kontrola logu bazarovy PC

jezisekx · Příspěvekod **jezisekx** » 02 čer 2010 17:34

prosim o preventivni kontrolu logu, jedna se o bazar PC a nevim jestli je original Win7. pres microsoft to proslo a samolepka neni

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:30:06, on 2.6.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\msdt.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 5361 bytes

Reklama

Damned · Příspěvekod **Damned** » 02 čer 2010 17:57

Já tam problém nevidím.

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

jezisekx · Příspěvekod **jezisekx** » 03 čer 2010 20:19

tady je log z combo

ComboFix 10-06-02.04 - lukas 03.06.2010 20:15:16.1.3 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3327.2621 [GMT 2:00]
Spuštěný z: c:\users\lukas\Downloads\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db
c:\users\lukas\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-03 do 2010-06-03 )))))))))))))))))))))))))))))))
.

2010-06-03 18:17 . 2010-06-03 18:17 -------- d-----w- c:\users\lukas\AppData\Local\temp
2010-06-03 18:17 . 2010-06-03 18:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-02 15:28 . 2010-06-02 15:28 388096 ----a-r- c:\users\lukas\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-02 15:18 . 2010-06-02 15:18 -------- d-----w- c:\program files\Trend Micro
2010-06-02 14:54 . 2010-06-02 14:54 -------- d-----w- c:\users\lukas\AppData\Roaming\Microsoft Games
2010-06-02 09:20 . 2010-06-02 09:20 -------- d-----w- c:\program files\Common Files\Microsoft Games
2010-06-02 08:48 . 2010-06-02 08:48 -------- d-----w- c:\programdata\vsosdk
2010-06-02 08:11 . 2010-06-02 15:13 -------- d-----w- c:\users\lukas\AppData\Roaming\Vso
2010-06-02 08:11 . 2010-06-02 15:13 47360 ----a-w- c:\users\lukas\AppData\Roaming\pcouffin.sys
2010-06-02 08:11 . 2010-06-02 08:11 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-06-01 16:22 . 2010-06-01 16:22 -------- d-----w- c:\users\lukas\AppData\Roaming\IrfanView
2010-06-01 16:22 . 2010-06-01 16:22 -------- d-----w- c:\program files\IrfanView
2010-05-31 17:55 . 2010-05-31 17:55 -------- d-----w- c:\program files\Mp3 Knife
2010-05-30 19:08 . 2010-05-30 19:10 -------- d-----w- c:\users\lukas\AppData\Local\NFS Underground 2
2010-05-30 19:03 . 2010-05-30 19:03 -------- d-----w- c:\program files\EA GAMES
2010-05-30 18:59 . 2010-05-30 18:59 -------- d-----w- c:\users\lukas\AppData\Local\ESET
2010-05-30 18:26 . 2010-05-30 18:58 -------- d-----w- c:\program files\DOOM 3
2010-05-30 18:19 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-05-30 18:19 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-05-30 18:18 . 2010-05-30 18:18 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-05-30 18:17 . 2010-05-30 18:17 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-05-30 17:05 . 2010-05-30 17:05 -------- d-----w- c:\programdata\Hewlett-Packard
2010-05-30 17:05 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
2010-05-28 14:15 . 2010-05-28 14:16 -------- d-----w- c:\users\lukas\AppData\Local\Fallout3
2010-05-28 14:07 . 2007-03-05 10:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2010-05-28 14:06 . 2007-03-15 14:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2010-05-28 14:06 . 2007-03-12 14:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2010-05-28 14:06 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-05-28 14:06 . 2010-05-28 14:06 -------- d-----w- c:\windows\system32\xlive
2010-05-28 14:05 . 2010-05-30 18:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-27 20:51 . 2010-05-27 20:51 -------- d-----w- c:\users\lukas\AppData\Local\RapidSharing.eu
2010-05-26 19:40 . 2010-05-26 19:40 -------- d-----w- c:\users\lukas\AppData\Roaming\Nero
2010-05-26 19:35 . 2010-05-26 19:35 -------- d-----w- c:\users\lukas\AppData\Local\Adobe
2010-05-26 19:09 . 2010-05-30 18:58 -------- d-----w- c:\users\lukas\AppData\Local\PunkBuster
2010-05-26 18:59 . 2010-05-26 18:59 -------- d-----w- c:\program files\Activision
2010-05-26 18:42 . 2010-05-26 18:42 -------- d-----w- c:\windows\system32\URTTEMP
2010-05-26 18:41 . 2010-05-26 18:41 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-26 18:41 . 2010-05-26 18:41 22328 ----a-w- c:\users\lukas\AppData\Roaming\PnkBstrK.sys
2010-05-26 18:41 . 2010-05-26 18:41 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-26 18:41 . 2010-05-26 18:41 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-26 18:41 . 2010-05-26 18:41 669184 ----a-w- c:\windows\system32\pbsvc.exe
2010-05-26 18:41 . 2007-07-19 16:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2010-05-26 18:41 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-05-26 18:41 . 2007-07-19 16:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2010-05-26 18:41 . 2007-05-16 14:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2010-05-26 18:41 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2010-05-26 18:41 . 2007-05-16 14:45 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
2010-05-26 18:41 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-05-26 18:36 . 2010-05-26 18:36 -------- d-----w- c:\program files\Electronic Arts
2010-05-26 18:30 . 2010-05-26 18:30 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-26 18:30 . 2010-05-26 18:30 -------- d-----w- c:\program files\The KMPlayer
2010-05-26 18:19 . 2010-05-07 16:06 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-05-26 18:19 . 2010-05-07 16:01 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-05-26 18:19 . 2010-05-07 16:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-05-26 18:19 . 2010-05-26 18:33 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-05-26 18:18 . 2010-05-26 18:18 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-05-26 14:14 . 2010-05-26 14:14 -------- d-----w- c:\users\lukas\AppData\Local\Real
2010-05-26 14:13 . 2010-05-26 18:49 -------- d-----w- c:\users\lukas\AppData\Local\Google
2010-05-26 14:13 . 2010-05-27 21:19 -------- d-----w- c:\program files\Google
2010-05-26 14:13 . 2010-05-26 14:13 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-26 14:13 . 2010-05-26 14:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-05-26 14:13 . 2010-05-26 14:13 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-26 14:13 . 2010-05-27 15:42 -------- d-----w- c:\program files\Common Files\Real
2010-05-26 14:13 . 2010-05-26 18:48 -------- d-----w- c:\program files\Real
2010-05-25 20:16 . 2010-05-25 20:16 -------- d-----w- c:\program files\7-Zip
2010-05-25 20:12 . 2010-05-25 20:12 -------- d-----w- c:\users\lukas\AppData\Roaming\TuneUp Software
2010-05-25 20:12 . 2010-05-26 18:19 -------- d-----w- c:\programdata\TuneUp Software
2010-05-25 20:12 . 2010-05-25 20:12 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2010-05-25 20:10 . 2010-05-25 20:17 -------- d-----w- c:\programdata\WinZip
2010-05-25 20:09 . 2010-05-25 20:09 -------- d-----w- c:\windows\WindowsMobile
2010-05-25 19:56 . 2010-05-25 19:56 -------- d-----w- c:\program files\ESET
2010-05-25 19:54 . 2010-05-30 18:20 108824 ----a-w- c:\users\lukas\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-25 19:50 . 2010-05-25 19:50 -------- d--h--w- c:\windows\AxInstSV
2010-05-25 19:47 . 2010-05-25 18:56 -------- d-----w- c:\windows\Panther
2010-05-25 19:45 . 2010-05-25 19:45 0 ----a-w- c:\windows\ativpsrm.bin
2010-05-25 19:44 . 2010-05-25 19:44 -------- d-----w- c:\users\lukas\AppData\Local\Ahead
2010-05-25 19:42 . 2010-05-25 19:43 -------- d-----w- c:\program files\Common Files\Nero
2010-05-25 19:42 . 2010-05-25 19:42 -------- d-----w- c:\programdata\Nero
2010-05-25 19:42 . 2010-05-25 19:42 -------- d-----w- c:\program files\Nero
2010-05-25 19:29 . 2010-05-25 19:29 -------- d-----w- c:\windows\system32\Wat
2010-05-25 19:22 . 2010-05-25 19:22 -------- d-----w- c:\program files\ATI Technologies
2010-05-25 19:22 . 2010-05-25 19:22 -------- d-----w- c:\program files\ATI
2010-05-25 19:20 . 2008-11-10 09:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-05-25 19:20 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-05-25 19:19 . 2010-05-30 18:17 -------- d-----w- c:\program files\Microsoft Works
2010-05-25 19:19 . 2010-05-25 19:19 -------- d-----w- c:\windows\PCHEALTH
2010-05-25 19:19 . 2010-05-25 19:19 -------- d-----w- c:\program files\Microsoft.NET
2010-05-25 19:18 . 2010-05-25 19:18 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-05-25 19:17 . 2010-05-25 19:17 -------- d-----w- c:\users\lukas\AppData\Local\Microsoft Help
2010-05-25 19:17 . 2010-05-31 18:01 -------- d-----w- c:\programdata\Microsoft Help
2010-05-25 19:17 . 2010-06-02 15:28 -------- d-sh--w- c:\windows\Installer
2010-05-25 19:17 . 2010-05-25 19:17 -------- d-----w- c:\windows\system32\Macromed
2010-05-25 19:07 . 2010-05-25 19:07 -------- d-----w- c:\program files\PowerISO
2010-05-25 19:07 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-05-25 19:06 . 2010-05-12 09:21 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-25 19:05 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-05-25 19:05 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-05-25 19:04 . 2009-10-02 04:06 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2010-05-25 19:04 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2010-05-25 19:04 . 2009-08-29 06:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-05-25 19:04 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe
2010-05-25 19:04 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe
2010-05-25 19:02 . 2010-05-26 18:44 -------- d-----w- c:\users\lukas\AppData\Local\Diagnostics
2010-05-25 19:02 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-05-25 19:02 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-05-25 19:02 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-05-25 19:02 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-05-25 19:02 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-05-25 19:02 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-05-25 19:02 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-05-25 19:02 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-05-25 19:02 . 2010-04-23 07:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-25 19:02 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-05-25 19:02 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-05-25 19:02 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-05-25 19:01 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-05-25 19:01 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-05-25 19:01 . 2010-06-03 11:40 -------- d-----w- c:\windows\system32\wbem\Performance
2010-05-25 19:01 . 2010-05-25 19:01 0 ----a-w- c:\windows\nsreg.dat
2010-05-25 19:01 . 2010-05-25 19:01 -------- d-----w- c:\users\lukas\AppData\Local\Mozilla
2010-05-25 18:56 . 2010-05-25 18:56 -------- d-sh--we c:\users\Default\Soubory cookie
2010-05-23 18:15 . 2010-05-23 18:15 -------- d-----r- C:\MSOCache
2010-05-18 18:16 . 2010-05-18 18:16 -------- d-----w- C:\ATI
2010-05-18 18:07 . 2010-05-25 19:47 -------- d-----w- C:\Boot
2010-05-18 17:17 . 2010-05-25 18:56 -------- d-----w- C:\Recovery

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-03 11:40 . 2009-07-14 08:44 631116 ----a-w- c:\windows\system32\perfh005.dat
2010-06-03 11:40 . 2009-07-14 08:44 123556 ----a-w- c:\windows\system32\perfc005.dat
2010-06-02 09:20 . 2010-05-28 14:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-02 08:52 . 2009-07-14 04:52 -------- d-----w- c:\program files\Microsoft Games
2010-05-31 19:10 . 2010-05-31 19:10 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2010-05-31 19:09 . 2010-05-31 19:09 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-05-28 14:08 . 2010-05-28 14:08 -------- d-----w- c:\program files\Bethesda Softworks
2010-05-25 20:11 . 2010-05-25 20:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2010-05-25 19:19 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-05-25 19:10 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-25 18:56 . 2010-05-25 18:56 -------- d-sh--we c:\programdata\Plocha
2010-05-25 18:56 . 2010-05-25 18:56 -------- d-sh--we c:\programdata\Oblíbené položky
2010-05-25 18:56 . 2010-05-25 18:56 -------- d-sh--we c:\programdata\Šablony
2010-05-25 18:56 . 2010-05-25 18:56 -------- d-sh--we c:\programdata\Nabídka Start
2010-05-25 18:56 . 2010-05-25 18:56 -------- d-sh--we c:\programdata\Dokumenty
2010-05-25 18:56 . 2010-05-25 18:56 -------- d-sh--we c:\programdata\Data aplikací
2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe
2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll
2010-04-07 02:43 . 2010-04-07 02:43 5430272 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-04-07 02:16 . 2010-04-07 02:16 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-04-07 02:16 . 2010-04-07 02:16 489472 ----a-w- c:\windows\system32\aticfx32.dll
2010-04-07 02:13 . 2010-04-07 02:13 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-04-07 02:12 . 2010-04-07 02:12 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-04-07 02:12 . 2010-04-07 02:12 14321664 ----a-w- c:\windows\system32\atioglxx.dll
2010-04-07 02:12 . 2010-04-07 02:12 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-04-07 02:10 . 2010-04-07 02:10 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-04-07 02:10 . 2010-04-07 02:10 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-04-07 02:10 . 2010-04-07 02:10 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-04-07 02:10 . 2010-04-07 02:10 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-04-07 02:10 . 2010-04-07 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-04-07 02:06 . 2010-04-07 02:06 3164160 ----a-w- c:\windows\system32\atidxx32.dll
2010-04-07 01:46 . 2010-04-07 01:46 50176 ----a-w- c:\windows\system32\coinst.dll
2010-04-07 01:40 . 2010-04-07 01:40 3707904 ----a-w- c:\windows\system32\atiumdag.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-04-07 01:38 . 2010-04-07 01:38 4018176 ----a-w- c:\windows\system32\aticaldd.dll
2010-04-07 01:23 . 2010-04-07 01:23 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 14848 ----a-w- c:\windows\system32\atigktxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 157184 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-04-07 01:22 . 2010-04-07 01:22 28160 ----a-w- c:\windows\system32\atiuxpag.dll
2010-04-07 01:22 . 2010-04-07 01:22 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-04-07 01:22 . 2010-04-07 01:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-04-07 01:21 . 2010-04-07 01:21 2983936 ----a-w- c:\windows\system32\atiumdva.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-04-02 16:09 . 2010-04-02 16:09 2023 ----a-w- c:\windows\system32\atipblag.dat
2010-04-02 15:17 . 2010-04-02 15:17 15426200 ----a-w- c:\windows\system32\xlive.dll
2010-04-02 15:17 . 2010-04-02 15:17 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\24929\AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\1593\AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\24929\AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\1593\AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\24929\ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\24929\AcrobatUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\1593\ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\1593\AcrobatUpdater.exe
2010-03-17 15:06 . 2010-03-17 15:06 202234 ----a-w- c:\windows\system32\atiicdxx.dat
2010-03-09 10:21 . 2010-03-09 10:21 107024 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2010-03-08 21:33 . 2010-05-25 19:03 427520 ----a-w- c:\windows\system32\vbscript.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-14 233472]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-25 1343400]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-07 172032]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-04-07 5430272]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-07 157184]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\kz2ih1tj.default\
FF - prefs.js: browser.startup.homepage - hxxp://cs.start.mozilla.com/firefox?cli ... s:official
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-06-03 20:18:24
ComboFix-quarantined-files.txt 2010-06-03 18:18

Před spuštěním: Volných bajtů: 67 596 914 688
Po spuštění: Volných bajtů: 67 541 647 360

- - End Of File - - 490964C97726C33920ED6F5FE6DBC944

Damned · Příspěvekod **Damned** » 03 čer 2010 20:31

Vypni antivir a pokud máš i Antispyware a odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start -> Spustit (nebo klávesy Win+R) a zadej do řádku: Combofix[mezera]/uninstall
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na Minimální výstup.Pod Běžné registry změň na Vše, Specifické registry na Vše. Zatrhni Kontrola na havěť LOP a Kontrola na havěť Purity. Stáří souborů změň na 7 dnů. Všechny ostatní nastavení ponech jak jsou. Klikni na Prohledat. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

jezisekx · Příspěvekod **jezisekx** » 04 čer 2010 14:46

OTL logfile created on: 4.6.2010 14:39:21 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\lukas\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,39 Gb Total Space | 62,89 Gb Free Space | 42,96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 319,27 Gb Total Space | 287,27 Gb Free Space | 89,98% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LUKAS-PC
Current User Name: lukas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\lukas\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)

========== Modules (SafeList) ==========

MOD - C:\Users\lukas\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\System32\drivers\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (epfwtdi) -- C:\Windows\System32\drivers\epfwtdi.sys (ESET)
DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (easdrv) -- C:\Windows\System32\drivers\easdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C FD 77 44 43 FC CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://cs.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:cs:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.26 20:48:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.27 22:43:58 | 000,000,000 | ---D | M]

[2010.05.25 21:09:32 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Mozilla\Extensions
[2010.05.25 21:09:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukas\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.06.03 20:38:11 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\kz2ih1tj.default\extensions
[2010.05.26 20:40:14 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\lukas\AppData\Roaming\Mozilla\Firefox\Profiles\kz2ih1tj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.25 21:09:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.25 21:09:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.04.01 19:59:58 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.04.01 19:59:58 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.04.01 19:59:58 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009.12.21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.04.01 18:51:34 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.06.03 20:17:37 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

[2010.06.04 14:35:45 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.06.03 21:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Technologies
[2010.06.03 20:18:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.06.03 20:18:26 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Local\temp
[2010.06.03 20:14:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.06.02 17:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.06.02 16:54:30 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Roaming\Microsoft Games
[2010.06.02 11:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010.06.02 10:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk
[2010.06.02 10:33:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.06.02 10:33:51 | 000,000,000 | ---D | C] -- C:\Users\lukas\Documents\Games for Windows - LIVE Demos
[2010.06.02 10:13:35 | 000,000,000 | ---D | C] -- C:\Users\lukas\Documents\ConvertXtoDVD
[2010.06.02 10:11:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\lukas\AppData\Roaming\pcouffin.sys
[2010.06.02 10:11:24 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Roaming\Vso
[2010.06.02 10:11:24 | 000,000,000 | ---D | C] -- C:\Users\lukas\Documents\PcSetup
[2010.06.01 18:22:23 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Roaming\IrfanView
[2010.06.01 18:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2010.06.01 18:05:12 | 000,000,000 | ---D | C] -- C:\Users\lukas\Desktop\aukro
[2010.05.31 19:55:24 | 000,609,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx
[2010.05.31 19:55:23 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.ocx
[2010.05.31 19:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3 Knife
[2010.05.30 21:08:20 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Local\NFS Underground 2
[2010.05.30 21:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2010.05.30 20:59:48 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Local\ESET
[2010.05.30 20:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\DOOM 3
[2010.05.30 20:19:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.05.30 20:19:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.05.30 20:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010.05.30 19:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010.05.28 16:15:47 | 000,000,000 | ---D | C] -- C:\Users\lukas\AppData\Local\Fallout3
[2010.05.28 16:08:22 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.05.28 16:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bethesda Softworks
[2010.05.28 16:08:07 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.05.28 16:08:07 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.05.28 16:08:07 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.05.28 16:08:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.05.28 16:08:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.05.28 16:08:07 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.05.28 16:08:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.05.28 16:08:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.05.28 16:08:06 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.05.28 16:08:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.05.28 16:08:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.05.28 16:08:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.05.28 16:08:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.05.28 16:08:05 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.05.28 16:08:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.05.28 16:08:05 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.05.28 16:08:04 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.05.28 16:08:04 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.05.28 16:08:03 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.05.28 16:08:03 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.05.28 16:08:01 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.05.28 16:08:00 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.05.28 16:08:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.05.28 16:08:00 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.05.28 16:07:59 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.05.28 16:07:59 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.05.28 16:07:59 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.05.28 16:07:59 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.05.28 16:07:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.05.28 16:07:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.05.28 16:07:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.05.28 16:07:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.05.28 16:07:58 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.05.28 16:07:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.05.28 16:07:52 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.05.28 16:07:52 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.05.28 16:07:51 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.05.28 16:07:51 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.05.28 16:07:51 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.05.28 16:07:50 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.05.28 16:06:58 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.05.28 16:06:58 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.05.28 16:06:57 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.05.28 16:06:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.05.28 16:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

========== Files - Modified Within 7 Days ==========

[2010.06.04 14:39:43 | 000,019,520 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.04 14:39:43 | 000,019,520 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.04 14:36:46 | 001,473,146 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.04 14:36:46 | 000,631,116 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.06.04 14:36:46 | 000,615,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.04 14:36:46 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.06.04 14:36:46 | 000,107,396 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.04 14:36:00 | 001,572,864 | -HS- | M] () -- C:\Users\lukas\ntuser.dat
[2010.06.04 14:32:36 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.04 14:32:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.04 14:32:30 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.04 14:30:39 | 002,340,976 | -H-- | M] () -- C:\Users\lukas\AppData\Local\IconCache.db
[2010.06.03 21:14:13 | 000,010,998 | ---- | M] () -- C:\Users\lukas\Documents\Martin Mátl.docx
[2010.06.03 20:17:41 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.06.03 20:17:37 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.06.02 17:28:42 | 000,002,963 | ---- | M] () -- C:\Users\lukas\Desktop\HiJackThis.lnk
[2010.06.02 17:13:50 | 000,007,887 | ---- | M] () -- C:\Users\lukas\AppData\Roaming\pcouffin.cat
[2010.06.02 17:13:49 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\lukas\AppData\Roaming\pcouffin.sys
[2010.06.02 17:13:49 | 000,001,144 | ---- | M] () -- C:\Users\lukas\AppData\Roaming\pcouffin.inf
[2010.06.02 17:05:40 | 000,000,132 | ---- | M] () -- C:\Users\lukas\AppData\Roaming\default.pls
[2010.06.02 17:02:06 | 000,000,668 | ---- | M] () -- C:\Users\lukas\AppData\Roaming\vso_ts_preview.xml
[2010.06.02 16:54:25 | 000,000,682 | ---- | M] () -- C:\Users\lukas\Desktop\Gears of War for Windows – zástupce.lnk
[2010.06.01 18:22:28 | 000,000,968 | ---- | M] () -- C:\Users\lukas\Desktop\IrfanView.lnk
[2010.05.31 21:10:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[2010.05.31 21:09:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.05.31 19:55:25 | 000,000,923 | ---- | M] () -- C:\Users\lukas\Desktop\Mp3 Knife.lnk
[2010.05.30 21:05:02 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed Underground 2.lnk
[2010.05.30 20:30:00 | 000,001,576 | ---- | M] () -- C:\Users\Public\Desktop\Doom 3.lnk
[2010.05.30 20:29:56 | 000,000,331 | ---- | M] () -- C:\Windows\doom3.ini
[2010.05.30 20:20:49 | 000,108,824 | ---- | M] () -- C:\Users\lukas\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.30 20:20:05 | 000,410,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.30 20:16:53 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.05.30 19:31:20 | 000,014,575 | ---- | M] () -- C:\Users\lukas\Documents\Výsledky hlasování 2010.docx

========== Files Created - No Company Name ==========

[2010.06.03 21:14:13 | 000,010,998 | ---- | C] () -- C:\Users\lukas\Documents\Martin Mátl.docx
[2010.06.02 17:28:42 | 000,002,963 | ---- | C] () -- C:\Users\lukas\Desktop\HiJackThis.lnk
[2010.06.02 17:05:40 | 000,000,132 | ---- | C] () -- C:\Users\lukas\AppData\Roaming\default.pls
[2010.06.02 16:54:25 | 000,000,682 | ---- | C] () -- C:\Users\lukas\Desktop\Gears of War for Windows – zástupce.lnk
[2010.06.02 10:12:19 | 000,000,668 | ---- | C] () -- C:\Users\lukas\AppData\Roaming\vso_ts_preview.xml
[2010.06.02 10:12:01 | 000,000,033 | ---- | C] () -- C:\Users\lukas\AppData\Roaming\pcouffin.log
[2010.06.02 10:11:25 | 000,007,887 | ---- | C] () -- C:\Users\lukas\AppData\Roaming\pcouffin.cat
[2010.06.02 10:11:24 | 000,001,144 | ---- | C] () -- C:\Users\lukas\AppData\Roaming\pcouffin.inf
[2010.06.01 18:22:28 | 000,000,968 | ---- | C] () -- C:\Users\lukas\Desktop\IrfanView.lnk
[2010.05.31 21:10:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[2010.05.31 21:09:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.05.31 19:55:25 | 000,000,923 | ---- | C] () -- C:\Users\lukas\Desktop\Mp3 Knife.lnk
[2010.05.30 21:05:02 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed Underground 2.lnk
[2010.05.30 20:30:00 | 000,001,576 | ---- | C] () -- C:\Users\Public\Desktop\Doom 3.lnk
[2010.05.30 20:29:56 | 000,000,331 | ---- | C] () -- C:\Windows\doom3.ini
[2010.05.30 19:31:19 | 000,014,575 | ---- | C] () -- C:\Users\lukas\Documents\Výsledky hlasování 2010.docx
[2010.05.26 20:41:58 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.07.14 02:55:09 | 000,587,776 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

========== LOP Check ==========

[2010.05.25 21:57:33 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\ESET
[2010.06.01 18:22:23 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\IrfanView
[2010.05.25 22:12:37 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\TuneUp Software
[2010.06.02 17:13:51 | 000,000,000 | ---D | M] -- C:\Users\lukas\AppData\Roaming\Vso
[2009.07.14 06:53:46 | 000,007,262 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

jezisekx · Příspěvekod **jezisekx** » 04 čer 2010 14:51

OTL Extras logfile created on: 4.6.2010 14:39:21 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\lukas\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,39 Gb Total Space | 62,89 Gb Free Space | 42,96% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 319,27 Gb Total Space | 287,27 Gb Free Space | 89,98% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LUKAS-PC
Current User Name: lukas
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Minimal

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{69A13D2F-A08F-619A-1D42-94CB96F3635A}" = ATI Catalyst Install Manager
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D45EF03-E8EE-4355-81C3-F918CBCF1029}" = Nero 8
"{6ECB944F-D027-4E8A-9906-70E77C005AD5}" = ESET Smart Security
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities" = TuneUp Utilities

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26.5.2010 14:56:49 | Computer Name = lukas-PC | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).

Error - 26.5.2010 15:00:17 | Computer Name = lukas-PC | Source = Application Hang | ID = 1002
Description = Program OneClick.exe verze 9.0.4200.54 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
814 Čas spuštění: 01cafd04708eee73 Čas ukončení: 9 Cesta k aplikaci: C:\Program Files\TuneUp
Utilities 2010\OneClick.exe ID hlášení: e2c821f4-68f8-11df-9564-4061868eb4b8

Error - 27.5.2010 12:19:14 | Computer Name = lukas-PC | Source = Google Update | ID = 20
Description =

Error - 28.5.2010 10:22:43 | Computer Name = lukas-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Fallout3.exe, verze: 1.0.0.12, časové razítko:
0x48d194b3 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x0002fc47 ID chybujícího procesu:
0x11d4 Čas spuštění chybující aplikace: 0x01cafe705066a00e Cesta k chybující aplikaci:
C:\Program Files\Bethesda Softworks\Fallout 3\Fallout3.exe Cesta k chybujícímu modulu:
C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 7a8c71a0-6a64-11df-b6e9-4061868eb4b8

Error - 28.5.2010 14:23:33 | Computer Name = lukas-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Fallout3.exe, verze: 1.0.0.12, časové razítko:
0x48d194b3 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bdadb Kód výjimky: 0xc0000005 Posun chyby: 0x0002fc47 ID chybujícího procesu:
0xfd0 Čas spuštění chybující aplikace: 0x01cafe8959534b79 Cesta k chybující aplikaci:
C:\Program Files\Bethesda Softworks\Fallout 3\Fallout3.exe Cesta k chybujícímu modulu:
C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 1f5af06b-6a86-11df-b43d-4061868eb4b8

Error - 28.5.2010 15:51:24 | Computer Name = lukas-PC | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).

Error - 30.5.2010 14:26:42 | Computer Name = lukas-PC | Source = VSS | ID = 8194
Description =

Error - 1.6.2010 13:45:56 | Computer Name = lukas-PC | Source = Application Hang | ID = 1002
Description = Program speed2.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
94c Čas spuštění: 01cb01b12f45a806 Čas ukončení: 48 Cesta k aplikaci: C:\Program Files\EA
GAMES\Need for Speed Underground 2\speed2.exe ID hlášení:

Error - 2.6.2010 10:48:12 | Computer Name = lukas-PC | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).

Error - 2.6.2010 11:26:12 | Computer Name = lukas-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu HijackThis nelze ukončit.

[ System Events ]
Error - 3.6.2010 14:02:15 | Computer Name = lukas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 3.6.2010 14:02:25 | Computer Name = lukas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 3.6.2010 14:02:25 | Computer Name = lukas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 3.6.2010 14:02:25 | Computer Name = lukas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 3.6.2010 14:15:00 | Computer Name = lukas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 3.6.2010 14:15:00 | Computer Name = lukas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 3.6.2010 14:15:07 | Computer Name = lukas-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.6.2010 14:17:39 | Computer Name = lukas-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 3.6.2010 14:52:06 | Computer Name = lukas-PC | Source = DCOM | ID = 10010
Description =

Error - 4.6.2010 8:29:07 | Computer Name = lukas-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

< End of report >

Damned · Příspěvekod **Damned** » 04 čer 2010 15:03

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

:Files
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
C:\Windows\PEV.exe
C:\Windows\SWXCACLS.exe
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\NIRCMD.exe
C:\ComboFix
C:\Qoobox
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

jezisekx · Příspěvekod **jezisekx** » 04 čer 2010 15:31

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\Recycler not found.
C:\$RECYCLE.BIN\S-1-5-21-3138798844-471946320-897271988-1001 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
File\Folder C:\327882R2FWJFW not found.
C:\ComboFix folder moved successfully.
File\Folder C:\Qoobox not found.
File\Folder C:\Combofix.txt not found.
File\Folder C:\Windows\PEV.exe not found.
File\Folder C:\Windows\SWXCACLS.exe not found.
File\Folder C:\Windows\SWREG.exe not found.
File\Folder C:\Windows\SWSC.exe not found.
File\Folder C:\Windows\sed.exe not found.
File\Folder C:\Windows\grep.exe not found.
File\Folder C:\Windows\NIRCMD.exe not found.
File\Folder C:\ComboFix not found.
File\Folder C:\Qoobox not found.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: lukas
->Temp folder emptied: 54704 bytes
->Temporary Internet Files folder emptied: 9554117 bytes
->FireFox cache emptied: 40919734 bytes
->Google Chrome cache emptied: 54118934 bytes
->Flash cache emptied: 3759 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9368 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 100,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: lukas
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.5.3 log created on 06042010_152851

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Damned · Příspěvekod **Damned** » 04 čer 2010 15:54

Měl by si to mít v pořádku.

Smaž složku C:\_OTL a vysypej Koš.

Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.

Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.

Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se. :bigups:

kontrola logu bazarovy PC Vyřešeno

kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC

Re: kontrola logu bazarovy PC Vyřešeno

Kdo je online