Prosím o kontrolu logu + Vyřešeno

[dvorak.josef01]

Dobrý den. Prosím o kontrolu logu. Včra se zdálo vše v pořádku. Dnes pc zasekaný a některé stránky např mail se ani nenačte. Pc sem pročistil ATF Clenaer a C Cleanerem. Posilam log z Malware a z Hijack Děkuji
Malwarebytes Anti-Malware 1.65.1.1000
http://www.malwarebytes.org

Verze databáze: v2012.12.16.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Josef :: PCDVORAK [administrátor]

16.12.2012 10:02:42
mbam-log-2012-12-16 (10-02-42).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 190336
Uplynulý čas: 8 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:25:14, on 16.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Josef\Dokumenty\Stažené soubory\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 6794 bytes

[Reklama]

[Žbeky]

Fixni:

Kód: Vybrat vše

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottim
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[dvorak.josef01]

Posilam oba logy Combo trval pomerne dlouho nez se spustil. Díky
13:26:49.0109 2880 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:26:51.0109 2880 ============================================================
13:26:51.0109 2880 Current date / time: 2012/12/16 13:26:51.0109
13:26:51.0109 2880 SystemInfo:
13:26:51.0109 2880
13:26:51.0109 2880 OS Version: 5.1.2600 ServicePack: 3.0
13:26:51.0109 2880 Product type: Workstation
13:26:51.0109 2880 ComputerName: PCDVORAK
13:26:51.0109 2880 UserName: Josef
13:26:51.0109 2880 Windows directory: C:\WINDOWS
13:26:51.0109 2880 System windows directory: C:\WINDOWS
13:26:51.0109 2880 Processor architecture: Intel x86
13:26:51.0109 2880 Number of processors: 1
13:26:51.0109 2880 Page size: 0x1000
13:26:51.0109 2880 Boot type: Normal boot
13:26:51.0109 2880 ============================================================
13:26:56.0140 2880 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:26:56.0328 2880 Drive \Device\Harddisk1\DR2 - Size: 0x1DD80000 (0.47 Gb), SectorSize: 0x200, Cylinders: 0x3C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:26:56.0375 2880 Drive \Device\Harddisk5\DR18 - Size: 0x7940000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:26:56.0375 2880 ============================================================
13:26:56.0375 2880 \Device\Harddisk0\DR0:
13:26:56.0390 2880 MBR partitions:
13:26:56.0390 2880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
13:26:56.0390 2880 \Device\Harddisk1\DR2:
13:26:56.0390 2880 MBR partitions:
13:26:56.0390 2880 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0xEF, BlocksNum 0xEEB11
13:26:56.0390 2880 \Device\Harddisk5\DR18:
13:26:56.0390 2880 MBR partitions:
13:26:56.0390 2880 ============================================================
13:26:56.0640 2880 C: <-> \Device\Harddisk0\DR0\Partition1
13:26:56.0765 2880 ============================================================
13:26:56.0765 2880 Initialize success
13:26:56.0765 2880 ============================================================
13:26:59.0078 4060 ============================================================
13:26:59.0078 4060 Scan started
13:26:59.0078 4060 Mode: Manual;
13:26:59.0078 4060 ============================================================
13:27:01.0156 4060 ================ Scan system memory ========================
13:27:01.0265 4060 System memory - ok
13:27:01.0265 4060 ================ Scan services =============================
13:27:01.0640 4060 Abiosdsk - ok
13:27:01.0656 4060 abp480n5 - ok
13:27:01.0765 4060 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:27:01.0859 4060 ACDaemon - ok
13:27:01.0875 4060 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:27:01.0890 4060 ACPI - ok
13:27:01.0921 4060 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:27:01.0921 4060 ACPIEC - ok
13:27:02.0062 4060 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:27:02.0078 4060 AdobeFlashPlayerUpdateSvc - ok
13:27:02.0093 4060 adpu160m - ok
13:27:02.0125 4060 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:27:02.0140 4060 aec - ok
13:27:02.0187 4060 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:27:02.0203 4060 AFD - ok
13:27:02.0218 4060 Aha154x - ok
13:27:02.0234 4060 aic78u2 - ok
13:27:02.0281 4060 aic78xx - ok
13:27:02.0296 4060 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:27:02.0296 4060 Alerter - ok
13:27:02.0312 4060 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
13:27:02.0312 4060 ALG - ok
13:27:02.0343 4060 AliIde - ok
13:27:02.0375 4060 [ 0A4D13B388C814560BD69C3A496ECFA8 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
13:27:02.0375 4060 AmdK8 - ok
13:27:02.0390 4060 amsint - ok
13:27:02.0406 4060 AppMgmt - ok
13:27:02.0421 4060 asc - ok
13:27:02.0437 4060 asc3350p - ok
13:27:02.0453 4060 asc3550 - ok
13:27:02.0500 4060 aspnet_state - ok
13:27:02.0515 4060 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:27:02.0515 4060 AsyncMac - ok
13:27:02.0546 4060 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:27:02.0546 4060 atapi - ok
13:27:02.0562 4060 Atdisk - ok
13:27:02.0593 4060 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:27:02.0593 4060 Atmarpc - ok
13:27:02.0609 4060 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:27:02.0609 4060 AudioSrv - ok
13:27:02.0656 4060 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:27:02.0656 4060 audstub - ok
13:27:02.0703 4060 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:27:02.0703 4060 Beep - ok
13:27:02.0734 4060 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
13:27:02.0781 4060 BITS - ok
13:27:02.0828 4060 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
13:27:02.0843 4060 Browser - ok
13:27:02.0890 4060 [ DF863A3F97A8CBF9E7FBBC2A0854F582 ] BT848 C:\WINDOWS\system32\drivers\wf2kvcap.sys
13:27:02.0921 4060 BT848 - ok
13:27:03.0062 4060 catchme - ok
13:27:03.0093 4060 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:27:03.0093 4060 cbidf2k - ok
13:27:03.0140 4060 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:27:03.0140 4060 CCDECODE - ok
13:27:03.0156 4060 cd20xrnt - ok
13:27:03.0187 4060 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:27:03.0187 4060 Cdaudio - ok
13:27:03.0203 4060 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:27:03.0203 4060 Cdfs - ok
13:27:03.0218 4060 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:27:03.0234 4060 Cdrom - ok
13:27:03.0250 4060 Changer - ok
13:27:03.0265 4060 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:27:03.0265 4060 CiSvc - ok
13:27:03.0296 4060 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:27:03.0296 4060 ClipSrv - ok
13:27:03.0312 4060 CmdIde - ok
13:27:03.0328 4060 COMSysApp - ok
13:27:03.0359 4060 Cpqarray - ok
13:27:03.0390 4060 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:27:03.0390 4060 CryptSvc - ok
13:27:03.0406 4060 dac2w2k - ok
13:27:03.0421 4060 dac960nt - ok
13:27:03.0468 4060 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:27:03.0484 4060 DcomLaunch - ok
13:27:03.0515 4060 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:27:03.0531 4060 Dhcp - ok
13:27:03.0546 4060 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:27:03.0546 4060 Disk - ok
13:27:03.0562 4060 dmadmin - ok
13:27:03.0640 4060 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:27:03.0656 4060 dmboot - ok
13:27:03.0671 4060 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:27:03.0671 4060 dmio - ok
13:27:03.0703 4060 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:27:03.0703 4060 dmload - ok
13:27:03.0718 4060 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:27:03.0734 4060 dmserver - ok
13:27:03.0750 4060 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:27:03.0750 4060 DMusic - ok
13:27:03.0781 4060 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:27:03.0796 4060 Dnscache - ok
13:27:03.0953 4060 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:27:03.0953 4060 Dot3svc - ok
13:27:03.0968 4060 dpti2o - ok
13:27:03.0984 4060 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:27:03.0984 4060 drmkaud - ok
13:27:04.0015 4060 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:27:04.0015 4060 EapHost - ok
13:27:04.0046 4060 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:27:04.0046 4060 ERSvc - ok
13:27:04.0078 4060 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
13:27:04.0093 4060 Eventlog - ok
13:27:04.0109 4060 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
13:27:04.0109 4060 EventSystem - ok
13:27:04.0140 4060 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:27:04.0140 4060 Fastfat - ok
13:27:04.0171 4060 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:27:04.0171 4060 FastUserSwitchingCompatibility - ok
13:27:04.0187 4060 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:27:04.0187 4060 Fdc - ok
13:27:04.0203 4060 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:27:04.0203 4060 Fips - ok
13:27:04.0218 4060 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:27:04.0218 4060 Flpydisk - ok
13:27:04.0250 4060 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:27:04.0250 4060 FltMgr - ok
13:27:04.0281 4060 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:27:04.0281 4060 Fs_Rec - ok
13:27:04.0296 4060 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:27:04.0406 4060 Ftdisk - ok
13:27:04.0437 4060 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:27:04.0437 4060 Gpc - ok
13:27:04.0453 4060 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:27:04.0453 4060 HDAudBus - ok
13:27:04.0500 4060 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:27:04.0500 4060 helpsvc - ok
13:27:04.0531 4060 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
13:27:04.0531 4060 HidServ - ok
13:27:04.0578 4060 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:27:04.0578 4060 HidUsb - ok
13:27:04.0609 4060 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:27:04.0625 4060 hkmsvc - ok
13:27:04.0625 4060 hpn - ok
13:27:04.0687 4060 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
13:27:04.0718 4060 HPZid412 - ok
13:27:04.0828 4060 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
13:27:04.0921 4060 HPZipr12 - ok
13:27:04.0953 4060 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
13:27:04.0953 4060 HPZius12 - ok
13:27:05.0015 4060 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:27:05.0015 4060 HTTP - ok
13:27:05.0046 4060 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:27:05.0046 4060 HTTPFilter - ok
13:27:05.0062 4060 i2omgmt - ok
13:27:05.0078 4060 i2omp - ok
13:27:05.0093 4060 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:27:05.0093 4060 i8042prt - ok
13:27:05.0140 4060 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:27:05.0140 4060 Imapi - ok
13:27:05.0171 4060 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:27:05.0171 4060 ImapiService - ok
13:27:05.0187 4060 ini910u - ok
13:27:05.0312 4060 [ B2957D6C1226F029230DAC2C46D34286 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:27:05.0406 4060 IntcAzAudAddService - ok
13:27:05.0421 4060 IntelIde - ok
13:27:05.0437 4060 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:27:05.0437 4060 Ip6Fw - ok
13:27:05.0468 4060 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:27:05.0468 4060 IpFilterDriver - ok
13:27:05.0484 4060 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:27:05.0484 4060 IpInIp - ok
13:27:05.0500 4060 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:27:05.0500 4060 IpNat - ok
13:27:05.0515 4060 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:27:05.0515 4060 IPSec - ok
13:27:05.0546 4060 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:27:05.0546 4060 IRENUM - ok
13:27:05.0562 4060 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:27:05.0578 4060 isapnp - ok
13:27:05.0625 4060 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
13:27:05.0625 4060 JavaQuickStarterService - ok
13:27:05.0656 4060 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:27:05.0656 4060 Kbdclass - ok
13:27:05.0687 4060 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:27:05.0687 4060 kbdhid - ok
13:27:05.0718 4060 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:27:05.0734 4060 kmixer - ok
13:27:05.0765 4060 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:27:05.0765 4060 KSecDD - ok
13:27:05.0796 4060 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
13:27:05.0796 4060 LanmanServer - ok
13:27:05.0828 4060 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:27:05.0843 4060 lanmanworkstation - ok
13:27:05.0843 4060 lbrtfdc - ok
13:27:05.0890 4060 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:27:05.0890 4060 LmHosts - ok
13:27:05.0921 4060 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:27:05.0921 4060 Messenger - ok
13:27:05.0953 4060 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:27:05.0953 4060 mnmdd - ok
13:27:05.0984 4060 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:27:06.0000 4060 mnmsrvc - ok
13:27:06.0031 4060 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:27:06.0031 4060 Modem - ok
13:27:06.0046 4060 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:27:06.0046 4060 Mouclass - ok
13:27:06.0078 4060 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:27:06.0078 4060 mouhid - ok
13:27:06.0140 4060 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:27:06.0156 4060 MountMgr - ok
13:27:06.0203 4060 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:27:06.0203 4060 MozillaMaintenance - ok
13:27:06.0234 4060 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:27:06.0234 4060 MpFilter - ok
13:27:06.0296 4060 MpKsl7226eddb - ok
13:27:06.0312 4060 mraid35x - ok
13:27:06.0312 4060 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:27:06.0328 4060 MRxDAV - ok
13:27:06.0359 4060 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:27:06.0375 4060 MRxSmb - ok
13:27:06.0390 4060 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:27:06.0390 4060 MSDTC - ok
13:27:06.0406 4060 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:27:06.0406 4060 Msfs - ok
13:27:06.0421 4060 MSIServer - ok
13:27:06.0437 4060 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:27:06.0437 4060 MSKSSRV - ok
13:27:06.0500 4060 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:27:06.0500 4060 MsMpSvc - ok
13:27:06.0515 4060 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:27:06.0515 4060 MSPCLOCK - ok
13:27:06.0515 4060 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:27:06.0531 4060 MSPQM - ok
13:27:06.0703 4060 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:27:06.0718 4060 mssmbios - ok
13:27:06.0843 4060 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:27:06.0859 4060 MSTEE - ok
13:27:06.0875 4060 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:27:06.0875 4060 Mup - ok
13:27:06.0953 4060 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:27:06.0968 4060 NABTSFEC - ok
13:27:07.0015 4060 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:27:07.0031 4060 napagent - ok
13:27:07.0046 4060 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:27:07.0046 4060 NDIS - ok
13:27:07.0062 4060 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:27:07.0062 4060 NdisIP - ok
13:27:07.0078 4060 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:27:07.0093 4060 NdisTapi - ok
13:27:07.0109 4060 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:27:07.0109 4060 Ndisuio - ok
13:27:07.0109 4060 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:27:07.0125 4060 NdisWan - ok
13:27:07.0140 4060 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:27:07.0140 4060 NDProxy - ok
13:27:07.0140 4060 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:27:07.0140 4060 NetBIOS - ok
13:27:07.0171 4060 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:27:07.0187 4060 NetBT - ok
13:27:07.0203 4060 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:27:07.0218 4060 NetDDE - ok
13:27:07.0218 4060 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:27:07.0218 4060 NetDDEdsdm - ok
13:27:07.0281 4060 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:27:07.0296 4060 Netlogon - ok
13:27:07.0312 4060 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
13:27:07.0312 4060 Netman - ok
13:27:07.0328 4060 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
13:27:07.0359 4060 Nla - ok
13:27:07.0375 4060 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:27:07.0375 4060 Npfs - ok
13:27:07.0390 4060 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:27:07.0406 4060 Ntfs - ok
13:27:07.0421 4060 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:27:07.0421 4060 NtLmSsp - ok
13:27:07.0453 4060 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:27:07.0515 4060 NtmsSvc - ok
13:27:07.0546 4060 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:27:07.0546 4060 Null - ok
13:27:07.0812 4060 [ 70CB8915895CCB92DDF23CE890C4F5BE ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:27:08.0000 4060 nv - ok
13:27:08.0000 4060 [ 4D6F0D3FB17C1BA64942F415C73ADCDB ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
13:27:08.0015 4060 NVENETFD - ok
13:27:08.0031 4060 [ 921E63AA1E1A20302223D016ACAFB52B ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
13:27:08.0031 4060 nvnetbus - ok
13:27:08.0046 4060 [ F96DF45CFBDC670584293E03C2AB602A ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
13:27:08.0046 4060 NVSvc - ok
13:27:08.0078 4060 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:27:08.0078 4060 NwlnkFlt - ok
13:27:08.0078 4060 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:27:08.0078 4060 NwlnkFwd - ok
13:27:08.0140 4060 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:27:08.0140 4060 odserv - ok
13:27:08.0171 4060 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:27:08.0171 4060 ose - ok
13:27:08.0218 4060 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
13:27:08.0218 4060 Parport - ok
13:27:08.0234 4060 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:27:08.0234 4060 PartMgr - ok
13:27:08.0265 4060 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:27:08.0265 4060 ParVdm - ok
13:27:08.0265 4060 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:27:08.0281 4060 PCI - ok
13:27:08.0281 4060 PCIDump - ok
13:27:08.0312 4060 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:27:08.0312 4060 PCIIde - ok
13:27:08.0343 4060 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:27:08.0343 4060 Pcmcia - ok
13:27:08.0343 4060 PDCOMP - ok
13:27:08.0359 4060 PDFRAME - ok
13:27:08.0375 4060 PDRELI - ok
13:27:08.0390 4060 PDRFRAME - ok
13:27:08.0406 4060 perc2 - ok
13:27:08.0406 4060 perc2hib - ok
13:27:08.0468 4060 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
13:27:08.0468 4060 PlugPlay - ok
13:27:08.0515 4060 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
13:27:08.0546 4060 Pml Driver HPZ12 - ok
13:27:08.0546 4060 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:27:08.0546 4060 PolicyAgent - ok
13:27:08.0578 4060 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:27:08.0578 4060 PptpMiniport - ok
13:27:08.0593 4060 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:27:08.0593 4060 ProtectedStorage - ok
13:27:08.0609 4060 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:27:08.0609 4060 PSched - ok
13:27:08.0640 4060 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:27:08.0640 4060 Ptilink - ok
13:27:08.0640 4060 ql1080 - ok
13:27:08.0656 4060 Ql10wnt - ok
13:27:08.0671 4060 ql12160 - ok
13:27:08.0671 4060 ql1240 - ok
13:27:08.0687 4060 ql1280 - ok
13:27:08.0703 4060 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:27:08.0703 4060 RasAcd - ok
13:27:08.0734 4060 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:27:08.0734 4060 RasAuto - ok
13:27:08.0750 4060 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:27:08.0750 4060 Rasl2tp - ok
13:27:08.0781 4060 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:27:08.0781 4060 RasMan - ok
13:27:08.0796 4060 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:27:08.0796 4060 RasPppoe - ok
13:27:08.0812 4060 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:27:08.0812 4060 Raspti - ok
13:27:08.0828 4060 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:27:08.0828 4060 Rdbss - ok
13:27:08.0843 4060 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:27:08.0843 4060 RDPCDD - ok
13:27:08.0875 4060 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:27:08.0875 4060 RDPWD - ok
13:27:08.0906 4060 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:27:08.0921 4060 RDSessMgr - ok
13:27:08.0953 4060 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:27:08.0953 4060 redbook - ok
13:27:08.0984 4060 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:27:08.0984 4060 RemoteAccess - ok
13:27:09.0000 4060 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:27:09.0015 4060 RpcLocator - ok
13:27:09.0031 4060 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:27:09.0046 4060 RpcSs - ok
13:27:09.0062 4060 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:27:09.0062 4060 RSVP - ok
13:27:09.0078 4060 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
13:27:09.0078 4060 SamSs - ok
13:27:09.0109 4060 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:27:09.0125 4060 SCardSvr - ok
13:27:09.0140 4060 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:27:09.0156 4060 Schedule - ok
13:27:09.0171 4060 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:27:09.0171 4060 Secdrv - ok
13:27:09.0203 4060 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:27:09.0203 4060 seclogon - ok
13:27:09.0203 4060 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
13:27:09.0203 4060 SENS - ok
13:27:09.0234 4060 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:27:09.0234 4060 serenum - ok
13:27:09.0250 4060 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:27:09.0250 4060 Serial - ok
13:27:09.0281 4060 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:27:09.0281 4060 Sfloppy - ok
13:27:09.0296 4060 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:27:09.0312 4060 SharedAccess - ok
13:27:09.0328 4060 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:27:09.0328 4060 ShellHWDetection - ok
13:27:09.0343 4060 Simbad - ok
13:27:09.0359 4060 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:27:09.0375 4060 SLIP - ok
13:27:09.0375 4060 Sparrow - ok
13:27:09.0390 4060 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:27:09.0406 4060 splitter - ok
13:27:09.0437 4060 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:27:09.0437 4060 Spooler - ok
13:27:09.0500 4060 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:27:09.0531 4060 sr - ok
13:27:09.0546 4060 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
13:27:09.0562 4060 srservice - ok
13:27:09.0609 4060 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:27:09.0609 4060 Srv - ok
13:27:09.0640 4060 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:27:09.0640 4060 SSDPSRV - ok
13:27:09.0687 4060 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
13:27:09.0687 4060 StillCam - ok
13:27:09.0718 4060 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:27:09.0718 4060 stisvc - ok
13:27:09.0750 4060 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:27:09.0750 4060 streamip - ok
13:27:09.0781 4060 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:27:09.0796 4060 swenum - ok
13:27:09.0812 4060 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:27:09.0812 4060 swmidi - ok
13:27:09.0828 4060 SwPrv - ok
13:27:09.0843 4060 symc810 - ok
13:27:09.0859 4060 symc8xx - ok
13:27:09.0859 4060 sym_hi - ok
13:27:09.0875 4060 sym_u3 - ok
13:27:09.0906 4060 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:27:09.0906 4060 sysaudio - ok
13:27:09.0953 4060 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:27:09.0953 4060 SysmonLog - ok
13:27:09.0984 4060 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:27:10.0015 4060 TapiSrv - ok
13:27:10.0078 4060 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:27:10.0109 4060 Tcpip - ok
13:27:10.0171 4060 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:27:10.0171 4060 TDPIPE - ok
13:27:10.0218 4060 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:27:10.0250 4060 TDTCP - ok
13:27:10.0343 4060 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:27:10.0406 4060 TermDD - ok
13:27:10.0484 4060 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
13:27:10.0500 4060 TermService - ok
13:27:10.0531 4060 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:27:10.0562 4060 Themes - ok
13:27:10.0578 4060 TosIde - ok
13:27:10.0625 4060 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:27:10.0625 4060 TrkWks - ok
13:27:10.0750 4060 [ DEC0E131B20F36246549C0DB2B23A677 ] tv2ktunr C:\WINDOWS\system32\drivers\wf2ktunr.sys
13:27:10.0765 4060 tv2ktunr - ok
13:27:10.0796 4060 [ 53DB0D251B022C034A1EB0B8B7264CC5 ] Tv2kXbar C:\WINDOWS\system32\drivers\wf2kxbar.sys
13:27:10.0812 4060 Tv2kXbar - ok
13:27:10.0843 4060 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:27:10.0875 4060 Udfs - ok
13:27:10.0953 4060 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
13:27:10.0953 4060 UleadBurningHelper - ok
13:27:10.0968 4060 ultra - ok
13:27:11.0000 4060 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:27:11.0015 4060 Update - ok
13:27:11.0046 4060 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
13:27:11.0078 4060 upnphost - ok
13:27:11.0109 4060 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
13:27:11.0109 4060 UPS - ok
13:27:11.0140 4060 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:27:11.0156 4060 usbccgp - ok
13:27:11.0171 4060 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:27:11.0187 4060 usbehci - ok
13:27:11.0250 4060 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:27:11.0250 4060 usbhub - ok
13:27:11.0343 4060 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:27:11.0343 4060 usbohci - ok
13:27:11.0375 4060 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:27:11.0375 4060 usbprint - ok
13:27:11.0406 4060 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:27:11.0500 4060 usbscan - ok
13:27:11.0515 4060 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:27:11.0515 4060 usbstor - ok
13:27:11.0546 4060 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:27:11.0578 4060 VgaSave - ok
13:27:11.0593 4060 ViaIde - ok
13:27:11.0640 4060 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:27:11.0640 4060 VolSnap - ok
13:27:11.0687 4060 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
13:27:11.0687 4060 VSS - ok
13:27:11.0734 4060 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
13:27:11.0750 4060 W32Time - ok
13:27:11.0781 4060 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:27:11.0781 4060 Wanarp - ok
13:27:11.0796 4060 WDICA - ok
13:27:11.0812 4060 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:27:11.0828 4060 wdmaud - ok
13:27:11.0843 4060 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:27:11.0843 4060 WebClient - ok
13:27:11.0906 4060 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:27:11.0921 4060 winmgmt - ok
13:27:12.0031 4060 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:27:12.0156 4060 WinRM - ok
13:27:12.0234 4060 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:27:12.0250 4060 WmdmPmSN - ok
13:27:12.0296 4060 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:27:12.0328 4060 WmiApSrv - ok
13:27:12.0421 4060 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:27:12.0546 4060 WMPNetworkSvc - ok
13:27:12.0640 4060 WPFFontCache_v0400 - ok
13:27:12.0718 4060 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:27:12.0718 4060 WS2IFSL - ok
13:27:12.0750 4060 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:27:12.0781 4060 wscsvc - ok
13:27:12.0812 4060 WSearch - ok
13:27:12.0875 4060 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:27:12.0875 4060 WSTCODEC - ok
13:27:12.0921 4060 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:27:12.0937 4060 wuauserv - ok
13:27:12.0968 4060 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:27:12.0968 4060 WudfPf - ok
13:27:13.0015 4060 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:27:13.0031 4060 WudfRd - ok
13:27:13.0156 4060 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:27:13.0187 4060 WudfSvc - ok
13:27:13.0312 4060 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:27:13.0390 4060 WZCSVC - ok
13:27:13.0437 4060 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:27:13.0640 4060 xmlprov - ok
13:27:13.0671 4060 ================ Scan global ===============================
13:27:13.0703 4060 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
13:27:13.0734 4060 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
13:27:13.0781 4060 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
13:27:13.0796 4060 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
13:27:13.0812 4060 [Global] - ok
13:27:13.0812 4060 ================ Scan MBR ==================================
13:27:13.0828 4060 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
13:27:14.0718 4060 \Device\Harddisk0\DR0 - ok
13:27:14.0812 4060 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR2
13:27:14.0859 4060 \Device\Harddisk1\DR2 - ok
13:27:14.0890 4060 [ 28CB8B88CDA87F14E1229B9498D9FCB8 ] \Device\Harddisk5\DR18
13:27:15.0796 4060 \Device\Harddisk5\DR18 - ok
13:27:15.0796 4060 ================ Scan VBR ==================================
13:27:15.0812 4060 [ 0C6D3C2A512729E8ED686DD06FF635C5 ] \Device\Harddisk0\DR0\Partition1
13:27:15.0828 4060 \Device\Harddisk0\DR0\Partition1 - ok
13:27:15.0843 4060 [ 4FD5AD740CE2DB051A21760D0E3F1A4D ] \Device\Harddisk1\DR2\Partition1
13:27:15.0843 4060 \Device\Harddisk1\DR2\Partition1 - ok
13:27:15.0843 4060 ============================================================
13:27:15.0843 4060 Scan finished
13:27:15.0843 4060 ============================================================
13:27:15.0875 2216 Detected object count: 0
13:27:15.0875 2216 Actual detected object count: 0
13:27:24.0765 4036 Deinitialize success

[dvorak.josef01]

ComboFix 12-12-14.01 - Josef 16.12.2012 14:01:22.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.447.209 [GMT 1:00]
Spuštěný z: c:\documents and settings\Josef\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-16 do 2012-12-16 )))))))))))))))))))))))))))))))
.
.
2012-12-15 13:44 . 2012-12-15 13:44 -------- d-----w- C:\8e8a7f7217b01f5b5544dd307a6dc6
2012-12-14 21:04 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EA6F354E-FF37-4A25-B654-0F6F276C6EE7}\mpengine.dll
2012-12-13 06:45 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-12 20:50 . 2012-12-12 20:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SSScanAppDataDir
2012-12-12 20:50 . 2012-12-12 20:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MSScanAppDataDir
2012-12-12 20:33 . 2012-12-12 20:33 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2012-12-12 20:30 . 2005-03-18 18:32 180315 ----a-w- c:\windows\system32\hpzsnt12.dll
2012-12-10 14:25 . 2012-12-10 14:25 -------- d-----w- c:\documents and settings\Josef\Data aplikací\Apple Computer
2012-12-07 09:02 . 2012-12-07 09:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-07 09:02 . 2012-12-07 09:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-07 09:02 . 2012-12-07 09:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-07 09:02 . 2012-12-07 09:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-07 09:02 . 2012-12-07 09:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-07 09:02 . 2012-12-07 09:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-07 09:02 . 2012-12-07 09:02 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2012-12-07 09:00 . 2012-12-07 09:02 -------- d-----w- c:\program files\QuickTime
2012-12-07 09:00 . 2012-12-07 09:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple Computer
2012-12-07 09:00 . 2012-12-07 09:00 -------- d-----w- c:\program files\Common Files\Apple
2012-12-07 08:59 . 2012-12-07 08:59 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Apple
2012-12-07 08:59 . 2012-12-07 08:59 -------- d-----w- c:\program files\Apple Software Update
2012-12-07 08:59 . 2012-12-07 08:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple
2012-12-07 08:59 . 2012-12-07 08:59 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Apple Computer
2012-12-02 16:36 . 2001-10-24 11:02 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2012-12-02 16:36 . 2001-10-24 11:02 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2012-12-02 16:36 . 2001-10-24 11:24 37376 -c--a-w- c:\windows\system32\dllcache\kousd.dll
2012-12-02 16:36 . 2001-10-24 11:24 37376 ----a-w- c:\windows\system32\kousd.dll
2012-12-02 16:36 . 2001-10-24 11:24 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2012-12-02 16:36 . 2001-10-24 11:24 71680 ----a-w- c:\windows\system32\fnfilter.dll
2012-11-17 07:53 . 2012-11-17 07:53 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\PCHealth
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-21 14:04 . 2012-03-31 09:35 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-21 14:04 . 2012-03-17 20:01 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-13 11:55 . 2008-04-14 05:45 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 00:41 . 2008-04-14 06:37 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 02:03 . 2008-04-14 06:51 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2008-12-05 11:51 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2008-12-05 11:50 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:12 . 2008-12-05 11:50 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2008-12-05 11:50 385024 ------w- c:\windows\system32\html.iec
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-10 12:19 . 2012-10-10 12:19 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-10 12:19 . 2012-03-15 07:59 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-10 12:19 . 2012-10-10 12:19 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-10 12:19 . 2012-03-13 13:04 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 18:04 . 2008-04-14 06:52 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-29 18:54 . 2012-03-16 14:58 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-06 19:34 . 2012-12-06 19:31 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-12-05 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-08-11 2920448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-05 13574144]
"nwiz"="nwiz.exe" [2008-12-05 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-05 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-05 16861184]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2011-06-08 101888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Josef\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [15.3.2012 10:23 59776]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [15.3.2012 10:23 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [15.3.2012 10:23 9600]
S1 MpKsl7226eddb;MpKsl7226eddb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0C8FF404-696B-4F6E-A15F-E025C7403D91}\MpKsl7226eddb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0C8FF404-696B-4F6E-A15F-E025C7403D91}\MpKsl7226eddb.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 84363586
*Deregistered* - 84363586
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 14:04]
.
2012-12-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.21.0.1 10.21.60.1
FF - ProfilePath - c:\documents and settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-16 14:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG16.00.00.01PROFESSIONAL"="73B9EBC613C1320FC09BA8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA6A0AC4980AC7933A6171C11EC38DE3D957B831426AB161BEB165457E2E2AA31A13053E3E04D4A8781E64FCD5291D2927C5B5C75CBBAC1F9C88A4B07DCF57FB4F1EE49BBB520387C0EF575745AA0460EFEC19D2571942EB7B844F70912CF2BBCA89DFD2F2D24C2069C51CACE0982781DC54E0BF33E63FE8348BF0674D686094F5434293B71FC231E598EAE5E75081B5142D1CF0ADDC3FC23C6AA07360C239C86C5DE62B0B0C032D33678E3F8417480CD27D376E000C5157049E9728C8FA58B10927EA9361B7A6FCBEA8C12C80E00A2CCEA8EEFC8586F575827169E0C46FD9E2E13A8E1C1E7AAFD3BF0F9454A02571C98C7F010639E39FA5B7B77CB9C1A13C5B7E5A451A04F41A47085A8EB50C8992C92BE1D8FA78E11581029901979F7BF9117EA6EA07510A94E472C31D98011DA38AE136A0BE068D5EA2052940EB34ECF38CAC7B760B2EABA89B5AAE0C6D48C23C7F54A62042EEE60D3C6DFE813AD1488936464650223A6460AC189B9CD1B716F0604B0C35C81E975D8D5FCABF49F409C210A6F8FDA628B8DA50699716FF3FB2FC308D5805DA025D462349B2AE595D03883F65A81A7E16848D8B3EA710DD56A46F3C78AC0352870AEFD59ED6AFA6FC5780078D8BD85E58EA2C08C55D5EF8B7E0D2F9B69DDF1869EA75BD36DA12DDFA37080716577F607D3B92268717241B1004F326FCA66897E885A5145553CDA6F722493D6BB18623391A161B21E4B13BAB84CDA43CF9DD2A689D1D5602759C4F9408FEBB55EBA132A25610CEA7D9A566CF739AD2B59F88CE8801009F026CD90309D21DCA99231358070F3CE23F5CDE45F903E54CF11A35506518A2A535A2047941EB7E1E56080DC9E59C77E84B0857802D7F5186DDF7B328E65A91D79900BD77F5BAC993194DF00C3C94111481D19311729F16BD476948AEAA5C9ECE7D700119BF149C4E5413CF9FD2FB521BE6D9012B3E4B55F6A47342C5504BCC5B785A12AE902C9C8F13CB587337AF06ECB96A902C0E9B8AEA40AD5C6DBF248F716B0C7BCBDAF62B1569DA1CC9CA232DAE452D54D7D23E734123A276FE16924F84636FBC4BFA4B7AB2B43884E46202C6E18A13B23FA78236F51158A9E9FE4FE611BB68025EA0EE4081A4E267890F086D2024333969ED83D031720962F9D64F7EDFE1547A20E1B773E61A2EA983296DBD7D6C0CB9F2337FEB9ABA096623B6A2500EE79F8654E01F0E753E9FCDFB1973B705EE1441A168BA5FD6C2388DC2C7F8E1CFC52EF7D237848C2D512B4676D7C27B2F33415C3D74EDFDFC7759FA7F530B26CCDCC3C5A58BEE5B0644C1C2815D317DA850C664020FE5213442C402D750B"
.
Celkový čas: 2012-12-16 14:10:18
ComboFix-quarantined-files.txt 2012-12-16 13:10
.
Před spuštěním: Volných bajtů: 301 389 434 880
Po spuštění: Volných bajtů: 301 405 872 128
.
- - End Of File - - 9810AD8A3EA78722536B5C66CA16BACE

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC na plochu, spusť jej a klikni na Clean up!

+ Nový log z HJT

Jak se chová PC?

[dvorak.josef01]

Stále se nemuzu dostat do mailu. Furt se to nacita a nacita a nic. Zkousel sem to jak v Mozille tak v IE
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:06:56, on 16.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\ICQ7M\ICQ.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Josef\Dokumenty\Stažené soubory\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 6440 bytes

[memphisto]

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na hav컝 “LOP“ a Kontrola na hav컝 “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken mùže trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[dvorak.josef01]

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-16 15:52:59
-----------------------------
15:52:59.890 OS Version: Windows 5.1.2600 Service Pack 3
15:52:59.890 Number of processors: 1 586 0x4F02
15:52:59.890 ComputerName: PCDVORAK UserName: Josef
15:53:03.750 Initialize success
15:53:22.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
15:53:22.625 Disk 0 Vendor: WDC_WD3200AAKX-083CA1 19.01H19 Size: 305245MB BusType: 3
15:53:22.625 Disk 0 MBR read successfully
15:53:22.625 Disk 0 MBR scan
15:53:22.625 Disk 0 Windows XP default MBR code
15:53:22.625 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305242 MB offset 63
15:53:22.625 Disk 0 scanning sectors +625137345
15:53:22.703 Disk 0 scanning C:\WINDOWS\system32\drivers
15:53:26.421 Service scanning
15:53:28.234 Service MpKsl93519b3e c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5D3C7067-16EB-45CB-A223-C09D8D43BC3D}\MpKsl93519b3e.sys **LOCKED** 32
15:53:30.984 Modules scanning
15:53:38.406 Disk 0 trace - called modules:
15:53:38.406 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:53:38.406 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x843fa920]
15:53:38.437 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\0000005b[0x843b9ca8]
15:53:38.437 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x843b96a8]
15:53:38.453 Scan finished successfully
15:53:45.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Josef\Plocha\MBR.dat"
15:53:45.781 The log file has been saved successfully to "C:\Documents and Settings\Josef\Plocha\aswMBR.txt"

[dvorak.josef01]

OTL logfile created on: 16.12.2012 15:55:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Josef\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

447,36 Mb Total Physical Memory | 95,81 Mb Available Physical Memory | 21,42% Memory free
1,03 Gb Paging File | 0,54 Gb Available in Paging File | 52,85% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 280,81 Gb Free Space | 94,20% Space Free | Partition Type: NTFS

Computer Name: PCDVORAK | User Name: Josef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Josef\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
PRC - C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
MOD - C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll ()
MOD - C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll ()
MOD - C:\Program Files\WinFast\WFDTV\WIZLANGCZE.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


========== Services (SafeList) ==========

SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe File not found
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (aswMBR) -- C:\DOCUME~1\Josef\LOCALS~1\Temp\aswMBR.sys File not found
DRV - (MpKsl93519b3e) -- c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5D3C7067-16EB-45CB-A223-C09D8D43BC3D}\MpKsl93519b3e.sys (Microsoft Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (tv2ktunr) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys (Leadtek Research Inc.)
DRV - (BT848) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys (Leadtek Research Inc.)
DRV - (Tv2kXbar) -- C:\WINDOWS\system32\drivers\wf2kXbar.sys (Leadtek Research Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_csCZ475
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5.3
FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: c:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012.03.15 08:59:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 10:02:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.03.17 18:50:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Extensions
[2012.10.25 13:57:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions
[2012.07.26 12:25:42 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.12.15 14:39:09 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin-1.xml
[2012.07.28 13:36:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin-2.xml
[2012.09.20 09:12:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin-3.xml
[2012.10.27 19:29:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin-4.xml
[2012.10.30 20:30:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin-5.xml
[2012.07.24 13:48:30 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin.gif
[2012.07.24 13:48:30 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin.src
[2012.07.17 13:56:32 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\searchplugins\icqplugin.xml
[2012.12.06 20:31:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.12.06 20:34:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JOSEF\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\4ZZNL4NB.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2012.03.15 08:59:15 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.12.06 20:34:48 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.18 08:24:15 | 000,003,581 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.06.08 14:15:33 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.08 14:15:33 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.08 14:15:33 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.08 14:15:33 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.08 14:15:33 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://start.icq.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Josef\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Josef\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Josef\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = c:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\\u00E1v\\u00E1n\\u00ED Google = C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Josef\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.12.16 14:08:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Josef\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.21.0.1 10.21.60.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E12CE711-B596-4BDA-9502-20E1B9F2ACEC}: DhcpNameServer = 10.21.0.1 10.21.60.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.03.13 13:16:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.16 15:54:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Josef\Plocha\OTL.exe
[2012.12.16 15:38:39 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Josef\Plocha\aswMBR.exe
[2012.12.16 15:12:46 | 000,201,728 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Josef\Plocha\OTC.exe
[2012.12.16 15:05:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Josef\Recent
[2012.12.16 15:05:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.15 14:44:42 | 000,000,000 | ---D | C] -- C:\8e8a7f7217b01f5b5544dd307a6dc6
[2012.12.12 21:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2012.12.12 21:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2012.12.12 21:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HP
[2012.12.12 21:33:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012.12.12 21:30:55 | 000,180,315 | ---- | C] (HP) -- C:\WINDOWS\System32\hpzsnt12.dll
[2012.12.10 15:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josef\Data aplikací\Apple Computer
[2012.12.07 10:01:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
[2012.12.07 10:00:56 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.12.07 10:00:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
[2012.12.07 10:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.12.07 09:59:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josef\Local Settings\Data aplikací\Apple
[2012.12.07 09:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012.12.07 09:59:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple
[2012.12.07 09:59:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josef\Local Settings\Data aplikací\Apple Computer
[2012.12.06 20:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.02 17:36:55 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2012.12.02 17:36:51 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kousd.dll
[2012.12.02 17:36:51 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2012.12.02 17:36:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2012.12.02 17:36:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2012.11.17 08:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Josef\Local Settings\Data aplikací\PCHealth

========== Files - Modified Within 30 Days ==========

[2012.12.16 15:58:19 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.12.16 15:54:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Josef\Plocha\OTL.exe
[2012.12.16 15:53:45 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Josef\Plocha\MBR.dat
[2012.12.16 15:43:28 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Josef\Plocha\aswMBR.exe
[2012.12.16 15:12:56 | 000,201,728 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Josef\Plocha\OTC.exe
[2012.12.16 15:10:53 | 000,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.12.16 15:10:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.16 15:10:30 | 469,159,936 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.16 15:10:30 | 000,146,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.16 14:08:27 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.12.16 13:01:05 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\Josef\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.14 21:41:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.12 21:34:07 | 000,105,222 | ---- | M] () -- C:\WINDOWS\hpoins07.dat
[2012.12.07 10:01:53 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2012.12.07 09:59:58 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.11.21 15:04:40 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.11.21 15:04:37 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012.12.12 21:32:21 | 000,105,222 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2012.12.12 21:32:21 | 000,017,505 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2012.12.07 10:01:52 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2012.12.07 09:59:57 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.12.07 09:59:44 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Apple Software Update.lnk
[2012.05.31 18:28:17 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012.04.28 17:03:54 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\Josef\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.14 10:44:43 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Josef\Local Settings\Data aplikací\fusioncache.dat
[2012.03.14 09:17:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.03.13 14:03:01 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Josef\Data aplikací\burnaware.ini
[2012.03.13 14:01:03 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012.03.13 13:18:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.03.13 13:12:23 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.03.13 12:47:54 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.03.13 12:46:08 | 000,146,808 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2012.03.14 09:16:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.07.02 09:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2012.07.02 08:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2012.07.13 21:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CropBusters
[2012.07.10 09:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.12.12 21:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2012.11.01 20:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OO Software
[2012.07.02 09:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\rionix
[2012.12.12 21:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2012.07.03 17:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josef\Data aplikací\Friday's games
[2012.12.16 12:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josef\Data aplikací\ICQ
[2012.07.10 09:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josef\Data aplikací\ICQ Search
[2012.08.27 14:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josef\Data aplikací\MapFactor
[2012.03.15 08:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josef\Data aplikací\Windows Desktop Search
[2012.03.16 17:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Josef\Data aplikací\Windows Search

< End of report >

[dvorak.josef01]

Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

447,36 Mb Total Physical Memory | 95,81 Mb Available Physical Memory | 21,42% Memory free
1,03 Gb Paging File | 0,54 Gb Available in Paging File | 52,85% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 280,81 Gb Free Space | 94,20% Space Free | Partition Type: NTFS

Computer Name: PCDVORAK | User Name: Josef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema 1.6.0.4014
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = Codec-TS SDK
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & Officejet 5.3.B Corporate Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = TT-SB SDK
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C549017A-FFAB-4679-9112-26E83DD82DB5}" = Enterprise
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BurnAware Free_is1" = BurnAware Free 4.5
"CCleaner" = CCleaner
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"MAPFACTOR_SETUP_UTILITY_HYBRID_11_is1" = Navigator 11 - Setup Utility 11.0.23-3
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30.9.2012 13:09:47 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\100CANON.LNK> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 30.9.2012 13:09:49 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\100CANON.LNK> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 30.9.2012 13:09:49 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\100CANON.LNK> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 30.9.2012 13:13:03 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\100CANON.LNK> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 30.9.2012 13:13:03 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\100CANON.LNK> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 3.10.2012 14:27:02 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\DESKTOP.INI> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 3.10.2012 14:27:02 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\DESKTOP.INI> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 4.10.2012 4:44:02 | Computer Name = PCDVORAK | Source = Microsoft Security Client | ID = 5000
Description =

Error - 15.10.2012 13:52:14 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\DESKTOP.INI> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 15.10.2012 13:52:14 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\DESKTOP.INI> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

[ System Events ]
Error - 12.12.2012 6:07:11 | Computer Name = PCDVORAK | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 12.12.2012 6:07:41 | Computer Name = PCDVORAK | Source = DCOM | ID = 10010
Description = Server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 12.12.2012 6:08:20 | Computer Name = PCDVORAK | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace zabezpečení pro rozhraní Microsoft .NET
Framework 2.0 (KB928365).

Error - 12.12.2012 6:09:11 | Computer Name = PCDVORAK | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace zabezpečení pro rozhraní Microsoft .NET
Framework 1.1 SP1 v systémech Windows XP, Windows Vista a Windows Server 2008 platformy
x86 (KB2698023).

Error - 12.12.2012 17:35:58 | Computer Name = PCDVORAK | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace zabezpečení pro rozhraní Microsoft .NET
Framework 2.0 (KB928365).

Error - 12.12.2012 17:36:33 | Computer Name = PCDVORAK | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace zabezpečení pro rozhraní Microsoft .NET
Framework 1.1 SP1 v systémech Windows XP, Windows Vista a Windows Server 2008 platformy
x86 (KB2698023).

Error - 13.12.2012 6:05:54 | Computer Name = PCDVORAK | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace zabezpečení pro rozhraní Microsoft .NET
Framework 2.0 (KB928365).

Error - 13.12.2012 6:06:32 | Computer Name = PCDVORAK | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace zabezpečení pro rozhraní Microsoft .NET
Framework 1.1 SP1 v systémech Windows XP, Windows Vista a Windows Server 2008 platformy
x86 (KB2698023).

Error - 16.12.2012 3:58:18 | Computer Name = PCDVORAK | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.141.1875.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%853 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.9002.0 Kód chyby: 0x80240022 Popis chyby: V daném programu nelze zkontrolovat
aktualizace definic.

Error - 16.12.2012 3:58:18 | Computer Name = PCDVORAK | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.141.1875.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%853 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.9002.0 Kód chyby: 0x80240022 Popis chyby: V daném programu nelze zkontrolovat
aktualizace definic.


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe File not found
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (aswMBR) -- C:\DOCUME~1\Josef\LOCALS~1\Temp\aswMBR.sys File not found
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes,DefaultScope = {56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_csCZ475
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..extensions.enabledAddons: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
[2012.03.17 18:50:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Extensions
[2012.07.26 12:25:42 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.12.06 20:31:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\Josef\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\Josef\Data aplikací\ICQ Search

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Odinstaluj všechny javy , kromě Java 7 Update 7.

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.21.0.1 10.21.60.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E12CE711-B596-4BDA-9502-20E1B9F2ACEC}: DhcpNameServer = 10.21.0.1 10.21.60.1
C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
říká Ti něco ta IP a ta složka??

Error - 30.9.2012 13:13:03 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\100CANON.LNK> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

Error - 15.10.2012 13:52:14 | Computer Name = PCDVORAK | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\JOSEF\RECENT\DESKTOP.INI> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

100Canon-- pokud nepracuje , přeinstaluj.

winSerSer---jsou problémy? Jdou Ti aktualizace?

[dvorak.josef01]

posilam log z OTL. Javu sem tam nasel krom té 7 jen jednu, tak sem ji dal pryč. Ta složka mi nic neříká. ale ta 10.21.60.1 mam toto čislo nastaveno od poskytovatele k připojení k internetu jako Vychozi branu a 10.21.0.1 mam nastaveno od nich jako servery DNS. Na 100Canon sem zadnou chybu zatim nespozoroval. Tam se zdá být vše v pořádku. A aktualizace nejdou. Teda myslím že ne, kazdy den se mi snazi neco aktualizovat a furt se to opakuje dokola.

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
Service WPFFontCache_v0400 stopped successfully!
Service WPFFontCache_v0400 deleted successfully!
File C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe File not found not found.
Service aspnet_state stopped successfully!
Service aspnet_state deleted successfully!
File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File not found not found.
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File %SystemRoot%\System32\appmgmts.dll File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Error: No service named aswMBR was found to stop!
Service\Driver key aswMBR not found.
File C:\DOCUME~1\Josef\LOCALS~1\Temp\aswMBR.sys File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56758CFF-2C7A-4E00-9ADD-7291CE7EC8EA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5.3 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 removed from extensions.enabledAddons
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\4zznl4nb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\Josef\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\Josef\Data aplikací\ICQ Search folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Josef
->Temp folder emptied: 31296831 bytes
->Temporary Internet Files folder emptied: 2582669 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 125821137 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2136 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 5348 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3364765 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 129041 bytes

Total Files Cleaned = 156,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12182012_143454

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...