Netbook-procesor jede skoro na 100%

[JirkaM0207]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:27, on 5. 1. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files 2\Microsoft Office\Office\MSOFFICE.EXE
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\UserXP\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [snp2uvc] rundll32.exe C:\WINDOWS\system32\csnp2uvc.dll,ResetCIDS
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Panel zástupců Microsoft Office.Lnk = C:\Program Files 2\Microsoft Office\Office\MSOFFICE.EXE
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--
End of file - 5149 bytes

Combo Fix se spustí po vložení scriptu nicméně se nerozjede dál, takže zde vkládám fix z HJT, vytížení procesoru je stále nad hranicí 60%.

[Reklama]

[JirkaM0207]

Podařilo se mi nakonec spustit Combo Fix zde je log:

ComboFix 11-01-04.04 - UserXP . 01. 2011 11:50:38.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2038.1715 [GMT 1:00]
Spuštěný z: c:\documents and settings\UserXP\Plocha\ComboFix.exe
AV: AVG Anti-Virus 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-05 do 2011-01-05 )))))))))))))))))))))))))))))))
.

2011-01-05 10:08 . 2011-01-05 10:19 -------- d-----w- c:\documents and settings\Administrator
2011-01-05 08:41 . 2011-01-05 08:41 -------- d-----w- c:\documents and settings\UserXP\Data aplikací\AVG10
2011-01-05 08:35 . 2011-01-05 08:35 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2011-01-05 08:31 . 2011-01-05 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG10
2011-01-05 08:23 . 2011-01-05 08:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2011-01-04 20:17 . 2011-01-04 20:17 -------- d-----w- c:\documents and settings\UserXP\Local Settings\Data aplikací\Temp
2011-01-04 19:10 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-01-04 19:10 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-01-04 19:10 . 2011-01-04 19:10 -------- d-----w- c:\windows\Logs
2011-01-04 19:10 . 2011-01-04 19:10 -------- d-----w- c:\program files\Winamp Detect
2011-01-04 19:10 . 2005-01-28 12:44 819200 ----a-w- c:\program files\Windows Media Player\wmsetsdk.exe
2011-01-04 19:10 . 2005-01-28 12:44 47616 ----a-w- c:\program files\Windows Media Player\msoobci.dll
2011-01-04 16:36 . 2011-01-04 16:36 -------- d-----w- c:\windows\system32\XPSViewer
2011-01-04 16:36 . 2011-01-04 16:36 -------- d-----w- c:\program files\MSBuild
2011-01-04 16:36 . 2011-01-04 16:36 -------- d-----w- c:\documents and settings\UserXP\DoctorWeb
2011-01-04 16:35 . 2011-01-04 16:35 -------- d-----w- c:\program files\Reference Assemblies
2011-01-04 16:34 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-01-04 16:33 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-01-04 16:33 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-01-04 16:33 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-01-04 16:33 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-01-04 16:33 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-01-04 16:33 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-01-04 16:33 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-01-04 16:33 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-01-04 16:33 . 2011-01-04 16:34 -------- d-----w- C:\2bd73de14210445ff47fc66a
2011-01-04 15:18 . 2011-01-04 15:18 -------- d-sh--w- c:\documents and settings\UserXP\PrivacIE
2011-01-04 14:58 . 2011-01-04 14:58 -------- d-sh--w- c:\documents and settings\UserXP\IETldCache
2011-01-04 14:53 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-01-04 14:48 . 2010-11-06 00:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-01-04 14:48 . 2010-11-06 00:23 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-01-04 14:48 . 2010-11-06 00:23 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-01-04 14:48 . 2010-11-06 00:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-01-04 14:48 . 2010-11-06 00:23 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-01-04 14:48 . 2010-11-06 00:23 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-01-04 14:48 . 2010-11-06 00:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-01-04 14:45 . 2011-01-04 14:46 -------- dc-h--w- c:\windows\ie8
2011-01-04 14:30 . 2011-01-04 14:30 -------- d-----w- c:\documents and settings\UserXP\Data aplikací\Malwarebytes
2011-01-04 14:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-04 14:29 . 2011-01-04 14:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-01-04 14:29 . 2011-01-04 14:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-04 14:29 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-04 14:27 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-12-12 10:14 . 2010-12-12 10:14 -------- d-----w- c:\windows\system32\KB905474

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:15 . 2010-11-09 16:19 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-10 04:15 . 2009-06-20 14:56 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-11-06 00:23 . 2009-06-20 15:02 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2009-06-20 14:43 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2009-06-20 14:43 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2009-06-20 14:42 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2009-06-20 14:45 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2009-06-20 14:40 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2009-06-20 15:01 1853312 ----a-w- c:\windows\system32\win32k.sys
.

------- Sigcheck -------

[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\winlogon.exe

[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\user32.dll

[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\VistaMizer\old\explorer.exe

[-] 2008-04-14 . D8152865F2A59D765AF8317E38AA5FB4 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . D8152865F2A59D765AF8317E38AA5FB4 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\VistaMizer\old\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-08-24 18702336]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2006-07-17 53248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"PLFSetL"="c:\windows\PLFSetL.exe" [2008-07-03 94208]
"snp2uvc"="c:\windows\system32\csnp2uvc.dll" [2009-02-16 196608]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

c:\documents and settings\UserXP\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Panel z stupc… Microsoft Office.Lnk - c:\program files 2\Microsoft Office\Office\MSOFFICE.EXE [1997-2-22 334848]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2007-12-11 3746856]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-5-8 607584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=

R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4. 11. 2008 11:39 14336]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2. 3. 2009 13:03 38912]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9. 11. 2010 18:02 1684736]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [12. 11. 2010 18:57 7680]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [12. 11. 2010 18:57 110080]
S4 rdummy;rdummy;c:\windows\system32\drivers\rdummy.sys [20. 6. 2009 16:06 4096]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-05 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-12-12 21:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-05 11:58
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(752)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll
.
Celkový čas: 2011-01-05 12:02:13
ComboFix-quarantined-files.txt 2011-01-05 11:02
ComboFix2.txt 2011-01-05 03:34

Před spuštěním: Volných bajtů: 151 342 112 768
Po spuštění: Volných bajtů: 151 341 703 168

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[Boot Loader]
timeout=2
Default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(1)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="USB Repair NOT to Start Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - D413873528531A0278A26B5B2A45494D

[jaro3]

To není ten script v Combofixu , zkus to ještě jednou.

Mimochodem , vybral sis AVG10 , který nejspíše z těch free antivirů zatěžuje systém nejvíce....
pro Combofix se doporučuje ho nejprve odinstalovat a pak teprve pracovat s combofixem (by sUBs)..


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab


Pokud to nepůjde:
Kontrola HDD na chyby
otevři Tento počítač- pravým na disk-vlastnosti-záložka nástroje-kontrola chyb-zkontrolovat-v okně zatrhni obě políčka-klikni na spustit- tam to napíše , že kontrola bude provedena po příštím spuštění...
Restartuj PC, kontrola s opravou někdy trvá i několik hodin...

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials



Potom:
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[JirkaM0207]

OTL logfile created on: 5. 1. 2011 20:38:56 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\UserXP\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 141,27 Gb Free Space | 94,78% Space Free | Partition Type: NTFS

Computer Name: PRIVE-B55309FD4 | User Name: UserXP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\UserXP\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\SoftwareDistribution\Download\Install\NDP20SP2-KB2418241-x86.exe (Microsoft Corporation)
PRC - c:\d283d050426ddb5bd6c335\HotFixInstaller.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE ()
PRC - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
PRC - C:\Program Files 2\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\UserXP\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\system32\netui1.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui0.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ntlanman.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netrap.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\davclnt.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\drprov.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)


========== Driver Services (SafeList) ==========

DRV - (USBCCID) -- C:\WINDOWS\System32\DRIVERS\Rts5161ccid.sys File not found
DRV - (Rts516xIR) -- C:\WINDOWS\System32\DRIVERS\Rts516xIR.sys File not found
DRV - (RSUSBSTOR) -- C:\WINDOWS\System32\Drivers\RTS5121.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (rdummy) -- C:\WINDOWS\System32\drivers\rdummy.sys ()
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.01.04 17:39:05 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011.01.05 04:27:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.DLL ( )
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\UserXP\Nabídka Start\Programy\Po spuštění\Panel zástupců Microsoft Office.Lnk = C:\Program Files 2\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\UserXP\Nabídka Start\Programy\Po spuštění\Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = E0 FF FF 03 [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = E0 FF FF 03 [binary data]
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\vista.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\vista.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.05 20:37:22 | 000,000,000 | ---D | C] -- C:\d283d050426ddb5bd6c335
[2011.01.05 20:36:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\UserXP\Plocha\OTL.exe
[2011.01.05 20:29:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\UserXP\Recent
[2011.01.05 20:28:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.01.05 20:27:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.05 20:25:59 | 002,976,440 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\UserXP\Plocha\ccsetup302.exe
[2011.01.05 20:23:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.01.05 12:02:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.01.05 11:38:18 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.05 11:30:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Plocha\backups
[2011.01.05 11:25:11 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\UserXP\Plocha\hijackthis.exe
[2011.01.05 11:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2011.01.05 09:55:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\UserXP\Plocha\Instalace 2011
[2011.01.05 09:55:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Foto
[2011.01.05 09:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Microsoft Office
[2011.01.05 09:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Internet
[2011.01.05 09:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Internet
[2011.01.05 09:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\AVG10
[2011.01.05 09:35:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.01.05 09:31:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.01.05 09:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.01.04 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Local Settings\Data aplikací\Temp
[2011.01.04 20:10:29 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2011.01.04 20:10:28 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011.01.04 20:10:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011.01.04 20:10:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Winamp Detector Plug-in
[2011.01.04 20:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2011.01.04 20:08:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011.01.04 20:07:37 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2011.01.04 20:07:37 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2011.01.04 20:07:37 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2011.01.04 20:07:37 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2011.01.04 20:07:37 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2011.01.04 20:07:37 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2011.01.04 20:07:37 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2011.01.04 20:07:37 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2011.01.04 20:07:37 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2011.01.04 20:07:37 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2011.01.04 20:07:37 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2011.01.04 20:07:37 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2011.01.04 20:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2011.01.04 20:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\Winamp
[2011.01.04 17:36:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011.01.04 17:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011.01.04 17:36:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011.01.04 17:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011.01.04 17:33:29 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011.01.04 17:33:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011.01.04 17:33:28 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011.01.04 17:33:28 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011.01.04 17:33:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011.01.04 17:33:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011.01.04 17:33:21 | 000,000,000 | ---D | C] -- C:\2bd73de14210445ff47fc66a
[2011.01.04 16:18:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\UserXP\PrivacIE
[2011.01.04 15:58:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\UserXP\IETldCache
[2011.01.04 15:49:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.01.04 15:48:07 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011.01.04 15:48:07 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011.01.04 15:48:07 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.01.04 15:48:07 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011.01.04 15:48:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011.01.04 15:47:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.01.04 15:45:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.01.04 15:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\Malwarebytes
[2011.01.04 15:29:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.01.04 15:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.01.04 15:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.01.04 15:29:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.01.04 15:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.04 15:27:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.12.12 11:14:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010.12.09 21:04:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\UserXP\Plocha\RPG Byty Prosinec 2010
[2010.12.09 20:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\WinRAR
[2010.12.09 20:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\WinRAR
[2010.12.09 20:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2010.12.09 20:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.11.09 19:28:57 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010.11.09 19:28:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.05 20:46:21 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.05 20:46:21 | 000,429,262 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.05 20:46:21 | 000,078,250 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.05 20:46:21 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.05 20:36:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\UserXP\Plocha\OTL.exe
[2011.01.05 20:31:07 | 000,033,096 | ---- | M] () -- C:\Documents and Settings\UserXP\Plocha\cc_20110105_203040.reg
[2011.01.05 20:27:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.05 20:27:09 | 000,210,944 | ---- | M] () -- C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe
[2011.01.05 20:25:59 | 002,976,440 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\UserXP\Plocha\ccsetup302.exe
[2011.01.05 13:05:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.05 11:38:31 | 000,000,571 | RHS- | M] () -- C:\boot.ini
[2011.01.05 08:02:14 | 000,000,455 | ---- | M] () -- C:\Boot.bak
[2011.01.05 04:27:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.04 20:09:56 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.01.04 19:31:43 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\UserXP\Plocha\hijackthis.exe
[2011.01.04 18:08:24 | 000,256,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.04 12:44:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.05 20:31:03 | 000,033,096 | ---- | C] () -- C:\Documents and Settings\UserXP\Plocha\cc_20110105_203040.reg
[2011.01.05 20:27:58 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.05 20:27:08 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe
[2011.01.05 04:01:01 | 000,000,455 | ---- | C] () -- C:\Boot.bak
[2011.01.05 04:00:54 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.11.10 04:40:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.09 19:28:57 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010.11.09 19:28:57 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010.11.09 19:28:57 | 000,000,245 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010.11.09 19:10:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2010.11.09 18:05:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.10.23 20:56:52 | 000,000,493 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.06.20 16:06:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdummy.sys
[2009.05.08 15:08:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.12.30 19:13:14 | 000,137,196 | R--- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceManager.xml.rc4
[2008.08.20 15:45:46 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceInstaller.xml
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997.02.22 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997.02.22 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2011.01.05 11:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2010.11.09 19:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2011.01.05 09:35:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.01.05 09:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.11.12 18:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2010.11.12 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2011.01.05 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UserXP\Data aplikací\AVG10
[2010.11.12 18:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UserXP\Data aplikací\Vodafone

========== Purity Check ==========



< End of report >
PRC - C:\Documents and Settings\UserXP\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
PRC - C:\Program Files 2\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\UserXP\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\system32\netui1.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui0.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ntlanman.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netrap.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\davclnt.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\drprov.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)


========== Driver Services (SafeList) ==========

DRV - (USBCCID) -- C:\WINDOWS\System32\DRIVERS\Rts5161ccid.sys File not found
DRV - (Rts516xIR) -- C:\WINDOWS\System32\DRIVERS\Rts516xIR.sys File not found
DRV - (RSUSBSTOR) -- C:\WINDOWS\System32\Drivers\RTS5121.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (rdummy) -- C:\WINDOWS\System32\drivers\rdummy.sys ()
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.01.04 17:39:05 | 000,000,000 | ---D | M]

[JirkaM0207]

O1 HOSTS File: ([2011.01.05 04:27:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.DLL ( )
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\UserXP\Nabídka Start\Programy\Po spuštění\Panel zástupců Microsoft Office.Lnk = C:\Program Files 2\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\UserXP\Nabídka Start\Programy\Po spuštění\Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = E0 FF FF 03 [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = E0 FF FF 03 [binary data]
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\vista.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\vista.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.05 20:53:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.01.05 20:49:41 | 000,000,000 | ---D | C] -- C:\051cafeec6f2c2cb0bcd19475e5c
[2011.01.05 20:36:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\UserXP\Plocha\OTL.exe
[2011.01.05 20:29:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\UserXP\Recent
[2011.01.05 20:28:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.01.05 20:27:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.05 20:25:59 | 002,976,440 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\UserXP\Plocha\ccsetup302.exe
[2011.01.05 20:23:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.01.05 12:02:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.01.05 11:38:18 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.05 11:30:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Plocha\backups
[2011.01.05 11:25:11 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\UserXP\Plocha\hijackthis.exe
[2011.01.05 11:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2011.01.05 09:55:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\UserXP\Plocha\Instalace 2011
[2011.01.05 09:55:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Foto
[2011.01.05 09:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Microsoft Office
[2011.01.05 09:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Internet
[2011.01.05 09:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Internet
[2011.01.05 09:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\AVG10
[2011.01.05 09:35:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.01.05 09:31:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.01.05 09:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.01.04 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Local Settings\Data aplikací\Temp
[2011.01.04 20:10:29 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2011.01.04 20:10:28 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011.01.04 20:10:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011.01.04 20:10:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Winamp Detector Plug-in
[2011.01.04 20:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2011.01.04 20:08:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011.01.04 20:07:37 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2011.01.04 20:07:37 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2011.01.04 20:07:37 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2011.01.04 20:07:37 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2011.01.04 20:07:37 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2011.01.04 20:07:37 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2011.01.04 20:07:37 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2011.01.04 20:07:37 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2011.01.04 20:07:37 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2011.01.04 20:07:37 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2011.01.04 20:07:37 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2011.01.04 20:07:37 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2011.01.04 20:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2011.01.04 20:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\Winamp
[2011.01.04 17:36:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011.01.04 17:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011.01.04 17:36:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011.01.04 17:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011.01.04 17:33:29 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011.01.04 17:33:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011.01.04 17:33:28 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011.01.04 17:33:28 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011.01.04 17:33:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011.01.04 17:33:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011.01.04 17:33:21 | 000,000,000 | ---D | C] -- C:\2bd73de14210445ff47fc66a
[2011.01.04 16:18:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\UserXP\PrivacIE
[2011.01.04 15:58:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\UserXP\IETldCache
[2011.01.04 15:49:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.01.04 15:48:07 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011.01.04 15:48:07 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011.01.04 15:48:07 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.01.04 15:48:07 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011.01.04 15:48:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011.01.04 15:47:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.01.04 15:45:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.01.04 15:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\Malwarebytes
[2011.01.04 15:29:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.01.04 15:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.01.04 15:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.01.04 15:29:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.01.04 15:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.04 15:27:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.12.12 11:14:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010.12.09 21:04:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\UserXP\Plocha\RPG Byty Prosinec 2010
[2010.12.09 20:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\WinRAR
[2010.12.09 20:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\WinRAR
[2010.12.09 20:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2010.12.09 20:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.11.09 19:28:57 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010.11.09 19:28:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.05 20:46:21 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.05 20:46:21 | 000,429,262 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.05 20:46:21 | 000,078,250 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.05 20:46:21 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.05 20:37:13 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.01.05 20:36:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\UserXP\Plocha\OTL.exe
[2011.01.05 20:31:07 | 000,033,096 | ---- | M] () -- C:\Documents and Settings\UserXP\Plocha\cc_20110105_203040.reg
[2011.01.05 20:27:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.05 20:27:09 | 000,210,944 | ---- | M] () -- C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe
[2011.01.05 20:25:59 | 002,976,440 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\UserXP\Plocha\ccsetup302.exe
[2011.01.05 13:05:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.05 11:38:31 | 000,000,571 | RHS- | M] () -- C:\boot.ini
[2011.01.05 08:02:14 | 000,000,455 | ---- | M] () -- C:\Boot.bak
[2011.01.05 04:27:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.04 20:09:56 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.01.04 19:31:43 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\UserXP\Plocha\hijackthis.exe
[2011.01.04 18:08:24 | 000,256,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.04 12:44:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.05 20:37:11 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.01.05 20:31:03 | 000,033,096 | ---- | C] () -- C:\Documents and Settings\UserXP\Plocha\cc_20110105_203040.reg
[2011.01.05 20:27:58 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.05 20:27:08 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe
[2011.01.05 04:01:01 | 000,000,455 | ---- | C] () -- C:\Boot.bak
[2011.01.05 04:00:54 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.11.10 04:40:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.09 19:28:57 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010.11.09 19:28:57 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010.11.09 19:28:57 | 000,000,245 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010.11.09 19:10:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2010.11.09 18:05:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.10.23 20:56:52 | 000,000,493 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.06.20 16:06:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdummy.sys
[2009.05.08 15:08:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.12.30 19:13:14 | 000,137,196 | R--- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceManager.xml.rc4
[2008.08.20 15:45:46 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceInstaller.xml
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997.02.22 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997.02.22 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2011.01.05 11:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2010.11.09 19:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2011.01.05 09:35:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.01.05 09:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.11.12 18:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2010.11.12 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2011.01.05 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UserXP\Data aplikací\AVG10
[2010.11.12 18:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UserXP\Data aplikací\Vodafone

========== Purity Check ==========



< End of report >
DRV - (USBCCID) -- C:\WINDOWS\System32\DRIVERS\Rts5161ccid.sys File not found
DRV - (Rts516xIR) -- C:\WINDOWS\System32\DRIVERS\Rts516xIR.sys File not found
DRV - (RSUSBSTOR) -- C:\WINDOWS\System32\Drivers\RTS5121.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (rdummy) -- C:\WINDOWS\System32\drivers\rdummy.sys ()
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)

[JirkaM0207]

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.01.04 17:39:05 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011.01.05 04:27:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.DLL ( )
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\UserXP\Nabídka Start\Programy\Po spuštění\Panel zástupců Microsoft Office.Lnk = C:\Program Files 2\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\UserXP\Nabídka Start\Programy\Po spuštění\Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = E0 FF FF 03 [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = E0 FF FF 03 [binary data]
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1085031214-1417001333-299502267-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\vista.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\vista.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.05 20:53:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.01.05 20:49:41 | 000,000,000 | ---D | C] -- C:\051cafeec6f2c2cb0bcd19475e5c
[2011.01.05 20:36:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\UserXP\Plocha\OTL.exe
[2011.01.05 20:29:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\UserXP\Recent
[2011.01.05 20:28:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.01.05 20:27:53 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.05 20:25:59 | 002,976,440 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\UserXP\Plocha\ccsetup302.exe
[2011.01.05 20:23:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.01.05 12:02:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.01.05 11:38:18 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.05 11:30:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Plocha\backups
[2011.01.05 11:25:11 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\UserXP\Plocha\hijackthis.exe
[2011.01.05 11:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2011.01.05 09:55:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\UserXP\Plocha\Instalace 2011
[2011.01.05 09:55:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Foto
[2011.01.05 09:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Microsoft Office
[2011.01.05 09:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Internet
[2011.01.05 09:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Internet
[2011.01.05 09:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\AVG10
[2011.01.05 09:35:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.01.05 09:31:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.01.05 09:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.01.04 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Local Settings\Data aplikací\Temp
[2011.01.04 20:10:29 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2011.01.04 20:10:28 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011.01.04 20:10:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011.01.04 20:10:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\Winamp Detector Plug-in
[2011.01.04 20:10:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2011.01.04 20:08:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2011.01.04 20:07:37 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2011.01.04 20:07:37 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2011.01.04 20:07:37 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2011.01.04 20:07:37 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2011.01.04 20:07:37 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2011.01.04 20:07:37 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2011.01.04 20:07:37 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2011.01.04 20:07:37 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2011.01.04 20:07:37 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2011.01.04 20:07:37 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2011.01.04 20:07:37 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2011.01.04 20:07:37 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2011.01.04 20:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2011.01.04 20:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\Winamp
[2011.01.04 17:36:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011.01.04 17:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011.01.04 17:36:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011.01.04 17:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011.01.04 17:33:29 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011.01.04 17:33:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011.01.04 17:33:28 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011.01.04 17:33:28 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011.01.04 17:33:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011.01.04 17:33:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011.01.04 17:33:21 | 000,000,000 | ---D | C] -- C:\2bd73de14210445ff47fc66a
[2011.01.04 16:18:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\UserXP\PrivacIE
[2011.01.04 15:58:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\UserXP\IETldCache
[2011.01.04 15:49:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.01.04 15:48:07 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011.01.04 15:48:07 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011.01.04 15:48:07 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.01.04 15:48:07 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011.01.04 15:48:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011.01.04 15:47:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011.01.04 15:45:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.01.04 15:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\Malwarebytes
[2011.01.04 15:29:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.01.04 15:29:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.01.04 15:29:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.01.04 15:29:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.01.04 15:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.04 15:27:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.12.12 11:14:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010.12.09 21:04:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\UserXP\Plocha\RPG Byty Prosinec 2010
[2010.12.09 20:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Data aplikací\WinRAR
[2010.12.09 20:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\UserXP\Nabídka Start\Programy\WinRAR
[2010.12.09 20:54:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2010.12.09 20:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.11.09 19:28:57 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010.11.09 19:28:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.05 20:57:51 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.05 20:57:51 | 000,429,262 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.05 20:57:51 | 000,078,250 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.05 20:57:51 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.05 20:37:13 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.01.05 20:36:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\UserXP\Plocha\OTL.exe
[2011.01.05 20:31:07 | 000,033,096 | ---- | M] () -- C:\Documents and Settings\UserXP\Plocha\cc_20110105_203040.reg
[2011.01.05 20:27:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.05 20:27:09 | 000,210,944 | ---- | M] () -- C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe
[2011.01.05 20:25:59 | 002,976,440 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\UserXP\Plocha\ccsetup302.exe
[2011.01.05 13:05:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.05 11:38:31 | 000,000,571 | RHS- | M] () -- C:\boot.ini
[2011.01.05 08:02:14 | 000,000,455 | ---- | M] () -- C:\Boot.bak
[2011.01.05 04:27:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.04 20:09:56 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.01.04 19:31:43 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\UserXP\Plocha\hijackthis.exe
[2011.01.04 18:08:24 | 000,256,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.04 12:44:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.05 20:37:11 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.01.05 20:31:03 | 000,033,096 | ---- | C] () -- C:\Documents and Settings\UserXP\Plocha\cc_20110105_203040.reg
[2011.01.05 20:27:58 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.05 20:27:08 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe
[2011.01.05 04:01:01 | 000,000,455 | ---- | C] () -- C:\Boot.bak
[2011.01.05 04:00:54 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.11.10 04:40:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.09 19:28:57 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010.11.09 19:28:57 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010.11.09 19:28:57 | 000,000,245 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2010.11.09 19:10:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2010.11.09 18:05:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.10.23 20:56:52 | 000,000,493 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.06.20 16:06:28 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdummy.sys
[2009.05.08 15:08:42 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.12.30 19:13:14 | 000,137,196 | R--- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceManager.xml.rc4
[2008.08.20 15:45:46 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DeviceInstaller.xml
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997.02.22 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997.02.22 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2011.01.05 11:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2010.11.09 19:35:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2011.01.05 09:35:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.01.05 09:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.11.12 18:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2010.11.12 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2011.01.05 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UserXP\Data aplikací\AVG10
[2010.11.12 18:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UserXP\Data aplikací\Vodafone

========== Purity Check ==========



< End of report >

[jaro3]

Máš to nějaké přeházené....a několikrát to samé..

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
DRV - (USBCCID) -- C:\WINDOWS\System32\DRIVERS\Rts5161ccid.sys File not found
DRV - (Rts516xIR) -- C:\WINDOWS\System32\DRIVERS\Rts516xIR.sys File not found
DRV - (RSUSBSTOR) -- C:\WINDOWS\System32\Drivers\RTS5121.sys File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18 - Protocol\Handler\msdaipp - No CLSID value found
[2011.01.05 20:46:21 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.05 20:46:21 | 000,429,262 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.05 20:46:21 | 000,078,250 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.05 20:46:21 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\imsins.BAK
C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\System32\igfxCoIn_v4926.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[JirkaM0207]

All processes killed
Error: Unable to interpret <PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context!
Error: Unable to interpret <SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found> in the current context!
Error: Unable to interpret <DRV - (USBCCID) -- C:\WINDOWS\System32\DRIVERS\Rts5161ccid.sys File not found> in the current context!
Error: Unable to interpret <DRV - (Rts516xIR) -- C:\WINDOWS\System32\DRIVERS\Rts516xIR.sys File not found> in the current context!
Error: Unable to interpret <DRV - (RSUSBSTOR) -- C:\WINDOWS\System32\Drivers\RTS5121.sys File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present> in the current context!
Error: Unable to interpret <O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\msdaipp - No CLSID value found> in the current context!
Error: Unable to interpret <[2011.01.05 20:46:21 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2011.01.05 20:46:21 | 000,429,262 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat> in the current context!
Error: Unable to interpret <[2011.01.05 20:46:21 | 000,078,250 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat> in the current context!
Error: Unable to interpret <[2011.01.05 20:46:21 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat> in the current context!
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\imsins.BAK moved successfully.
C:\Documents and Settings\UserXP\Plocha\T-Cleaner.exe moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: UserXP
->Temp folder emptied: 55397371 bytes
->Temporary Internet Files folder emptied: 2280707 bytes
->Flash cache emptied: 558 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 604 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 55,00 mb


OTL by OldTimer - Version 3.2.20.1 log created on 01062011_065857

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[JirkaM0207]

File name: igfxCoIn_v4926.dll
Submission date: 2011-01-06 06:08:47 (UTC)
Current status: queued queued analysing finished


Result: 0/ 38 (0.0%)


http://www.virustotal.com/file-scan/rep ... 1294294127

[jaro3]

Jak to vypadá s vytížením?

[JirkaM0207]

Řekl bych, že je to něco lepší,ale stejně je vytížení kolem 60%.A když počítač startuje tak úvodní zvuk je trhaný jak nevím co,tam je zatížení okolo 90%.Dá se tedy ještě něco udělat?

[jaro3]

Vypni rez.ochrany a firewall.

Spusť F-Secure Online Scanner

Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .

Příčinou mohou být chyby na disku , RAM ap.

Kontrola HDD na chyby
otevři Tento počítač- pravým na disk-vlastnosti-záložka nástroje-kontrola chyb-zkontrolovat-v okně zatrhni obě políčka-klikni na spustit- tam to napíše , že kontrola bude provedena po příštím spuštění...
Restartuj PC, kontrola s opravou někdy trvá i několik hodin...

Zkus i defragmentaci..

+
Memtest:


Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

Další příčinou může být ztráta souborů ve windows , systém je stále hledá..

Oprava windows
Stáhni si Dial-a-fix

Klikni na kladívko-další možnosti:
SFC scan - Spustí nástroj pro kontrolu systémových souborů (případná potřeba instalačního media Windows).
Klikni na službu a potom na GO.