows\HODINY.INI
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/11/04 11:43:41 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2009/12/13 08:32:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Acoustica
[2009/11/10 23:29:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Acreon
[2010/01/29 16:07:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Activision
[2010/01/13 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Atari
[2010/01/02 20:16:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\avidemux
[2010/01/04 21:30:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Bioshock
[2009/11/11 01:44:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer
[2009/11/11 01:43:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer Pro
[2009/12/19 21:14:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Codemasters
[2009/11/07 20:42:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2009/12/08 18:58:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ICQ
[2009/12/12 12:55:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2010/03/02 22:33:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mumble
[2009/12/18 22:54:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2009/12/05 15:25:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TeamViewer
[2010/01/26 21:51:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Touchstone
[2010/02/04 17:40:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TSRWorkshop
[2010/03/02 22:36:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2010/01/23 09:11:25 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

[Reklama]

[Crael]

A tu je ten druhý log.

OTL Extras logfile created on: 2. 3. 2010 22:35:10 - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Users\Admin\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 71,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 56,28 Gb Free Space | 57,69% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 197,80 Gb Free Space | 53,73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN-PC
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{08F173A8-AB81-4760-AEB0-CE91F3B05AEF}" = Activision(R)
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A127AE-2DAF-40B7-8374-34C3E629521C}" = Far Cry (Patch 1.3)
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E992B43-7F22-59E9-4BCF-FD5157F221F9}" = ATI AVIVO Codecs
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6291FC10-FDF0-4022-A1A5-710C728D49C2}" = Vancouver 2010
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{74413F61-1FE6-4F7D-AD9F-BAFF1011A500}" = TSR Workshop
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{773421E8-AD7B-4DC8-AED1-9300D69E1659}" = Touchstone Installer
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): THE GAME
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{934528B2-09B3-C6E5-288A-4E554E6DF2B9}" = ATI Catalyst Install Manager
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2D08D5A-74E8-7509-452A-E40E63D8FFC2}" = Catalyst Control Center InstallProxy
"{a841760f-fa83-4251-b0f2-fa0123a347ca}" =
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6B29F03-4D97-3B4E-D906-70958E6B1448}" = HydraVision
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}" = WinZip 14.0
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = THE SETTLERS - Vzestup říše
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}" = Wolfenstein(TM) 1.1 Patch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e6a0d2e3-dd30-4ed5-bf55-321c7e534b75}" = Nero 9 Essentials
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast!" = avast! Antivirus
"Avidemux 2.5" = Avidemux 2.5
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Garena" = Garena
"Google Chrome" = Google Chrome
"hon" = Heroes of Newerth
"InstallShield_{08F173A8-AB81-4760-AEB0-CE91F3B05AEF}" = Transformers - Revenge of the Fallen
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}" = Wolfenstein(TM) 1.1 Patch
"L4D2SP" = Left 4 Dead 2 Standalone Patch™
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft DirectX SDK (August 2009)" = Microsoft DirectX SDK (August 2009)
"Mozilla Firefox (3.5." = Mozilla Firefox (3.5.
"Mumble" = Mumble and Murmur
"OpenAL" = OpenAL
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"SOE-Free Realms" = Free Realms
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27. 2. 2010 6:59:49 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.

Error - 27. 2. 2010 13:38:46 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: wmplayer.exe, verzia: 12.0.7600.16415, časová
značka: 0x4a98ae4b Názov chybového modulu: vp6vfw.dll, verzia: 6.0.6.4, časová značka:
0x3f7c8caf Kód výnimky: 0xc0000005 Odstup chyby: 0x00001013 Identifikácia chybného
procesu: 0x41c Čas spustenia chybnej aplikácie: 0x01cab7d39dbffb74 Cesta chybnej
aplikácie: C:\Program Files\Windows Media Player\wmplayer.exe Cesta chybného modulu:
C:\Windows\system32\vp6vfw.dll Identifikácia hlásenia: f47d8cad-23c6-11df-9185-00241dd0fc3c

Error - 27. 2. 2010 13:38:50 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: wmplayer.exe, verzia: 12.0.7600.16415, časová
značka: 0x4a98ae4b Názov chybového modulu: ntdll.dll, verzia: 6.1.7600.16385, časová
značka: 0x4a5bdadb Kód výnimky: 0xc0000005 Odstup chyby: 0x000520bd Identifikácia
chybného procesu: 0x41c Čas spustenia chybnej aplikácie: 0x01cab7d39dbffb74 Cesta
chybnej aplikácie: C:\Program Files\Windows Media Player\wmplayer.exe Cesta chybného
modulu: C:\Windows\SYSTEM32\ntdll.dll Identifikácia hlásenia: f6bf187c-23c6-11df-9185-00241dd0fc3c

Error - 28. 2. 2010 2:04:01 | Computer Name = Admin-PC | Source = Google Update | ID = 20
Description =

Error - 28. 2. 2010 2:15:41 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 1.9.1.3685, časová
značka: 0x4b68deea Názov chybového modulu: ntdll.dll, verzia: 6.1.7600.16385, časová
značka: 0x4a5bdadb Kód výnimky: 0xc0000374 Odstup chyby: 0x000c283b Identifikácia
chybného procesu: 0xe90 Čas spustenia chybnej aplikácie: 0x01cab835ff3f93ad Cesta
chybnej aplikácie: C:\Program Files\Mozilla Firefox\firefox.exe Cesta chybného modulu:
C:\Windows\SYSTEM32\ntdll.dll Identifikácia hlásenia: b1ff9cb0-2430-11df-898d-00241dd0fc3c

Error - 28. 2. 2010 12:19:20 | Computer Name = Admin-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28. 2. 2010 12:19:21 | Computer Name = Admin-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 28. 2. 2010 15:54:53 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 1.9.1.3685, časová
značka: 0x4b68deea Názov chybového modulu: xul.dll, verzia: 1.9.1.3685, časová značka:
0x4b68ddb4 Kód výnimky: 0xc0000005 Odstup chyby: 0x0011a07d Identifikácia chybného
procesu: 0x530 Čas spustenia chybnej aplikácie: 0x01cab8aa50afd9b3 Cesta chybnej
aplikácie: C:\Program Files\Mozilla Firefox\firefox.exe Cesta chybného modulu: C:\Program
Files\Mozilla Firefox\xul.dll Identifikácia hlásenia: 2270c098-24a3-11df-bab1-00241dd0fc3c

Error - 1. 3. 2010 4:27:45 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Sims3Launcher.exe, verzia: 0.0.0.11195,
časová značka: 0x49f9057e Názov chybového modulu: CmdPortalClient.dll_unloaded, verzia:
0.0.0.0, časová značka: 0x4aa02dc1 Kód výnimky: 0xc0000005 Odstup chyby: 0x0a385458
Identifikácia
chybného procesu: 0x394 Čas spustenia chybnej aplikácie: 0x01cab9190205366b Cesta
chybnej aplikácie: D:\Program Files\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe
Cesta
chybného modulu: CmdPortalClient.dll Identifikácia hlásenia: 4f784927-250c-11df-ac41-00241dd0fc3c

Error - 1. 3. 2010 4:27:54 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: Sims3Launcher.exe, verzia: 0.0.0.11195,
časová značka: 0x49f9057e Názov chybového modulu: CmdPortalClient.dll_unloaded, verzia:
0.0.0.0, časová značka: 0x4aa02dc1 Kód výnimky: 0xc0000005 Odstup chyby: 0x0a363476
Identifikácia
chybného procesu: 0x394 Čas spustenia chybnej aplikácie: 0x01cab9190205366b Cesta
chybnej aplikácie: D:\Program Files\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe
Cesta
chybného modulu: CmdPortalClient.dll Identifikácia hlásenia: 54718d4b-250c-11df-ac41-00241dd0fc3c

[ Media Center Events ]
Error - 15. 2. 2010 1:58:37 | Computer Name = Admin-PC | Source = MCUpdate | ID = 0
Description = 6:58:37 - Chyba pripájania na Internet. 6:58:37 - Nebolo možné
spojiť sa so serverom..

Error - 24. 2. 2010 2:01:21 | Computer Name = Admin-PC | Source = MCUpdate | ID = 0
Description = 7:01:21 - Nepodarilo sa načítať položku Directory (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 24. 2. 2010 2:01:57 | Computer Name = Admin-PC | Source = MCUpdate | ID = 0
Description = 7:01:45 - Nepodarilo sa načítať položku MCESpotlight (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 24. 2. 2010 2:02:11 | Computer Name = Admin-PC | Source = MCUpdate | ID = 0
Description = 7:02:09 - Nepodarilo sa načítať položku MCEClientUX (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 26. 2. 2010 6:33:31 | Computer Name = Admin-PC | Source = MCUpdate | ID = 0
Description = 11:33:31 - Nepodarilo sa načítať položku Directory (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 26. 2. 2010 7:34:26 | Computer Name = Admin-PC | Source = MCUpdate | ID = 0
Description = 12:34:26 - Nepodarilo sa načítať položku Directory (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

[ System Events ]
Error - 6. 2. 2010 6:22:04 | Computer Name = Admin-PC | Source = Application Popup | ID = 875
Description = Driver atksgt.sys has been blocked from loading.

Error - 6. 2. 2010 6:22:04 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby atksgt zlyhalo kvôli nasledujúcej chybe: %%1275

Error - 6. 2. 2010 6:22:04 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 6. 2. 2010 10:33:36 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7011
Description = Počas čakania na odpoveď transakcie od služby lmhosts bol dosiahnutý
časový limit (30000 ms).

Error - 6. 2. 2010 18:06:09 | Computer Name = Admin-PC | Source = Application Popup | ID = 875
Description = Driver atksgt.sys has been blocked from loading.

Error - 6. 2. 2010 18:06:09 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby atksgt zlyhalo kvôli nasledujúcej chybe: %%1275

Error - 6. 2. 2010 18:06:09 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 7. 2. 2010 3:45:26 | Computer Name = Admin-PC | Source = Application Popup | ID = 875
Description = Driver atksgt.sys has been blocked from loading.

Error - 7. 2. 2010 3:45:26 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby atksgt zlyhalo kvôli nasledujúcej chybe: %%1275

Error - 7. 2. 2010 3:45:26 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej
chybe: %%2


< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
FF - prefs.js..browser.search.defaulturl: "http://www3.iamwired.net/websearch.php?src=tops&search="
[2010/01/24 12:28:16 | 000,000,927 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\conduit.xml
[2009/11/13 17:53:19 | 000,000,694 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icq-search.xml
[2010/01/06 17:31:44 | 000,000,954 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-1.xml
[2010/01/13 21:32:22 | 000,000,954 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-2.xml
[2009/12/16 21:05:18 | 000,000,961 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin.xml
[2010/02/11 16:34:18 | 000,000,261 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\Search.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF10154.cfx File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

:Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\32788R22FWJFW
C:\$RECYCLE.BIN
C:\Windows\tasks\SA.DAT
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\conduit.xml
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icq-search.xml
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-1.xml
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-2.xml
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin.xml
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\Search.xml

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Crael]

Tak tu je ten ďalší log.Mimochodom ďakujem za tvoj čas a trpezlivosť :) Zrejme tu mám pekný bordel v PC keď treba toľko vecí robiť.

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "http://www3.iamwired.net/websearch.php?src=tops&search=" removed from browser.search.defaulturl
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\conduit.xml moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icq-search.xml moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\Search.xml moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\autoexec.bat moved successfully.
========== FILES ==========
C:\Windows\65F1CF6331E0450B96F34A88BE7361A6.TMP folder moved successfully.
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP folder moved successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder moved successfully.
File\Folder C:\Windows\System32\*.tmp not found.
C:\32788R22FWJFW\EN-US folder moved successfully.
C:\32788R22FWJFW folder moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-3220634387-4243098348-3371110873-1000 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
File\Folder C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\conduit.xml not found.
File\Folder C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icq-search.xml not found.
File\Folder C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-1.xml not found.
File\Folder C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin-2.xml not found.
File\Folder C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\icqplugin.xml not found.
File\Folder C:\Users\Admin\AppData\Roaming\Mozilla\FireFox\Profiles\z15iedo3.default\searchplugins\Search.xml not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\"EnableFirewall" | 0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\"EnableFirewall" | 0 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 213067 bytes
->Temporary Internet Files folder emptied: 751269 bytes
->Java cache emptied: 930319 bytes
->FireFox cache emptied: 47523369 bytes

[Damned]

Ještě mi tam chybí kus logu - s celkovou hodnotou, ale měl by si to mít již OK.

Smaž složku C:\_OTL

Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.

Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.

Vlož mi sem ještě nový log z HJT:

[Crael]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:07, on 3. 3. 2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

--
End of file - 3985 bytes

[Damned]

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
*****************************************************************************************************************************************

Nic špatné tam již nevidím.


Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.

[Crael]

Počuj,teraz keď sa snažím spustiť nejaký film,alebo zapínam skype tak mi vyhadzuje error,tu je výpis z toho okna.

Crashreporter.exe
The instruction at 0x77c4fc47 referenced memory at 0x00000014. The memory could not be written.

Keď dám OK tak mi to ukončí aplikáciu.

[Damned]

To vypíše nějaká aplikace (Skype, Mozilla) nebo system?

[Crael]

Vypisoval to systém keď som spustil hocijakú aplikáciu a padal mi aj Firefox,reštartol som PC,odinštaloval niektoré vec,preinštaloval skype a firefox,vyčistil registre,reštartol PC a zatiaľ to nevyhodilo ešte.

[Damned]

Asi to dělal Firefox, protože šmejdy co si tam měl byly v pluginech FF. Toto téma kdyžtak uzavři.
Sleduj to dál. Kdyby se něco vyskytlo, tak se opět zastav.