prosím o kontrolu logu z Kaspersky Virus Removal Tool Vyřešeno

[108motix]

Tak F-secure mi vytuhlo. Vlastně se úplně neseklo, ale během pár minut bylo na 95%, tam se to zpomalilo a na 96% vydželo celej den-viz. příloha. Šlo potom ukončit sken a zobrazit report (i když jsem čekal pár minut po každém kliknutí). Zkoušel jsem to podruhé a stejný výsledek.


Na OTL se chystám odpoledne, musím teď něco dělat..


Hlášení kontroly
Sobota, Prosinec 30, 1899 16:22:42 - 00:00:00

Název počítače: NTBC1
Typ kontroly: Kontrolovat systém na přítomnost malwaru, spywaru a programů rootkit
Cíl: C:\ D:\
Nalezený malware: 1
TrackingCookie.Doubleclick (spyware)

* Systém (Nevyčištěno)

Statistika
Kontrolováno:

* Soubory: 0
* Systém: 0
* Nekontrolováno: 1

Akce:

* Vyléčeno: 0
* Přejmenováno: 0
* Odstraněno: 0
* Nevyčištěno: 1
* Odesláno: 0

Nekontrolované soubory:

* C:\PAGEFILE.SYS

Možnosti
Moduly kontroly:

Možnosti kontroly:

* Kontrolovat určené soubory: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
* Používat pokročilou heuristiku

[Reklama]

[jaro3]

Ten soubor ze screenu můžeš smazat , udělej ještě OTL.
Dneska to s časem špatný , možná se toho chopí bledulka , uvidím jak na tom budu..

[108motix]

jenomže v tom screenu není vidět celá cesta k tomu souboru, takže možností je několik - viz. příloha. smazat šechny ?

OTL uělám po práci..

zatím díky

[108motix]

OTL logfile created on: 10.9.2010 17:33:12 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Honza\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 013,00 Mb Total Physical Memory | 413,00 Mb Available Physical Memory | 41,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,30 Gb Total Space | 4,89 Gb Free Space | 16,70% Space Free | Partition Type: NTFS
Drive D: | 117,74 Gb Total Space | 67,89 Gb Free Space | 57,66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NTBC1
Current User Name: Honza
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Honza\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Users\Honza\Downloads\QIP Infium PafoPack\inf.exe (QIP)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\FSC\Wireless Utility\WirelessSelector.exe (ITE Tech Inc.)
PRC - C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Honza\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (IISADMIN) -- C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (ElRawDisk) -- C:\Windows\System32\drivers\dddsk.sys (EldoS Corporation)
DRV - (epfwwfp) -- C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (adusbser) -- C:\Windows\System32\drivers\adusbser.sys (AnyDATA Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (acpi_contactor) -- C:\Windows\System32\drivers\acpi_contactor_vista.sys (INVENTEC Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (NETw4v32) Ovladač adaptéru Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20100723W
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.9

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.10.07 09:43:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.08 16:07:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.08 16:07:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009.03.03 10:32:16 | 000,000,000 | ---D | M]

[2009.10.08 14:04:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2009.10.08 14:04:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.08.10 14:04:07 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\ej87dflf.default\extensions
[2009.10.09 09:24:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\ej87dflf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.08 10:18:35 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\ej87dflf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.02.18 09:53:46 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\ej87dflf.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.02.18 09:53:48 | 000,002,059 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\ej87dflf.default\searchplugins\firmycz.xml
[2010.02.18 09:53:48 | 000,002,054 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\ej87dflf.default\searchplugins\mapycz.xml
[2010.02.18 09:53:48 | 000,002,221 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\ej87dflf.default\searchplugins\zbocz.xml
[2010.08.09 11:34:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.08 16:07:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.03.29 09:34:55 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.03.02 17:06:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009.10.27 13:24:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.11.26 10:16:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.03.31 08:41:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.05.20 09:19:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.09 11:34:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.25 04:33:19 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.08.25 04:33:19 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.08.25 04:33:19 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2010.08.13 07:03:40 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.08.25 02:24:47 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.08.25 02:24:47 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.08.25 02:24:47 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.08.25 02:24:47 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.08.25 02:24:47 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.08.25 02:24:47 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
[2010.01.25 13:18:27 | 000,000,808 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010.09.07 17:34:54 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TouchPadHotKey] C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Infium] C:\Users\Honza\Downloads\QIP Infium PafoPack\inf.exe (QIP)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Spark] C:\Program Files\Spark\Spark.exe (Jive Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Honza\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Honza\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.09.10 17:28:57 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010.09.08 16:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010.09.08 16:02:12 | 008,366,512 | ---- | C] (Mozilla) -- C:\Users\Honza\Desktop\Firefox Setup 3.6.9.exe
[2010.09.07 17:44:53 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.09.07 17:35:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.09.07 17:32:06 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\temp
[2010.09.07 16:17:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.09.07 14:26:33 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Local\Adobe
[2010.09.06 16:40:56 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Malwarebytes
[2010.09.06 16:40:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.06 16:40:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.06 16:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.03 15:32:04 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\zalohy
[2010.09.02 17:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.09.01 12:22:05 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Uniblue
[2010.08.30 16:44:20 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\vlc
[2010.08.16 13:07:21 | 000,000,000 | ---D | C] -- C:\Users\Honza\TEMP
[2010.08.12 09:01:36 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.12 09:01:14 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.08.12 09:01:13 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.08.12 09:01:13 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.12 09:01:13 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.12 09:01:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.08.12 09:01:12 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.12 09:01:12 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.12 09:01:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.08.12 09:01:11 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.12 09:01:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.08.12 09:01:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.08.12 09:01:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.08.12 09:01:11 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.12 09:01:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.12 09:01:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.12 09:00:49 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.12 09:00:42 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.12 09:00:40 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.12 09:00:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.10 17:35:26 | 003,407,872 | -HS- | M] () -- C:\Users\Honza\NTUSER.DAT
[2010.09.10 17:35:15 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{10DA35FA-5236-4514-9382-80BA9CF6383E}.job
[2010.09.10 17:29:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010.09.10 17:28:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865133748-4181632270-301148789-1003UA.job
[2010.09.10 17:23:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.10 17:23:03 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.10 16:47:56 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.10 16:47:56 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.10 14:07:30 | 000,217,955 | ---- | M] () -- C:\Users\Honza\Desktop\gameuxlegacygdfs_found_1.jpg
[2010.09.10 13:51:55 | 000,269,159 | ---- | M] () -- C:\Users\Honza\Desktop\gameuxlegacygdfs_found.jpg
[2010.09.10 10:58:46 | 000,139,203 | ---- | M] () -- C:\Users\Honza\Desktop\F-secure_vytuh.jpg
[2010.09.10 00:29:37 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865133748-4181632270-301148789-1003Core.job
[2010.09.08 16:08:01 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.09.08 16:03:30 | 008,366,512 | ---- | M] (Mozilla) -- C:\Users\Honza\Desktop\Firefox Setup 3.6.9.exe
[2010.09.08 15:58:32 | 000,603,674 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.08 15:58:32 | 000,106,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.08 15:58:31 | 000,718,070 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.08 15:11:16 | 000,582,131 | ---- | M] () -- C:\Users\Honza\Desktop\Vykon_1.jpg
[2010.09.08 14:41:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.08 14:40:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.08 14:39:41 | 000,524,288 | -HS- | M] () -- C:\Users\Honza\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms
[2010.09.08 14:39:41 | 000,065,536 | -HS- | M] () -- C:\Users\Honza\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf
[2010.09.08 14:39:37 | 004,066,823 | -H-- | M] () -- C:\Users\Honza\AppData\Local\IconCache.db
[2010.09.08 14:00:58 | 000,313,393 | ---- | M] () -- C:\Users\Honza\Desktop\Vykon_pozapnutí.jpg
[2010.09.07 17:35:04 | 000,000,243 | ---- | M] () -- C:\Windows\system.ini
[2010.09.07 17:34:54 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.09.07 16:41:59 | 000,002,395 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.09.07 14:54:31 | 000,002,441 | ---- | M] () -- C:\Users\Honza\Desktop\HiJackThis.lnk
[2010.09.07 14:48:03 | 000,353,294 | ---- | M] () -- C:\Users\Honza\Desktop\odhmyzit2.jpg
[2010.09.06 16:40:45 | 000,000,691 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 16:24:32 | 000,068,772 | ---- | M] () -- C:\Users\Honza\Desktop\hlaskaHJT.jpg
[2010.09.03 15:27:35 | 000,000,715 | ---- | M] () -- C:\Users\Honza\Desktop\CCleaner.lnk
[2010.09.02 17:11:48 | 000,050,176 | ---- | M] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.01 11:02:35 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.30 16:32:40 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.08.12 09:14:44 | 000,389,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.10 13:54:29 | 000,217,955 | ---- | C] () -- C:\Users\Honza\Desktop\gameuxlegacygdfs_found_1.jpg
[2010.09.10 13:47:32 | 000,269,159 | ---- | C] () -- C:\Users\Honza\Desktop\gameuxlegacygdfs_found.jpg
[2010.09.10 10:52:39 | 000,139,203 | ---- | C] () -- C:\Users\Honza\Desktop\F-secure_vytuh.jpg
[2010.09.08 16:08:01 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.09.08 15:11:16 | 000,582,131 | ---- | C] () -- C:\Users\Honza\Desktop\Vykon_1.jpg
[2010.09.08 14:00:58 | 000,313,393 | ---- | C] () -- C:\Users\Honza\Desktop\Vykon_pozapnutí.jpg
[2010.09.07 14:48:02 | 000,353,294 | ---- | C] () -- C:\Users\Honza\Desktop\odhmyzit2.jpg
[2010.09.06 16:40:45 | 000,000,691 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 16:23:07 | 000,068,772 | ---- | C] () -- C:\Users\Honza\Desktop\hlaskaHJT.jpg
[2010.09.06 16:17:07 | 000,002,441 | ---- | C] () -- C:\Users\Honza\Desktop\HiJackThis.lnk
[2010.09.03 15:27:35 | 000,000,715 | ---- | C] () -- C:\Users\Honza\Desktop\CCleaner.lnk
[2010.09.01 11:02:35 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.30 16:32:40 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.01.25 13:17:44 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.11.26 18:03:26 | 000,000,050 | ---- | C] () -- C:\Windows\SW_Win2000X24.DLL
[2009.11.26 18:03:04 | 001,220,608 | ---- | C] () -- C:\Windows\System32\pdf2bmp.dll
[2009.11.26 18:03:03 | 000,098,304 | ---- | C] () -- C:\Windows\System32\DVM.dll
[2009.10.20 11:58:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.14 10:58:26 | 000,050,176 | ---- | C] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.08 14:36:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.05.19 12:29:33 | 000,003,411 | ---- | C] () -- C:\Program Files\Common Files\cfgbak.tgb
[2009.03.03 13:04:22 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2009.03.03 13:04:19 | 000,001,702 | ---- | C] () -- C:\Windows\System32\StorageMgmt.dll.config
[2009.03.03 13:04:19 | 000,001,311 | ---- | C] () -- C:\Windows\System32\DfsMgmt.dll.config
[2009.02.24 10:56:11 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.02.23 20:07:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.02.23 20:05:07 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2009.02.23 20:05:07 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll
[2008.02.11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010.01.22 00:13:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\CocoonSoftware
[2009.10.06 15:42:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ESET
[2010.09.07 16:11:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FileZilla
[2010.08.06 11:45:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FreeCommander
[2010.08.06 11:31:32 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GHISLER
[2010.05.06 21:55:51 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\gtk-2.0
[2010.04.27 11:07:08 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IObit
[2009.12.19 20:11:21 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\IrfanView
[2010.01.06 18:28:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\OpenOffice.org
[2010.01.19 16:34:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\PDF Writer
[2010.01.14 17:21:25 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sam Francke
[2010.09.01 12:22:05 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Uniblue
[2010.05.14 22:40:27 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\VSO
[2010.09.08 14:39:52 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.10 17:35:15 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{10DA35FA-5236-4514-9382-80BA9CF6383E}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:D287FACF
< End of report >

[108motix]

OTL Extras logfile created on: 10.9.2010 17:33:12 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Honza\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 013,00 Mb Total Physical Memory | 413,00 Mb Available Physical Memory | 41,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,30 Gb Total Space | 4,89 Gb Free Space | 16,70% Space Free | Partition Type: NTFS
Drive D: | 117,74 Gb Total Space | 67,89 Gb Free Space | 57,66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NTBC1
Current User Name: Honza
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{245C7AAA-7F87-45BE-9705-1E9EEF8BDA3A}" = lport=500 | protocol=17 | dir=in | name=zywall ipsec vpn client phase1 |
"{29127F0D-A08E-42B6-9350-185A40F4B41E}" = lport=4500 | protocol=17 | dir=in | name=zywall ipsec vpn client phase2 |
"{5776984D-1CF9-421E-9A3E-979BEFEEEF81}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6DBFE58A-5B00-4E1B-B6D7-89C8A803B95F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B3E7F692-A643-4157-89B3-3D5A4A402CB3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D9E4155C-64A1-40EF-989A-F91DB267985F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FD5D7E53-C8C7-42F7-B1E4-D315BE5632D5}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7EA241F7-36BD-4E2D-8C84-F3E641470BE0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{5C02CF07-E619-4324-8B45-93BC2C092E1B}C:\users\honza\downloads\qip infium pafopack\inf.exe" = protocol=6 | dir=in | app=c:\users\honza\downloads\qip infium pafopack\inf.exe |
"TCP Query User{86F310DD-426B-4A90-AE06-B552BC4D4E71}C:\program files\spark\spark.exe" = protocol=6 | dir=in | app=c:\program files\spark\spark.exe |
"TCP Query User{F8E79139-ECE4-4C95-967F-211B5A6B6F97}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{32C2CB2B-FC48-4B08-9795-F68AE068383A}C:\users\honza\downloads\qip infium pafopack\inf.exe" = protocol=17 | dir=in | app=c:\users\honza\downloads\qip infium pafopack\inf.exe |
"UDP Query User{99D8EC0F-885C-4A22-9630-FC5E23F741F9}C:\program files\spark\spark.exe" = protocol=17 | dir=in | app=c:\program files\spark\spark.exe |
"UDP Query User{B3BBDD3D-9FBA-4C27-8312-1FF424079CA8}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{003CD4FD-DB3E-4D12-9A34-8C00FA8A680F}" = WirelessControl
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 21
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 3.0.0.140
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{641108D0-0059-4370-9F6C-09056911C13C}" = WebCam HotKey Utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{C22F45F8-3BDF-4D0A-99FC-C901E4303E41}" = ESET Smart Security
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D34D82E0-4600-407B-9478-8506C1DD1029}" = Nero 7 Essentials
"{DB457913-028D-460E-BB4C-D9A6369752CA}" = TouchPad HotKey Utility
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"66236196F581C51BC098C46729E8CE8526A5EBFD" = Balíček ovladače systému Windows - AnyDATA Corporation (adusbser) Modem (11/13/2007 2.0.4.0)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Anydata ADU 635 WH" = Anydata ADU 635 WH 1.3.0.0
"BD09D18E7246BF4AB0D6B23FE8271207416F3B33" = Balíček ovladače systému Windows - AnyDATA Corporation (adusbser) Ports (11/13/2007 2.0.4.0)
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1136
"CCleaner" = CCleaner
"CSVed_is1" = CSVed 1.4.9
"FreeCommander_is1" = FreeCommander 2009.02a
"GoldWave v5.55" = GoldWave v5.55
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"PIXresizer_is1" = PIXresizer 2.0.4
"PROHYBRIDR" = 2007 Microsoft Office system
"Smart Defrag_is1" = Smart Defrag
"Spark 2.5.8" = Spark 2.5.8
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.4
"WAV to MP3 Converter_is1" = WAV to MP3 Converter 3.15
"WebSync" = WebSync (remove only)
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Sweet Home 3D" = Sweet Home 3D

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.9.2010 16:49:17 | Computer Name = NTBC1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 8.9.2010 17:03:58 | Computer Name = NTBC1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 8.9.2010 19:19:35 | Computer Name = NTBC1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 8.9.2010 19:34:20 | Computer Name = NTBC1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 8.9.2010 19:39:16 | Computer Name = NTBC1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 8.9.2010 20:44:50 | Computer Name = NTBC1 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 10.9.2010 8:03:09 | Computer Name = NTBC1 | Source = Microsoft Office 12 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.

Error - 10.9.2010 8:56:29 | Computer Name = NTBC1 | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x00d1b5ed, ID procesu 0x440, čas spuštění aplikace
0x01cb50e792d90e76.

Error - 10.9.2010 10:05:14 | Computer Name = NTBC1 | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x00a1b5ed, ID procesu 0x348, čas spuštění aplikace
0x01cb50f12e569570.

Error - 10.9.2010 10:05:17 | Computer Name = NTBC1 | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x009cb5ed, ID procesu 0xb70, čas spuštění aplikace
0x01cb50f132281994.

[ OSession Events ]
Error - 21.4.2010 8:34:39 | Computer Name = NTBC1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16223
seconds with 1500 seconds of active time. This session ended with a crash.

Error - 3.5.2010 8:23:59 | Computer Name = NTBC1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 610
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 10.9.2010 2:43:34 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 2:45:12 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 2:46:50 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 3:23:51 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 3:25:28 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 3:27:06 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 3:28:44 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 3:30:21 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 3:32:00 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =

Error - 10.9.2010 3:33:37 | Computer Name = NTBC1 | Source = F-Secure Standalone Minifilter | ID = 327681
Description =


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not foundIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htmIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:D287FACF

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\ezsidmv.dat

:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[108motix]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\System32\drivers\blbdrive.sys File not foundIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htmIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch not found.
Prefs.js: pdfforge@mybrowserbar.com:1.1.2 removed from extensions.enabledItems
Prefs.js: searchsettings@spigot.com:1.2.3 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\ProgramData\TEMP:D287FACF deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3865133748-4181632270-301148789-1003Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3865133748-4181632270-301148789-1003UA.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{10DA35FA-5236-4514-9382-80BA9CF6383E}.job moved successfully.
C:\fsc.tmp\1014814 folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\trk folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\tha folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\sve folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\SLV folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\SKY folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\rus folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\ptg folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\ptb folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\plk folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\nor folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\nld folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\kor folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\jpn folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\ita folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\hun folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\heb folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\fra folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\fin folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\esp folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\ENU folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\ell folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\deu folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\dan folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\csy folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\cht folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\chs folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI\ara folder moved successfully.
C:\fsc.tmp\1014289\Lang\HDMI folder moved successfully.
C:\fsc.tmp\1014289\Lang folder moved successfully.
C:\fsc.tmp\1014289\HDMI folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\trk folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\tha folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\sve folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\SLV folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\SKY folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\rus folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\ptg folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\ptb folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\plk folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\nor folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\nld folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\kor folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\jpn folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\ita folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\hun folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\heb folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\fra folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\fin folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\esp folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\ENU folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\ell folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\deu folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\dan folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\csy folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\cht folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\chs folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI\ara folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG\HDMI folder moved successfully.
C:\fsc.tmp\1014289\Graphics\LANG folder moved successfully.
C:\fsc.tmp\1014289\Graphics folder moved successfully.
C:\fsc.tmp\1014289 folder moved successfully.
C:\fsc.tmp\1014286 folder moved successfully.
C:\fsc.tmp\1014283\WebCam Hotkey Utility 3.0.6.0\Disk1 folder moved successfully.
C:\fsc.tmp\1014283\WebCam Hotkey Utility 3.0.6.0 folder moved successfully.
C:\fsc.tmp\1014283\ACPI BIOS Linkage Service\1.0.0.0\Disk1 folder moved successfully.
C:\fsc.tmp\1014283\ACPI BIOS Linkage Service\1.0.0.0 folder moved successfully.
C:\fsc.tmp\1014283\ACPI BIOS Linkage Service folder moved successfully.
C:\fsc.tmp\1014283 folder moved successfully.
C:\fsc.tmp\1014106 folder moved successfully.
C:\fsc.tmp\1013799\WDM folder moved successfully.
C:\fsc.tmp\1013799\Vista64 folder moved successfully.
C:\fsc.tmp\1013799\Vista folder moved successfully.
C:\fsc.tmp\1013799\MSHDQFE\Win2K_XP\us folder moved successfully.
C:\fsc.tmp\1013799\MSHDQFE\Win2K_XP folder moved successfully.
C:\fsc.tmp\1013799\MSHDQFE\Win2K3\us folder moved successfully.
C:\fsc.tmp\1013799\MSHDQFE\Win2K3 folder moved successfully.
C:\fsc.tmp\1013799\MSHDQFE folder moved successfully.
C:\fsc.tmp\1013799\Config folder moved successfully.
C:\fsc.tmp\1013799 folder moved successfully.
C:\fsc.tmp\1013777\WinWDF\x86 folder moved successfully.
C:\fsc.tmp\1013777\WinWDF\x64 folder moved successfully.
C:\fsc.tmp\1013777\WinWDF folder moved successfully.
C:\fsc.tmp\1013777\WinNT5\x86 folder moved successfully.
C:\fsc.tmp\1013777\WinNT5\x64 folder moved successfully.
C:\fsc.tmp\1013777\WinNT5 folder moved successfully.
C:\fsc.tmp\1013777 folder moved successfully.
C:\fsc.tmp\1013318\Readmes folder moved successfully.
C:\fsc.tmp\1013318\INF\XP_2003_x64 folder moved successfully.
C:\fsc.tmp\1013318\INF\XP_2003 folder moved successfully.
C:\fsc.tmp\1013318\INF\Vista_64 folder moved successfully.
C:\fsc.tmp\1013318\INF\Vista folder moved successfully.
C:\fsc.tmp\1013318\INF\2000 folder moved successfully.
C:\fsc.tmp\1013318\INF folder moved successfully.
C:\fsc.tmp\1013318 folder moved successfully.
C:\fsc.tmp\1013303\x64 folder moved successfully.
C:\fsc.tmp\1013303\Vista folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\TRK folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\THA folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\SVE folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\RUS folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\PTG folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\PTB folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\PLK folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\NOR folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\NLD folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\KOR folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\JPN folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\ITA folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\HUN folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\HEB folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\FRC folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\FRA folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\FIN folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\ESP folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\ENU folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\ENG folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\ELL folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\DEU folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\DAN folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\CSY folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\CHT folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\CHS folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\ARB folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP\ARA folder moved successfully.
C:\fsc.tmp\1013303\Lang\CHIP folder moved successfully.
C:\fsc.tmp\1013303\Lang folder moved successfully.
C:\fsc.tmp\1013303\All folder moved successfully.
C:\fsc.tmp\1013303 folder moved successfully.
C:\fsc.tmp\1010945 folder moved successfully.
C:\fsc.tmp folder moved successfully.
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Alternate
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 40636647 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 866 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Honza
->Temp folder emptied: 370164075 bytes
->Temporary Internet Files folder emptied: 7723737 bytes
->Java cache emptied: 65214605 bytes
->FireFox cache emptied: 97393621 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2353 bytes

User: ITSprava
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5755920 bytes
RecycleBin emptied: 580714 bytes

Total Files Cleaned = 560,00 mb


[EMPTYFLASH]

User: All Users

User: Alternate
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Honza
->Flash cache emptied: 0 bytes

User: ITSprava

User: LogMeInRemoteUser

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 09132010_144901

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[jaro3]

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL


Pozn. BitDefender Online Scan může být užíván pouze prostřednictvím Internet Exploreru, případně Chrome a Firefoxu.

Spusť BitDefender Online Scan

Klikni na I Agree.
Nainstaluj si prosím addony , pokud to bude vyžadováno.
Klikni na START Scan
Nech aktualizovat virovou databázi. Poté se spustí automaticky sken všech souborů a složek.
Je-li nalezena infekce , pokusí se program o její dezinfekci/smazání .
Po skenu klikni na More Detail >>
Jdi k Detected Problems tabulce a klikni na Click here to export the scan report.
Ulož si report jako .html na svojí plochu. Zkopíruj celý text a vlož do pozn. bloku ( notepadu). Ulož si výsledek do pozn. bloku a vlož sem celý jeho obsah.

[108motix]

BitDefender Online Scanner

Scan report generated at: Tue, Sep 14, 2010 - 16:08:20

Scan path: C:\;D:\;E:\;F:\;

Statistics

Time


01:10:49

Files


384132

Folders


21696

Boot Sectors


0

Archives


2752

Packed Files


9798







Results

Identified Viruses


3

Infected Files


3

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


3







Engines Info

Virus Definitions


6378638

Engine build


AVCORE v2.1 Windows/i386 11.0.0.33 (Jun 18 2010)

Scan plugins


18

Archive plugins


44

Unpack plugins


10

E-mail plugins


6

System plugins


4







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Program Files\FSC\WebCam HotKey Utility\Webcam_HotKey.exe


Infected with: Trojan.Generic.KD.19994

C:\Program Files\FSC\WebCam HotKey Utility\Webcam_HotKey.exe


Deleted

D:\PRENOS\brutus-aet2\BrutusA2.exe


Detected with: Application.PWCrack.Brutus.A

D:\PRENOS\brutus-aet2\BrutusA2.exe


Disinfection failed

D:\PRENOS\brutus-aet2\BrutusA2.exe


Deleted

D:\Temp\Downloads\ochrana_a_cisteni\T-Cleaner.exe


Infected with: Backdoor.Generic.358364

D:\Temp\Downloads\ochrana_a_cisteni\T-Cleaner.exe


Deleted

[jaro3]

PC by měl být čistý..

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[108motix]

OK, vypadá to celkem dobře.

Díky moc za čas a hlavně za pomoc.

Přeju vše nej!