prosím o kontrolu z combofix

[mafian]

tak jsem kontrolu dával 4x z toho se celé pc cca po 3 hodinách seklo a zbylé 2 se po dokončení samo odsebe pc resetlo a log nikde.neobešlo by se to bez tohoho?:

[Reklama]

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[mafian]

OTL logfile created on: 22.5.2012 8:41:43 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 84,08% Memory free
5,09 Gb Paging File | 4,63 Gb Available in Paging File | 91,04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 33,01 Gb Free Space | 48,29% Space Free | Partition Type: NTFS
Drive D: | 59,63 Gb Total Space | 37,03 Gb Free Space | 62,11% Space Free | Partition Type: NTFS
Drive F: | 337,77 Gb Total Space | 117,35 Gb Free Space | 34,74% Space Free | Partition Type: NTFS
Drive G: | 127,99 Gb Total Space | 46,14 Gb Free Space | 36,05% Space Free | Partition Type: NTFS
Drive I: | 68,36 Gb Total Space | 40,20 Gb Free Space | 58,80% Space Free | Partition Type: NTFS
Drive K: | 171,77 Gb Total Space | 42,29 Gb Free Space | 24,62% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 47,98 Gb Free Space | 49,13% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\uživatel\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe (Software602 a.s.)
PRC - C:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
PRC - C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\Software602.dll ()
MOD - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (602XML Updater) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe (Software602 a.s.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Správce výběru OS) -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe ()
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (w810mdm) -- C:\WINDOWS\system32\drivers\w810mdm.sys (MCCI)
DRV - (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\w810mgmt.sys (MCCI)
DRV - (w810obex) -- C:\WINDOWS\system32\drivers\w810obex.sys (MCCI)
DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\w810bus.sys (MCCI)
DRV - (w810mdfl) -- C:\WINDOWS\system32\drivers\w810mdfl.sys (MCCI)
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (AtiHDAudioService) -- C:\WINDOWS\system32\drivers\AtihdXP3.sys (Advanced Micro Devices)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (PAR1284) -- C:\WINDOWS\system32\Par1284.sys (Warp Nine Engineering)
DRV - (WinDriver6) -- C:\WINDOWS\system32\drivers\windrvr6.sys (Jungo)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\WINDOWS\system32\drivers\RtHDMI.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (amdide) -- C:\WINDOWS\system32\drivers\amdide.sys (Advanced Micro Devices)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... t=1&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}&q={searchTerms}&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ww.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7866A522-A298-43B8-BCBC-089733E28918}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =827316&p={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... t=1&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}&q={searchTerms}&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}
IE - HKCU\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=en&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.12.29 14:00:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.03.29 21:24:39 | 000,000,000 | ---D | M]

[2012.05.13 16:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\extensions

O1 HOSTS File: ([2012.05.19 15:15:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Bonus.SSR.FR11] C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe (ABBYY.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0A2D612-9559-4215-AAD7-1B34697AC779}: NameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8B99982-EFB9-4C64-B43C-FA0CDD747D4D}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012.05.22 08:40:08 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2012.05.20 18:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.05.20 18:59:27 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe
[2012.05.20 18:52:35 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\uživatel\Plocha\aswMBR.exe
[2012.05.20 12:00:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Dokumenty\StreamTransport
[2012.05.20 09:09:40 | 003,982,240 | ---- | C] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Flash10d.ocx
[2012.05.20 09:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\StreamTransport
[2012.05.20 09:09:39 | 000,000,000 | ---D | C] -- C:\Program Files\StreamTransport
[2012.05.19 15:11:46 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.05.19 15:02:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\uživatel\Recent
[2012.05.14 09:38:32 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.05.14 09:38:32 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.05.12 10:34:55 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012.05.12 10:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[2012.05.12 10:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2012.05.12 10:34:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.05.12 10:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla
[2012.05.12 10:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickDownload
[2012.05.12 10:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG PC Tuneup 2011
[2012.05.05 19:38:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ABBYY FineReader 11
[2012.05.05 19:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 11
[2012.05.05 19:21:54 | 000,000,000 | ---D | C] -- C:\Temp
[2012.05.05 11:40:29 | 004,140,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.04.28 21:30:28 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2012.04.28 21:30:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Nabídka Start\Programy\FormatFactory
[2012.04.28 21:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2012.04.28 21:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Data aplikací\Nuclear Coffee
[2012.04.23 09:47:11 | 000,000,000 | ---D | C] -- C:\$AVG
[2012.04.22 17:32:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\uživatel\Nabídka Start\Programy\OFIS
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012.05.22 08:40:08 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\uživatel\Plocha\OTL.exe
[2012.05.22 08:30:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.22 08:23:21 | 098,799,698 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012.05.22 08:20:11 | 000,013,002 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.05.22 08:19:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.21 17:06:22 | 524,298,240 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Top Gear 2011 S17E06.avi
[2012.05.21 16:34:15 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.05.21 12:52:27 | 000,353,040 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012.05.20 19:19:30 | 000,068,079 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\aquatrans_modularite_450.jpg
[2012.05.20 18:59:31 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe
[2012.05.20 18:52:47 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\uživatel\Plocha\aswMBR.exe
[2012.05.20 18:52:14 | 002,107,843 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\tdsskiller.zip
[2012.05.20 09:09:41 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ StreamTransport.lnk
[2012.05.19 15:15:24 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.05.19 15:11:51 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.05.19 10:22:17 | 000,215,879 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\pinfect.zip
[2012.05.19 08:44:40 | 000,104,960 | ---- | M] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.19 08:34:56 | 1596,387,328 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\The.Avengers.2012.CAM.V2.XviD.AC3.CZ-TODE(1).avi
[2012.05.18 19:48:17 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
[2012.05.14 09:39:11 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.05.14 09:39:11 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.05.14 06:04:35 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.13 16:46:13 | 005,955,584 | ---- | M] () -- C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
[2012.05.05 17:31:04 | 752,953,124 | ---- | M] () -- C:\Impossible2011.CZ-BwT.rar
[2012.05.05 14:40:27 | 004,140,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.05.03 11:50:09 | 000,577,896 | ---- | M] () -- C:\změna švec.pdf
[2012.04.28 21:30:11 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\uživatel\Plocha\Format Factory.lnk
[2012.04.24 21:03:03 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.04.22 17:31:58 | 000,496,032 | ---- | M] () -- C:\Documents and Settings\uživatel\Dokumenty\setup.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012.05.21 16:53:12 | 524,298,240 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Top Gear 2011 S17E06.avi
[2012.05.20 19:19:30 | 000,068,079 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\aquatrans_modularite_450.jpg
[2012.05.20 18:52:14 | 002,107,843 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\tdsskiller.zip
[2012.05.20 09:09:41 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ StreamTransport.lnk
[2012.05.19 06:49:19 | 1596,387,328 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\The.Avengers.2012.CAM.V2.XviD.AC3.CZ-TODE(1).avi
[2012.05.14 09:38:32 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.13 16:46:11 | 005,955,584 | ---- | C] () -- C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
[2012.05.05 19:38:28 | 000,002,495 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
[2012.05.05 16:56:54 | 752,953,124 | ---- | C] () -- C:\Impossible2011.CZ-BwT.rar
[2012.05.03 11:50:09 | 000,577,896 | ---- | C] () -- C:\změna švec.pdf
[2012.04.28 21:30:11 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\uživatel\Plocha\Format Factory.lnk
[2012.04.22 17:31:53 | 000,496,032 | ---- | C] () -- C:\Documents and Settings\uživatel\Dokumenty\setup.exe
[2012.04.17 09:03:49 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\fusioncache.dat
[2012.04.04 11:51:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012.03.02 18:07:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012.03.02 10:29:20 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.27 20:05:14 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.02.27 20:05:13 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012.02.24 11:23:47 | 000,001,312 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\SRDownloader.nast
[2012.02.19 12:16:22 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\HMIPCore.dll
[2012.02.17 17:43:14 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\uživatel\Data aplikací\vso_ts_preview.xml
[2012.02.15 10:06:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.12 19:16:25 | 000,000,183 | ---- | C] () -- C:\WINDOWS\aimpr.ini
[2012.01.29 18:28:59 | 000,000,054 | ---- | C] () -- C:\WINDOWS\RP121032.INI
[2012.01.29 18:28:57 | 000,008,937 | ---- | C] () -- C:\WINDOWS\dx121032.ini
[2012.01.29 18:28:57 | 000,007,851 | ---- | C] () -- C:\WINDOWS\NXEDL32.ini
[2012.01.29 18:28:57 | 000,001,053 | ---- | C] () -- C:\WINDOWS\SerialDV.INI
[2012.01.29 18:28:57 | 000,000,286 | ---- | C] () -- C:\WINDOWS\BTConnectUtility.ini
[2012.01.29 18:28:48 | 000,001,336 | ---- | C] () -- C:\WINDOWS\ExceptionReport.ini
[2012.01.29 18:28:48 | 000,001,198 | ---- | C] () -- C:\WINDOWS\xVDSClientCntrl.ini
[2012.01.29 18:28:48 | 000,000,583 | ---- | C] () -- C:\WINDOWS\xVDSMgr.ini
[2012.01.29 18:27:05 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2012.01.29 18:26:54 | 000,000,617 | ---- | C] () -- C:\WINDOWS\ECULP.ini
[2012.01.29 18:26:52 | 000,000,191 | ---- | C] () -- C:\WINDOWS\FaultMon.INI
[2012.01.29 18:26:50 | 000,569,439 | ---- | C] () -- C:\WINDOWS\System32\JDLegacyCfgReader.dll
[2012.01.29 18:25:27 | 000,001,399 | ---- | C] () -- C:\WINDOWS\PayloadProcessor.Ini
[2012.01.29 18:24:28 | 000,479,232 | ---- | C] () -- C:\WINDOWS\System32\JDMemAccessController.dll
[2012.01.29 18:24:28 | 000,323,657 | ---- | C] () -- C:\WINDOWS\System32\JDComm.dll
[2012.01.29 18:24:28 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\JDPFController.dll
[2012.01.29 18:24:28 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\JDPhoenixController.dll
[2012.01.29 18:24:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\JDEnhancedSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDJDOW.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDJDCFD.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\PWDHarvestorWorks.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSupplierSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSimpleSecurity.dll
[2012.01.29 18:24:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\JDSimple2Security.dll
[2012.01.29 18:24:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PWDPhoenix.dll
[2012.01.29 18:23:26 | 000,221,255 | ---- | C] () -- C:\WINDOWS\System32\JDLog.dll
[2012.01.29 18:23:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\JDNetCommSerial.dll
[2012.01.29 18:23:26 | 000,168,011 | ---- | C] () -- C:\WINDOWS\System32\JDError.dll
[2012.01.29 18:21:25 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\VersionInfo.dll
[2012.01.29 18:21:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JDBinaryRecords.dll
[2012.01.29 18:21:25 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\JDArrayUtils.dll
[2012.01.29 18:21:24 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\JDHarvesterController.dll
[2012.01.29 18:21:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\JDPlus1Controller.dll
[2012.01.15 13:29:30 | 000,000,055 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2012.01.13 19:44:36 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012.01.08 19:15:41 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.12.31 16:52:34 | 000,000,111 | ---- | C] () -- C:\WINDOWS\posta2.ini
[2011.12.31 11:00:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.31 11:00:00 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.29 13:29:12 | 000,004,952 | ---- | C] () -- C:\WINDOWS\BOOTFONT.BIN
[2011.12.28 17:17:24 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS53.DLL
[2011.12.28 12:28:42 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.12.28 12:28:32 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2011.12.28 12:28:32 | 000,601,728 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.12.28 12:23:06 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011.12.28 12:12:22 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.12.28 12:11:04 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.28 11:25:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.12.28 11:21:49 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[color=#E56717]========== LOP Check ==========[/color]

[2011.12.29 12:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2012.03.29 21:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.03.29 21:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2012
[2011.12.28 17:17:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.03.29 20:58:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.02.19 12:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
[2012.02.19 12:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy 5.1.4.8_Crack_HideIPEasy.exe
[2011.12.31 21:49:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.03.22 21:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2012.03.22 21:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2012.04.05 11:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2012.01.15 12:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FTWeak
[2012.02.19 12:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HideIPEasy
[2012.04.15 16:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.05.22 08:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2012.01.29 18:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Service ADVISOR
[2012.05.12 10:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.05.12 10:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[2012.02.13 15:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2012.05.19 10:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.04.04 10:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2012.04.08 15:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\602Installer
[2012.04.08 15:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\602XML
[2012.05.05 17:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\AVG
[2012.03.29 21:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\AVG2012
[2012.03.15 19:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\avv
[2012.02.19 12:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_H-IP_HD_Crack_HideIPEasy.exe
[2012.02.19 12:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\C__Documents and Settings_uživatel_Dokumenty_Hide-IP-Easy-5.1.4.8_Hide IP Easy 5.1.4.8_Crack_HideIPEasy.exe
[2012.03.24 12:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\DAEMON Tools Lite
[2012.04.09 12:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Dropbox
[2012.04.05 11:24:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Epson
[2012.01.15 12:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\FTweak
[2012.02.19 12:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\HideIPEasy
[2012.05.12 10:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\ICQ
[2012.04.28 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Nuclear Coffee
[2012.02.04 10:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\OpenCandy
[2012.02.13 22:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\OpenOffice.org
[2012.01.03 19:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Opera
[2012.02.21 15:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Posta
[2012.01.23 20:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Product_RM
[2012.01.23 21:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Registry Mechanic
[2012.02.13 15:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Teleca
[2012.01.10 20:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Trine2
[2012.01.08 17:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Ubisoft
[2012.03.15 19:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Updatem
[2012.01.29 14:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\VitySoft
[2012.02.17 17:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uživatel\Data aplikací\Vso
[2012.05.21 22:37:31 | 000,032,584 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 241 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

[mafian]

OTL Extras logfile created on: 22.5.2012 8:41:43 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 84,08% Memory free
5,09 Gb Paging File | 4,63 Gb Available in Paging File | 91,04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 33,01 Gb Free Space | 48,29% Space Free | Partition Type: NTFS
Drive D: | 59,63 Gb Total Space | 37,03 Gb Free Space | 62,11% Space Free | Partition Type: NTFS
Drive F: | 337,77 Gb Total Space | 117,35 Gb Free Space | 34,74% Space Free | Partition Type: NTFS
Drive G: | 127,99 Gb Total Space | 46,14 Gb Free Space | 36,05% Space Free | Partition Type: NTFS
Drive I: | 68,36 Gb Total Space | 40,20 Gb Free Space | 58,80% Space Free | Partition Type: NTFS
Drive K: | 171,77 Gb Total Space | 42,29 Gb Free Space | 24,62% Space Free | Partition Type: NTFS
Drive L: | 97,65 Gb Total Space | 47,98 Gb Free Space | 49,13% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2 -- (Crytek GmbH)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\Common Files\soft602\langserv.exe" = C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker -- ()
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager -- (SweetIM Technologies Ltd.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{036138A4-CE69-54B3-EC3A-22EC160303E0}" = CCC Help Czech
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{045ECA18-1DB2-64C8-2279-F73A8DCE3B5E}" = CCC Help Hungarian
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06E34C00-0446-4176-81C8-A5DAFE53CA36}" = Acronis Disk Director
"{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}" = SweetIM for Messenger 3.6
"{09C6A4C7-A2D2-1DD9-A81C-44C30042A00C}" = CCC Help Greek
"{0A173336-214D-0609-4897-5E2547D0395D}" = CCC Help Dutch
"{0A68C819-3333-E57F-5881-D3FE31C1F2D5}" = CCC Help Turkish
"{0B1F138F-F085-22C6-6A38-3DBFB785B14B}" = Catalyst Control Center Graphics Full New
"{1B9E212F-DFDC-F1D4-D1FD-986149513125}" = CCC Help Russian
"{1CAEFAE2-D12E-CA26-62BC-DF452004B3B1}" = CCC Help Swedish
"{1D9B2B74-82B1-9CE7-0A9A-6234008D11EE}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23481C75-AA13-858C-C707-51D7744F2309}" = CCC Help English
"{2481EC4A-B95E-6B1F-9240-EC3C7A72CF6F}" = Skins
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7 Update 2
"{26C3A7CB-30DC-798B-21CC-63BDF56F0657}" = CCC Help Chinese Traditional
"{28240E4E-E367-7844-846E-4E8427B53211}" = CCC Help Spanish
"{2A1BC0F0-110B-EDD7-4C3D-0864DEF60677}" = CCC Help Turkish
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{30FF885C-FDFA-4C9A-9492-486E70DCE8AE}" = JD Common Loader
"{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2
"{3179E96B-2CCF-A00A-5738-4C14DBA0DACA}" = CCC Help Chinese Traditional
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3828EC4B-D4B9-A742-4D81-9C0A3C72DF8A}" = CCC Help English
"{384D85DA-E2A5-4A47-8597-0C776A562AC2}" = JD NetComm Serial
"{3BDCECE1-F7F8-81E3-EE26-AF8FD5172A56}" = CCC Help German
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C637334-FE5D-E488-4F11-BF9EFD6ADAA9}" = CCC Help English
"{3C9772FC-69C6-4856-B1CA-22E0DA02FFAF}" = MiraScan 6.1(5150C)
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FAF52DB-8007-48D1-98E0-A388B92057CC}" = VMR Client Install
"{3FE7D2BF-DB37-429A-B47E-5DE073404A42}" = Seemage Players
"{406AE7DC-5FD1-FC3A-00F5-024AD25DF01B}" = CCC Help Danish
"{41B4F085-82E5-C9C2-9AB3-65D67EF60883}" = CCC Help Italian
"{41BCC278-007E-993C-61DC-25B86926F45E}" = CCC Help Finnish
"{433AA25B-442D-D97B-6492-71D2747355DB}" = ccc-utility
"{455C773B-A2CC-44A1-812E-A6C84EF78AB2}" = JD NetComm V2
"{4644EC10-EFE8-0235-41CC-C48491CF83E3}" = CCC Help Greek
"{4655D394-1F7C-F51A-70BC-0561FF71E9D7}" = CCC Help Norwegian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A742CBE-078E-03FF-C7D5-B3E1B676BDF2}" = CCC Help Czech
"{4B6DD00B-BC05-185B-BE8B-997A23B367C4}" = CCC Help Chinese Traditional
"{4BE9562E-A31B-A5FF-5DF9-A69F9CB74746}" = CCC Help Japanese
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{510414A2-0F14-4DB8-BDF2-C98A6E1D1367}" = Connectivity Abstraction Layer
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59A86970-E9AB-0D1D-A269-2381A89F0CF2}" = Catalyst Control Center InstallProxy
"{5D1EA3CE-3356-2EB7-A5C7-2F2608BDEACB}" = CCC Help German
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DCB68D8-686F-0550-6DD3-957A366F8F99}" = CCC Help Norwegian
"{5DE5512A-6F6F-43FB-82C6-9A523E3AC771}" = NEXIQ Readings
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5F1AE198-965A-C65D-218A-B76F19B86BEC}" = CCC Help German
"{5FEEB4D3-31F1-FF10-5F61-A988CD44CA59}" = CCC Help Hungarian
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{61BCD850-1A0F-E253-06FF-2A9778945765}" = ccc-core-static
"{6264F0C5-3D33-A669-62ED-AD8E325723BB}" = Catalyst Control Center Core Implementation
"{651CD0A0-8B64-B3F1-23B9-294C39F09A31}" = CCC Help Finnish
"{653B7F6E-F594-4B55-61BA-78F8FE6E500A}" = CCC Help Finnish
"{76B0FAA5-C23B-58E8-EB51-1195A4D6BEB7}" = Catalyst Control Center Localization All
"{77514C51-66D9-2F7C-56D8-5495B8CFAF5E}" = CCC Help French
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{792A669E-71A6-9210-2C06-3FCF0DDFC4C5}" = Catalyst Control Center Localization All
"{7AB96F30-68CC-1F9E-A7C4-7A80FF06EFAC}" = CCC Help Dutch
"{81A917A1-DBA3-3639-53DA-B6E833D41A57}" = ccc-utility
"{821CF756-EDC0-5A8C-6ECA-3F4682DEAFD1}" = CCC Help French
"{8241B54B-EE5B-468E-A2F9-7B210D5BDFCB}" = JD Field General
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BF9176-882C-3AE7-3E1F-3F7E62EFD459}" = ccc-core-preinstall
"{856499F9-51B6-C958-BADC-0B2F930ED59E}" = CCC Help Swedish
"{860BD052-49CB-7220-8792-15523D08C2A2}" = CCC Help Korean
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C93615B-5333-B61B-625E-0D4DCD9E09CA}" = CCC Help Norwegian
"{8FB7E2C1-13A7-F9A0-277F-8CFB5B198E7E}" = CCC Help Polish
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{932B8CC5-06AB-375C-42B9-B0CB58BC7019}" = Catalyst Control Center HydraVision Full
"{950A97A5-F8AF-26C7-8F8B-47F7C1F03363}" = CCC Help Portuguese
"{96A092BE-173D-6824-14FD-1C8C0477C1D1}" = CCC Help Greek
"{98282981-0E26-50CD-6D7F-F0E3E3DF6486}" = Catalyst Control Center Graphics Full Existing
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BA4C082-183A-4869-06DB-4F563355D33F}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2B41C5-919A-7037-F5E8-42A5E90873B8}" = Catalyst Control Center Graphics Previews Common
"{A0A087E5-149E-EC75-F45D-3A3C04344B4A}" = Catalyst Control Center Graphics Previews Common
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A7836FF5-7293-40A4-B86E-E2038F82E8F3}" = AVG 2012
"{A8248F67-8160-7AAB-371F-03221340D539}" = CCC Help Italian
"{A997829F-090A-06FC-ADDA-B907E0D2562E}" = AMD Catalyst Install Manager
"{AB0BFB0B-116C-54DA-1B41-CBBE94B43007}" = CCC Help Czech
"{AB4FE709-7AC5-A7FF-A947-A110CEFCB074}" = CCC Help Hungarian
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{B0043B14-E6FE-67F1-54A8-DA2C8DA5B1FA}" = CCC Help Portuguese
"{B17C8039-DDDE-E6DE-3632-40186451799C}" = CCC Help Polish
"{B2420CAA-ADC1-8581-938A-2B25C22EF17A}" = ccc-utility
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B31FFE22-A9BB-CB94-F91B-E678B8645D49}" = Catalyst Control Center Localization All
"{B3736663-7797-9F1E-77E8-6D78021B2921}" = CCC Help Danish
"{B57890F1-05B2-265D-62A6-C4B8EF212786}" = CCC Help French
"{B802B2D2-C777-1876-8204-C0F360CBF955}" = CCC Help Dutch
"{B80964E3-9445-46C3-3A2F-6556B595CBAC}" = Catalyst Control Center Graphics Light
"{B81D9181-67D7-6A90-78EA-34108EBBCF7F}" = CCC Help Thai
"{BA314F9D-8401-1E44-11BF-F112E93F465E}" = CCC Help English
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{BEB0B424-3692-E0DC-8D25-04A36C7AB580}" = CCC Help Portuguese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4574477-C9FA-CF5F-B5AC-D379D655A962}" = CCC Help Chinese Standard
"{C4842EAA-7ACA-3466-9DC0-D0BF174B9F6E}" = CCC Help Chinese Standard
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{C6BD88D1-A8D3-B46F-781E-80A6A6927E09}" = CCC Help Chinese Standard
"{C6E36857-F622-4DF5-B458-05752A4D13F0}" = Software602 Form Filler
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBA4DD0F-0871-39EB-A48B-03BC9E5E437B}" = CCC Help Japanese
"{CE09BA21-399C-FCE7-E2E5-C9BCF14D61F3}" = CCC Help Russian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D3CD290C-C254-F440-962D-F9D0E60DD3F4}" = CCC Help Danish
"{D410670C-B1B7-E7A4-0CD1-5C18669D35E5}" = Catalyst Control Center Graphics Previews Common
"{DA3DB4D7-429D-4292-F855-C47C6EA1AFF8}" = CCC Help Thai
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE0C72A8-B4A3-4B80-3CF9-2DC45CF865D5}" = CCC Help Spanish
"{DE464235-13EC-F0E2-2608-9A8103F52DF8}" = CCC Help Japanese
"{E5B2C34F-BEDE-5AF8-DBD3-C05E8C030588}" = CCC Help Italian
"{E5DD5532-5CE8-8A47-C05F-DD8EC0ED3557}" = CCC Help Korean
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{E8D9FAA2-D3DB-7FA3-3FFE-0AC935251F99}" = CCC Help Swedish
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{F0A6D1C4-7E73-963B-C4C6-C97121B1992B}" = CCC Help Turkish
"{F1100000-0008-0000-0001-074957833700}" = ABBYY FineReader 11
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5A1FC59-3573-47D8-BEF2-A89F74C85A22}" = JD Payload Processor
"{F748B53A-A58F-17B4-F380-08EF92B6A6F4}" = CCC Help Korean
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F937494E-4340-FFB4-6911-54E9FB4B5998}" = CCC Help Thai
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FA584B62-7ECF-A981-0D1E-A8BE67C604DB}" = Catalyst Control Center Graphics Previews Common
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FBFC6AFA-082C-CBEC-3D28-1EE9CA16D029}" = ccc-utility
"{FF9B0E3E-9D2E-2560-EEA2-BB35A369C491}" = CCC Help Russian
"1ClickDownloader" = 1ClickDownloader
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2012
"CANONBJ_Deinstall_CNMCP53.DLL" = Canon i350
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.2.0a
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"ECULP4_is1" = ECULP 4.0
"EPSON Scanner" = EPSON Scan
"EPSON SX420W Series" = EPSON SX420W Series Printer Uninstall
"EPSON SX420W Series Manual" = EPSON SX420W Series Manuál
"EPSON SX420W Series Network Guide" = EPSON SX420W Series Síťová příručka
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FCleaner_is1" = FCleaner 1.3.1.621
"FormatFactory" = FormatFactory 2.95
"GOM Player" = GOM Player
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"nLite_is1" = nLite 1.4.8
"Opera 11.64.1403" = Opera 11.64
"Polda III čára_is1" = Polda III čára
"Polda III karty_is1" = Polda III karty
"Pošta a kancelář 3_is1" = Pošta a kancelář 3.6
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"Traktor 2_is1" = Traktor 2
"Trine 2_is1" = Trine 2
"V3.2_is1" = File Scavenger 3.2
"VideoGet_is1" = Nuclear Coffee - VideoGet
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"f0baf5f646f6f4a5" = Výpočet DPH podle §37

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 21.5.2012 16:12:36 | Computer Name = ADMIN | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 21.5.2012 16:16:45 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 21.5.2012 16:16:45 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 21.5.2012 16:17:24 | Computer Name = ADMIN | Source = Application Error | ID = 1000
Description = Chybující aplikace gom.exe, verze 2.1.36.5083, chybující modul qdvd.dll,
verze 6.5.2600.6169, adresa chyby 0x00011723.

Error - 21.5.2012 16:21:05 | Computer Name = ADMIN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 21.5.2012 16:21:08 | Computer Name = ADMIN | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 22.5.2012 2:19:55 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 22.5.2012 2:19:55 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 22.5.2012 2:23:59 | Computer Name = ADMIN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 22.5.2012 2:24:02 | Computer Name = ADMIN | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

[ Application Events ]
Error - 21.5.2012 16:12:36 | Computer Name = ADMIN | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 21.5.2012 16:16:45 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 21.5.2012 16:16:45 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 21.5.2012 16:17:24 | Computer Name = ADMIN | Source = Application Error | ID = 1000
Description = Chybující aplikace gom.exe, verze 2.1.36.5083, chybující modul qdvd.dll,
verze 6.5.2600.6169, adresa chyby 0x00011723.

Error - 21.5.2012 16:21:05 | Computer Name = ADMIN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 21.5.2012 16:21:08 | Computer Name = ADMIN | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

Error - 22.5.2012 2:19:55 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 8313
Description = Error in mapping SQL Server performance object/counter indexes to
object/counter names. SQL Server performance counters are disabled.

Error - 22.5.2012 2:19:55 | Computer Name = ADMIN | Source = MSSQLSERVER | ID = 3409
Description = Performance counter shared memory setup failed with error -1. Reinstall
sqlctr.ini for this instance, and ensure that the instance login account has correct
registry permissions.

Error - 22.5.2012 2:23:59 | Computer Name = ADMIN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro WmiApRpl (WmiApRpl).
Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 22.5.2012 2:24:02 | Computer Name = ADMIN | Source = LoadPerf | ID = 3006
Description = Nelze číst řetězce čítače výkonu ID jazyka 005. Stav Win32 vrácený
voláním je v první hodnotě DWORD v datové oblasti.

[ System Events ]
Error - 20.5.2012 12:55:41 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 20.5.2012 13:09:54 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 21.5.2012 3:08:35 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 21.5.2012 8:34:08 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 21.5.2012 9:14:13 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 21.5.2012 10:34:00 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 21.5.2012 13:12:52 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 21.5.2012 16:08:30 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 21.5.2012 16:17:06 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 22.5.2012 2:20:03 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000
Description = Služba PAR1284 neuspěla při spuštění v důsledku následující chyby:
%%20


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... t=1&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}&q={searchTerms}&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\..\SearchScopes,DefaultScope = {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7866A522-A298-43B8-BCBC-089733E28918}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =827316&p={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... t=1&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}&q={searchTerms}&barid={41136AC9-9C0D-11E1-A6FE-00241D100EE8}
IE - HKCU\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=en&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
[2012.05.13 16:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\extensions
O1 HOSTS File: ([2012.05.19 15:15:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 1
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
@Alternate Data Stream - 241 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Program Files\ESET
C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe
C:\Documents and Settings\uživatel\Plocha\aswMBR.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\uživatel\Plocha\tdsskiller.zip
C:\WINDOWS\ativpsrm.bin
C:\WINDOWS\System32\d3d9caps.dat
C:\Documents and Settings\All Users\Data aplikací\AVAST Software

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.


V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\WinInit.Ini

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

C:\Documents and Settings\uživatel\s-1-5-21-854245398-1383384898-839522115-1003.rrr
C:\Documents and Settings\uživatel\Data aplikací\avv
Pokud to neznáš , dej též na VT , avv otevři a dej sem screen.

[mafian]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7866A522-A298-43B8-BCBC-089733E28918}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7866A522-A298-43B8-BCBC-089733E28918}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}\ not found.
C:\Documents and Settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\extensions folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInstrumentation deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Search the Web\ deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\PerfStringBackup.TMP moved successfully.
C:\WINDOWS\DUMP7752.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Program Files\ESET\ESET Online Scanner\Quarantine folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\temp folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\oldfiles folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\continuous folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules\data folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner\Modules folder moved successfully.
C:\Program Files\ESET\ESET Online Scanner folder moved successfully.
C:\Program Files\ESET folder moved successfully.
C:\Documents and Settings\uživatel\Plocha\esetsmartinstaller_enu.exe moved successfully.
C:\Documents and Settings\uživatel\Plocha\aswMBR.exe moved successfully.
File\Folder [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] not found.
File\Folder [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] not found.
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\uživatel\Plocha\tdsskiller.zip moved successfully.
C:\WINDOWS\ativpsrm.bin moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVAST Software folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Opera cache emptied: 21075577 bytes
->Flash cache emptied: 1021 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User

User: uživatel

User: uživatel
->Temp folder emptied: 236282506 bytes
->Temporary Internet Files folder emptied: 37188 bytes
->Opera cache emptied: 13445608 bytes
->Flash cache emptied: 1247 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 147808 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 55646804 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 312,00 mb


OTL by OldTimer - Version 3.2.43.1 log created on 05222012_110257

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_be4.dat not found!

Registry entries deleted on Reboot...

[mafian]

https://www.virustotal.com/file/76536c7 ... 337677895/
https://www.virustotal.com/file/2e13b19 ... 337678320/
to avv byla nějaký instalátor avastu už jsem ho smazal.

[jaro3]

Jak to vypadá nyní?

[mafian]

jo vyhledávání funguje jen je zase problém s aktualizací net framework dám instalaci jak expresní tak ruční to je jedno a vždy ukáže dokončeno a zavřít dám to a jakmile vypnu zapnu pc tak je chce zase ty samý aktualizace instalovat opět povolim nainstalujou se jakoby a po restartu pc zase je chce instalovat.

[jaro3]

Hm , koukni se do nainstalovaných aktualizacích a odinstaluj ty neúspěšné.Restart PC.Pak přes win update , zase zkus nainstalovat.