Prosím o kontrolu logu, seká se pc

[peetr.j]

Ten combofix mi nejde uvedeným zpusobem smazat.... vyskočí varovná hlaška že combofix nebyl nalezen, přitom jej mam na ploše jak se pise v manualu

[Reklama]

[Damned]

Zadávaš ten příkaz správně? Zkus to ještě jednou.
Pokud nepůjde, smažeme ho pomocí OTL. Dej mi sem ty logy z OTL.

[peetr.j]

OTL logfile created on: 29.12.2012 18:06:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\saša\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 60,73% Memory free
2,10 Gb Paging File | 1,65 Gb Available in Paging File | 78,47% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,54 Gb Total Space | 17,11 Gb Free Space | 48,14% Space Free | Partition Type: NTFS
Drive K: | 113,50 Gb Total Space | 81,79 Gb Free Space | 72,06% Space Free | Partition Type: NTFS

Computer Name: N-41686FEFA1164 | User Name: saša | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (All) ==========

PRC - C:\Documents and Settings\saša\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\services.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [RPCSS] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [NETSVCS] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [NETSVCS] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [IMGSVC] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [HPZ12] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [HPZ12] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\smss.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========


========== Services (All) ==========

SRV - (vToolbarUpdater13.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Browser) -- C:\WINDOWS\system32\browser.dll (Microsoft Corporation)
SRV - (lanmanserver) -- C:\WINDOWS\system32\srvsvc.dll (Microsoft Corporation)
SRV - (Spooler) -- C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
SRV - (Themes) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (FastUserSwitchingCompatibility) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (lanmanworkstation) -- C:\WINDOWS\system32\wkssvc.dll (Microsoft Corporation)
SRV - (Dnscache) -- C:\WINDOWS\system32\dnsrslvr.dll (Microsoft Corporation)
SRV - (PlugPlay) -- C:\WINDOWS\system32\services.exe (Microsoft Corporation)
SRV - (Eventlog) -- C:\WINDOWS\system32\services.exe (Microsoft Corporation)
SRV - (RpcSs) -- C:\WINDOWS\system32\rpcss.dll (Microsoft Corporation)
SRV - (DcomLaunch) -- C:\WINDOWS\system32\rpcss.dll (Microsoft Corporation)
SRV - (EventSystem) -- C:\WINDOWS\system32\es.dll (Microsoft Corporation)
SRV - (Nla) -- C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
SRV - (WmiApSrv) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe (Microsoft Corporation)
SRV - (VSS) -- C:\WINDOWS\system32\vssvc.exe (Microsoft Corporation)
SRV - (UPS) -- C:\WINDOWS\system32\ups.exe (Microsoft Corporation)
SRV - (SysmonLog) -- C:\WINDOWS\system32\smlogsvc.exe (Microsoft Corporation)
SRV - (RDSessMgr) -- C:\WINDOWS\system32\sessmgr.exe (Microsoft Corporation)
SRV - (SCardSvr) -- C:\WINDOWS\system32\scardsvr.exe (Microsoft Corporation)
SRV - (NetDDEdsdm) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)
SRV - (NetDDE) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)
SRV - (MSIServer) -- C:\WINDOWS\System32\msiexec.exe (Microsoft Corporation)
SRV - (MSDTC) -- C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation)
SRV - (mnmsrvc) -- C:\WINDOWS\system32\mnmsrvc.exe (Microsoft Corporation)
SRV - (SamSs) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (ProtectedStorage) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (PolicyAgent) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (NtLmSsp) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (Netlogon) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (RpcLocator) -- C:\WINDOWS\system32\locator.exe (Microsoft Corporation)
SRV - (ImapiService) -- C:\WINDOWS\system32\imapi.exe (Microsoft Corporation)
SRV - (dmadmin) -- C:\WINDOWS\System32\dmadmin.exe (Microsoft Corp., Veritas Software)
SRV - (SwPrv) -- C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation)
SRV - (ClipSrv) -- C:\WINDOWS\system32\clipsrv.exe (Microsoft Corporation)
SRV - (CiSvc) -- C:\WINDOWS\system32\cisvc.exe (Microsoft Corporation)
SRV - (ALG) -- C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
SRV - (WZCSVC) -- C:\WINDOWS\system32\wzcsvc.dll (Microsoft Corporation)
SRV - (xmlprov) -- C:\WINDOWS\system32\xmlprov.dll (Microsoft Corporation)
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)
SRV - (wscsvc) -- C:\WINDOWS\system32\wscsvc.dll (Microsoft Corporation)
SRV - (stisvc) -- C:\WINDOWS\system32\wiaservc.dll (Microsoft Corporation)
SRV - (winmgmt) -- C:\WINDOWS\system32\wbem\wmisvc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\WINDOWS\system32\webclnt.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\WINDOWS\system32\upnphost.dll (Microsoft Corporation)
SRV - (W32Time) -- C:\WINDOWS\system32\w32time.dll (Microsoft Corporation)
SRV - (TrkWks) -- C:\WINDOWS\system32\trkwks.dll (Microsoft Corporation)
SRV - (HTTPFilter) -- C:\WINDOWS\system32\w3ssl.dll (Microsoft Corporation)
SRV - (TermService) -- C:\WINDOWS\system32\termsrv.dll (Microsoft Corporation)
SRV - (TapiSrv) -- C:\WINDOWS\system32\tapisrv.dll (Microsoft Corporation)
SRV - (srservice) -- C:\WINDOWS\system32\srsvc.dll (Microsoft Corporation)
SRV - (SSDPSRV) -- C:\WINDOWS\system32\ssdpsrv.dll (Microsoft Corporation)
SRV - (BITS) -- C:\WINDOWS\system32\qmgr.dll (Microsoft Corporation)
SRV - (Schedule) -- C:\WINDOWS\system32\schedsvc.dll (Microsoft Corporation)
SRV - (RasMan) -- C:\WINDOWS\system32\rasmans.dll (Microsoft Corporation)
SRV - (RasAuto) -- C:\WINDOWS\system32\rasauto.dll (Microsoft Corporation)
SRV - (SENS) -- C:\WINDOWS\system32\sens.dll (Microsoft Corporation)
SRV - (seclogon) -- C:\WINDOWS\system32\seclogon.dll (Microsoft Corporation)
SRV - (napagent) -- C:\WINDOWS\system32\qagentrt.dll (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (NtmsSvc) -- C:\WINDOWS\system32\ntmssvc.dll (Microsoft Corporation)
SRV - (Netman) -- C:\WINDOWS\system32\netman.dll (Microsoft Corporation)
SRV - (Messenger) -- C:\WINDOWS\system32\msgsvc.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\WINDOWS\system32\mprdim.dll (Microsoft Corporation)
SRV - (hkmsvc) -- C:\WINDOWS\system32\kmsvc.dll (Microsoft Corporation)
SRV - (LmHosts) -- C:\WINDOWS\system32\lmhsvc.dll (Microsoft Corporation)
SRV - (SharedAccess) -- C:\WINDOWS\system32\ipnathlp.dll (Microsoft Corporation)
SRV - (HidServ) -- C:\WINDOWS\system32\hidserv.dll (Microsoft Corporation)
SRV - (ERSvc) -- C:\WINDOWS\system32\ersvc.dll (Microsoft Corporation)
SRV - (EapHost) -- C:\WINDOWS\system32\eapsvc.dll (Microsoft Corporation)
SRV - (Dot3svc) -- C:\WINDOWS\system32\dot3svc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\WINDOWS\system32\dhcpcsvc.dll (Microsoft Corporation)
SRV - (dmserver) -- C:\WINDOWS\system32\dmserver.dll (Microsoft Corp.)
SRV - (CryptSvc) -- C:\WINDOWS\system32\cryptsvc.dll (Microsoft Corporation)
SRV - (AudioSrv) -- C:\WINDOWS\system32\audiosrv.dll (Microsoft Corporation)
SRV - (Alerter) -- C:\WINDOWS\system32\alrsvc.dll (Microsoft Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - (Net Driver HPZ12) -- C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (RSVP) -- C:\WINDOWS\system32\rsvp.exe (Microsoft Corporation)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (WmdmPmSN) -- C:\WINDOWS\system32\MsPMSNSv.dll (Microsoft Corporation)
SRV - (UMWdf) -- C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (All) ==========

DRV - (WFIOCTL) -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS File not found
DRV - (WDICA) -- File not found
DRV - (ViaIde) -- File not found
DRV - (ultra) -- File not found
DRV - (TosIde) -- File not found
DRV - (symc8xx) -- File not found
DRV - (symc810) -- File not found
DRV - (sym_u3) -- File not found
DRV - (sym_hi) -- File not found
DRV - (Sparrow) -- File not found
DRV - (Simbad) -- File not found
DRV - (ql1280) -- File not found
DRV - (ql1240) -- File not found
DRV - (ql12160) -- File not found
DRV - (Ql10wnt) -- File not found
DRV - (ql1080) -- File not found
DRV - (perc2hib) -- File not found
DRV - (perc2) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (mraid35x) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (IntelIde) -- File not found
DRV - (ini910u) -- File not found
DRV - (i2omp) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (hpn) -- File not found
DRV - (dpti2o) -- File not found
DRV - (dac960nt) -- File not found
DRV - (dac2w2k) -- File not found
DRV - (Cpqarray) -- File not found
DRV - (CmdIde) -- File not found
DRV - (cd20xrnt) -- File not found
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys File not found
DRV - (Atdisk) -- File not found
DRV - (asc3550) -- File not found
DRV - (asc3350p) -- File not found
DRV - (asc) -- File not found
DRV - (amsint) -- File not found
DRV - (AliIde) -- File not found
DRV - (aic78xx) -- File not found
DRV - (aic78u2) -- File not found
DRV - (Aha154x) -- File not found
DRV - (adpu160m) -- File not found
DRV - (abp480n5) -- File not found
DRV - (Abiosdsk) -- File not found
DRV - (dtscsi) -- C:\WINDOWS\system32\drivers\dtscsi.sys (DT Soft Ltd.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (epfw) -- C:\WINDOWS\system32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (epfwtdi) -- C:\WINDOWS\system32\drivers\epfwtdi.sys (ESET)
DRV - (Epfwndis) -- C:\WINDOWS\system32\drivers\epfwndis.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (RDPWD) -- C:\WINDOWS\System32\drivers\rdpwd.sys (Microsoft Corporation)
DRV - (AFD) -- C:\WINDOWS\system32\drivers\afd.sys (Microsoft Corporation)
DRV - (AR9271) -- C:\WINDOWS\system32\drivers\athuw.sys (Atheros Communications, Inc.)
DRV - (MRxSmb) -- C:\WINDOWS\system32\drivers\mrxsmb.sys (Microsoft Corporation)
DRV - (NdisTapi) -- C:\WINDOWS\system32\drivers\ndistapi.sys (Microsoft Corporation)
DRV - (Mup) -- C:\WINDOWS\System32\drivers\mup.sys (Microsoft Corporation)
DRV - (Srv) -- C:\WINDOWS\system32\drivers\srv.sys (Microsoft Corporation)
DRV - (MHIKEY10) -- C:\WINDOWS\system32\drivers\MHIKEY10.sys (Generic USB smartcard reader)
DRV - (NDProxy) -- C:\WINDOWS\System32\drivers\ndproxy.sys (Microsoft Corporation)
DRV - (HTTP) -- C:\WINDOWS\system32\drivers\http.sys (Microsoft Corporation)
DRV - (KSecDD) -- C:\WINDOWS\System32\drivers\ksecdd.sys (Microsoft Corporation)
DRV - (Tcpip) -- C:\WINDOWS\system32\drivers\tcpip.sys (Microsoft Corporation)
DRV - (TDTCP) -- C:\WINDOWS\System32\drivers\tdtcp.sys (Microsoft Corporation)
DRV - (TDPIPE) -- C:\WINDOWS\System32\drivers\tdpipe.sys (Microsoft Corporation)
DRV - (TermDD) -- C:\WINDOWS\system32\drivers\termdd.sys (Microsoft Corporation)
DRV - (sr) -- C:\WINDOWS\system32\drivers\sr.sys (Microsoft Corporation)
DRV - (Pcmcia) -- C:\WINDOWS\System32\drivers\pcmcia.sys (Microsoft Corporation)
DRV - (PCI) -- C:\WINDOWS\system32\drivers\pci.sys (Microsoft Corporation)
DRV - (Parport) -- C:\WINDOWS\system32\drivers\parport.sys (Microsoft Corporation)
DRV - (dmio) -- C:\WINDOWS\system32\drivers\dmio.sys (Microsoft Corp., Veritas Software)
DRV - (dmboot) -- C:\WINDOWS\system32\drivers\dmboot.sys (Microsoft Corp., Veritas Software)
DRV - (kbdhid) -- C:\WINDOWS\system32\drivers\kbdhid.sys (Microsoft Corporation)
DRV - (Kbdclass) -- C:\WINDOWS\system32\drivers\kbdclass.sys (Microsoft Corporation)
DRV - (isapnp) -- C:\WINDOWS\system32\drivers\isapnp.sys (Microsoft Corporation)
DRV - (i8042prt) -- C:\WINDOWS\system32\drivers\i8042prt.sys (Microsoft Corporation)
DRV - (Serial) -- C:\WINDOWS\system32\drivers\serial.sys (Microsoft Corporation)
DRV - (redbook) -- C:\WINDOWS\system32\drivers\redbook.sys (Microsoft Corporation)
DRV - (Fips) -- C:\WINDOWS\System32\drivers\fips.sys (Microsoft Corporation)
DRV - (VolSnap) -- C:\WINDOWS\System32\drivers\volsnap.sys (Microsoft Corporation)
DRV - (Processor) -- C:\WINDOWS\system32\drivers\processr.sys (Microsoft Corporation)
DRV - (Mouclass) -- C:\WINDOWS\system32\drivers\mouclass.sys (Microsoft Corporation)
DRV - (Modem) -- C:\WINDOWS\System32\drivers\modem.sys (Microsoft Corporation)
DRV - (ACPI) -- C:\WINDOWS\system32\drivers\acpi.sys (Microsoft Corporation)
DRV - (Rdbss) -- C:\WINDOWS\system32\drivers\rdbss.sys (Microsoft Corporation)
DRV - (NetBT) -- C:\WINDOWS\system32\drivers\netbt.sys (Microsoft Corporation)
DRV - (NdisWan) -- C:\WINDOWS\system32\drivers\ndiswan.sys (Microsoft Corporation)
DRV - (NDIS) -- C:\WINDOWS\System32\drivers\ndis.sys (Microsoft Corporation)
DRV - (PptpMiniport) -- C:\WINDOWS\system32\drivers\raspptp.sys (Microsoft Corporation)
DRV - (Rasl2tp) -- C:\WINDOWS\system32\drivers\rasl2tp.sys (Microsoft Corporation)
DRV - (IPSec) -- C:\WINDOWS\system32\drivers\ipsec.sys (Microsoft Corporation)
DRV - (wdmaud) -- C:\WINDOWS\system32\drivers\wdmaud.sys (Microsoft Corporation)
DRV - (sysaudio) -- C:\WINDOWS\system32\drivers\sysaudio.sys (Microsoft Corporation)
DRV - (Ntfs) -- C:\WINDOWS\System32\drivers\ntfs.sys (Microsoft Corporation)
DRV - (Fastfat) -- C:\WINDOWS\System32\drivers\fastfat.sys (Microsoft Corporation)
DRV - (Cdfs) -- C:\WINDOWS\System32\drivers\cdfs.sys (Microsoft Corporation)
DRV - (RasPppoe) -- C:\WINDOWS\system32\drivers\raspppoe.sys (Microsoft Corporation)
DRV - (AsyncMac) -- C:\WINDOWS\system32\drivers\asyncmac.sys (Microsoft Corporation)
DRV - (Wanarp) -- C:\WINDOWS\system32\drivers\wanarp.sys (Microsoft Corporation)
DRV - (IpNat) -- C:\WINDOWS\system32\drivers\ipnat.sys (Microsoft Corporation)
DRV - (IpInIp) -- C:\WINDOWS\system32\drivers\ipinip.sys (Microsoft Corporation)
DRV - (PSched) -- C:\WINDOWS\system32\drivers\psched.sys (Microsoft Corporation)
DRV - (Gpc) -- C:\WINDOWS\system32\drivers\msgpc.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\WINDOWS\system32\drivers\netbios.sys (Microsoft Corporation)
DRV - (Ndisuio) -- C:\WINDOWS\system32\drivers\ndisuio.sys (Microsoft Corporation)
DRV - (IRENUM) -- C:\WINDOWS\system32\drivers\irenum.sys (Microsoft Corporation)
DRV - (Ip6Fw) -- C:\WINDOWS\system32\drivers\ip6fw.sys (Microsoft Corporation)
DRV - (Atmarpc) -- C:\WINDOWS\system32\drivers\atmarpc.sys (Microsoft Corporation)
DRV - (usbprint) -- C:\WINDOWS\system32\drivers\usbprint.sys (Microsoft Corporation)
DRV - (NABTSFEC) -- C:\WINDOWS\system32\drivers\nabtsfec.sys (Microsoft Corporation)
DRV - (WSTCODEC) -- C:\WINDOWS\system32\drivers\wstcodec.sys (Microsoft Corporation)
DRV - (CCDECODE) -- C:\WINDOWS\system32\drivers\ccdecode.sys (Microsoft Corporation)
DRV - (SLIP) -- C:\WINDOWS\system32\drivers\slip.sys (Microsoft Corporation)
DRV - (NdisIP) -- C:\WINDOWS\system32\drivers\ndisip.sys (Microsoft Corporation)
DRV - (streamip) -- C:\WINDOWS\system32\drivers\streamip.sys (Microsoft Corporation)
DRV - (usbccgp) -- C:\WINDOWS\system32\drivers\usbccgp.sys (Microsoft Corporation)
DRV - (USBSTOR) -- C:\WINDOWS\system32\drivers\usbstor.sys (Microsoft Corporation)
DRV - (usbhub) -- C:\WINDOWS\system32\drivers\usbhub.sys (Microsoft Corporation)
DRV - (usbehci) -- C:\WINDOWS\system32\drivers\usbehci.sys (Microsoft Corporation)
DRV - (usbohci) -- C:\WINDOWS\system32\drivers\usbohci.sys (Microsoft Corporation)
DRV - (usbscan) -- C:\WINDOWS\system32\drivers\usbscan.sys (Microsoft Corporation)
DRV - (HidUsb) -- C:\WINDOWS\system32\drivers\hidusb.sys (Microsoft Corporation)
DRV - (drmkaud) -- C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Corporation)
DRV - (usbaudio) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (kmixer) -- C:\WINDOWS\system32\drivers\kmixer.sys (Microsoft Corporation)
DRV - (swmidi) -- C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft Corporation)
DRV - (splitter) -- C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Corporation)
DRV - (DMusic) -- C:\WINDOWS\system32\drivers\dmusic.sys (Microsoft Corporation)
DRV - (VgaSave) -- C:\WINDOWS\system32\drivers\vga.sys (Microsoft Corporation)
DRV - (Imapi) -- C:\WINDOWS\system32\drivers\imapi.sys (Microsoft Corporation)
DRV - (PartMgr) -- C:\WINDOWS\System32\drivers\partmgr.sys (Microsoft Corporation)
DRV - (Sfloppy) -- C:\WINDOWS\System32\drivers\sfloppy.sys (Microsoft Corporation)
DRV - (Disk) -- C:\WINDOWS\system32\drivers\disk.sys (Microsoft Corporation)
DRV - (Cdrom) -- C:\WINDOWS\system32\drivers\cdrom.sys (Microsoft Corporation)
DRV - (atapi) -- C:\WINDOWS\system32\drivers\atapi.sys (Microsoft Corporation)
DRV - (Fdc) -- C:\WINDOWS\system32\drivers\fdc.sys (Microsoft Corporation)
DRV - (Flpydisk) -- C:\WINDOWS\system32\drivers\flpydisk.sys (Microsoft Corporation)
DRV - (serenum) -- C:\WINDOWS\system32\drivers\serenum.sys (Microsoft Corporation)
DRV - (swenum) -- C:\WINDOWS\system32\drivers\swenum.sys (Microsoft Corporation)
DRV - (MSKSSRV) -- C:\WINDOWS\system32\drivers\mskssrv.sys (Microsoft Corporation)
DRV - (MSPQM) -- C:\WINDOWS\system32\drivers\mspqm.sys (Microsoft Corporation)
DRV - (MSTEE) -- C:\WINDOWS\system32\drivers\mstee.sys (Microsoft Corporation)
DRV - (MSPCLOCK) -- C:\WINDOWS\system32\drivers\mspclock.sys (Microsoft Corporation)
DRV - (Update) -- C:\WINDOWS\system32\drivers\update.sys (Microsoft Corporation)
DRV - (MountMgr) -- C:\WINDOWS\System32\drivers\mountmgr.sys (Microsoft Corporation)
DRV - (mssmbios) -- C:\WINDOWS\system32\drivers\mssmbios.sys (Microsoft Corporation)
DRV - (FltMgr) -- C:\WINDOWS\system32\drivers\fltmgr.sys (Microsoft Corporation)
DRV - (MRxDAV) -- C:\WINDOWS\system32\drivers\mrxdav.sys (Microsoft Corporation)
DRV - (Npfs) -- C:\WINDOWS\System32\drivers\npfs.sys (Microsoft Corporation)
DRV - (Msfs) -- C:\WINDOWS\System32\drivers\msfs.sys (Microsoft Corporation)
DRV - (Udfs) -- C:\WINDOWS\System32\drivers\udfs.sys (Microsoft Corporation)
DRV - (aec) -- C:\WINDOWS\system32\drivers\aec.sys (Microsoft Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP)
DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP)
DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (Ftdisk) -- C:\WINDOWS\system32\drivers\ftdisk.sys (Microsoft Corporation)
DRV - (IpFilterDriver) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys (Microsoft Corporation)
DRV - (NwlnkFwd) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys (Microsoft Corporation)
DRV - (Cdaudio) -- C:\WINDOWS\System32\drivers\cdaudio.sys (Microsoft Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (Raspti) -- C:\WINDOWS\system32\drivers\raspti.sys (Microsoft Corporation)
DRV - (cbidf2k) -- C:\WINDOWS\System32\drivers\cbidf2k.sys (Microsoft Corporation)
DRV - (NwlnkFlt) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys (Microsoft Corporation)
DRV - (WS2IFSL) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV - (ACPIEC) -- C:\WINDOWS\System32\drivers\acpiec.sys (Microsoft Corporation)
DRV - (RasAcd) -- C:\WINDOWS\system32\drivers\rasacd.sys (Microsoft Corporation)
DRV - (Fs_Rec) -- C:\WINDOWS\System32\drivers\fs_rec.sys (Microsoft Corporation)
DRV - (ParVdm) -- C:\WINDOWS\System32\drivers\parvdm.sys (Microsoft Corporation)
DRV - (dmload) -- C:\WINDOWS\system32\drivers\dmload.sys (Microsoft Corp., Veritas Software.)
DRV - (RDPCDD) -- C:\WINDOWS\system32\drivers\rdpcdd.sys (Microsoft Corporation)
DRV - (mnmdd) -- C:\WINDOWS\System32\drivers\mnmdd.sys (Microsoft Corporation)
DRV - (Beep) -- C:\WINDOWS\System32\drivers\beep.sys (Microsoft Corporation)
DRV - (PCIIde) -- C:\WINDOWS\system32\drivers\pciide.sys (Microsoft Corporation)
DRV - (Null) -- C:\WINDOWS\System32\drivers\null.sys (Microsoft Corporation)
DRV - (Winsock) -- C:\WINDOWS\System32\winsock.dll (Microsoft Corporation)
DRV - (nvata) -- C:\WINDOWS\system32\drivers\nvata.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (BT848) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys (Leadtek Research Inc.)
DRV - (tv2ktunr) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys (Leadtek Research Inc.)
DRV - (Tv2kXbar) -- C:\WINDOWS\system32\drivers\wf2kXbar.sys (Leadtek Research Inc.)
DRV - (WpdUsb) -- C:\WINDOWS\system32\drivers\wpdusb.sys (Microsoft Corporation)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (mouhid) -- C:\WINDOWS\system32\drivers\mouhid.sys (Microsoft Corporation)
DRV - (audstub) -- C:\WINDOWS\system32\drivers\audstub.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: avg@toolbar:13.2.0.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Bab2fff38-aae0-4afa-8635-ceca6344bb86%7D&mid=59802b646b7947d19eb0d15f51f281d0-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.23&lang=cs&pr=fr&d=2012-01-02%2018%3A56%3A09&sap=ku&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[peetr.j]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.19 15:30:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.27 17:45:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.12.27 12:02:24 | 000,000,000 | ---D | M]

[2010.05.25 10:48:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\saša\Data aplikací\Mozilla\Extensions
[2010.05.25 10:48:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\saša\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.12.19 15:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\saša\Data aplikací\Mozilla\Firefox\Profiles\wlrcba79.default\extensions
[2012.12.27 13:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.12.27 13:29:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.19 15:30:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.12.19 15:30:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2003.07.15 06:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2012.07.27 21:51:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2012.12.19 15:30:28 | 000,003,413 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.12.19 15:30:28 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.12.19 15:30:28 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.02 22:51:07 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.12.19 15:30:28 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.12.19 15:30:28 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.12.19 15:30:28 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.12.28 16:19:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\personál\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 6607212562 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.228.45.254 91.228.46.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37C6DC6A-1D9E-4BBE-AB38-E2D71BDADE90}: DhcpNameServer = 91.228.45.254 91.228.46.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{584B5F11-7545-4F94-B5C3-AD522FA94466}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1ECEDC9-E90E-4886-9466-676E77C76FEA}: DhcpNameServer = 192.168.218.51 192.168.218.15
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.03 11:36:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 14 Days ==========

[2012.12.29 18:04:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\saša\Plocha\OTL.exe
[2012.12.29 18:04:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Dokumenty\Stažené soubory
[2012.12.29 09:10:54 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.28 13:11:10 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.12.28 13:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.12.28 08:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\Malwarebytes
[2012.12.28 08:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2012.12.28 08:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2012.12.28 08:39:43 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.12.28 08:39:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.27 19:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2012.12.27 19:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.12.27 17:53:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\saša\Recent
[2012.12.27 17:46:57 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012.12.27 17:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2012.12.27 17:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.12.27 17:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.12.27 17:44:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012.12.27 17:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.12.27 17:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\DVD Decrypter
[2012.12.27 17:08:29 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2012.12.27 17:08:28 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2012.12.27 17:08:28 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2012.12.27 17:08:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2012.12.27 17:08:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012.12.27 17:08:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012.12.27 17:08:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2012.12.27 17:08:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2012.12.27 17:08:27 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2012.12.27 17:08:27 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012.12.27 17:08:26 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll
[2012.12.27 17:08:24 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2012.12.27 17:08:24 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2012.12.27 17:08:24 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2012.12.27 17:08:23 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2012.12.27 17:08:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2012.12.27 17:08:23 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2012.12.27 17:08:23 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2012.12.27 17:08:23 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2012.12.27 17:08:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2012.12.27 17:08:22 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2012.12.27 17:08:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2012.12.27 17:08:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2012.12.27 17:08:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2012.12.27 17:08:21 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2012.12.27 17:08:20 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2012.12.27 17:08:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2012.12.27 17:08:19 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2012.12.27 17:08:19 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2012.12.27 17:08:19 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2012.12.27 17:08:19 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2012.12.27 17:08:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2012.12.27 17:08:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2012.12.27 17:08:18 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2012.12.27 17:08:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2012.12.27 17:08:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2012.12.27 17:08:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2012.12.27 17:08:17 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2012.12.27 17:08:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2012.12.27 17:08:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2012.12.27 17:08:17 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2012.12.27 17:08:16 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2012.12.27 17:08:16 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2012.12.27 17:08:15 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2012.12.27 17:08:15 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2012.12.27 17:08:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2012.12.27 17:08:15 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2012.12.27 17:08:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2012.12.27 17:08:14 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2012.12.27 17:08:14 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2012.12.27 17:08:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2012.12.27 17:08:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2012.12.27 17:08:13 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2012.12.27 17:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Call of Duty - United Offensive
[2012.12.27 16:48:32 | 000,223,128 | ---- | C] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2012.12.27 16:45:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\saša\PrivacIE
[2012.12.27 16:39:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\saša\IETldCache
[2012.12.27 16:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Call of Duty
[2012.12.27 16:20:58 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.12.27 16:05:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.12.27 15:59:14 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.12.27 15:59:14 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.12.27 15:59:12 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.12.27 15:59:03 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012.12.27 15:59:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.12.27 15:55:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.12.27 15:54:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.12.27 15:22:35 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.12.27 15:22:03 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.12.27 15:21:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.12.27 15:20:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.12.27 15:19:37 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2012.12.27 15:19:08 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.12.27 15:18:49 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012.12.27 15:18:30 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.12.27 15:18:20 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.12.27 14:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Warcraft III
[2012.12.27 14:50:32 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2012.12.27 14:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Return to Castle Wolfenstein
[2012.12.27 14:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Local Settings\Data aplikací\GHISLER
[2012.12.27 14:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Total Commander
[2012.12.27 14:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\GHISLER
[2012.12.27 13:54:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\saša\Dokumenty\Obrázky
[2012.12.27 13:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.12.27 13:40:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.12.27 13:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.12.27 13:30:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.12.27 13:30:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.12.27 13:24:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\rajce
[2012.12.27 13:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2012.12.27 13:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.12.27 13:23:48 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.12.27 12:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\WinRAR
[2012.12.27 12:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2012.12.27 12:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\WinRAR
[2012.12.27 12:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2012.12.27 12:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\TuneUp Software
[2012.12.27 12:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2012.12.27 12:18:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.12.27 12:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2012.12.27 11:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2012.12.25 14:02:43 | 000,000,000 | ---D | C] -- C:\25a3c092e2c903cfee698cfb1829
[2012.12.19 15:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.12.19 15:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2012.12.19 15:19:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Nástroje pro správu
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2012.12.29 18:04:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\saša\Plocha\OTL.exe
[2012.12.29 18:02:37 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.12.29 18:02:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.29 18:02:26 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.29 18:02:26 | 000,225,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.28 16:19:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.12.28 13:11:13 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.12.28 10:07:09 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\ywci.sys
[2012.12.28 10:03:10 | 000,550,017 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\adwcleaner.exe
[2012.12.28 08:43:54 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.12.28 08:42:23 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.12.28 08:39:46 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.12.27 19:03:20 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\CrystalDiskInfo.lnk
[2012.12.27 18:38:44 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Dokumenty.lnk
[2012.12.27 18:35:25 | 000,002,529 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Excel 2003.lnk
[2012.12.27 18:27:42 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Zástupce - Internet Explorer.lnk
[2012.12.27 17:58:53 | 000,002,100 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Word 2003 (2).lnk
[2012.12.27 17:47:25 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.12.27 17:38:49 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\DVD Decrypter.lnk
[2012.12.27 17:06:58 | 000,000,367 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty - United Offensive Single Player.lnk
[2012.12.27 17:06:56 | 000,000,309 | ---- | M] () -- C:\WINDOWS\CoDUO.INI
[2012.12.27 17:02:08 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.12.27 17:02:07 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\saša\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.27 16:57:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.27 16:48:33 | 000,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2012.12.27 16:45:44 | 000,096,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd6861.sys
[2012.12.27 16:30:11 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Call of Duty Single Player.lnk
[2012.12.27 16:30:09 | 000,000,705 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2012.12.27 16:18:14 | 000,000,635 | ---- | M] () -- C:\WINDOWS\Rtcw.INI
[2012.12.27 15:48:37 | 000,048,052 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2012.12.27 15:48:36 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Frozen Throne.lnk
[2012.12.27 15:48:21 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2012.12.27 15:48:20 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2012.12.27 15:08:44 | 000,000,627 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Warcraft III.lnk
[2012.12.27 14:28:54 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Wolfenstein (Single Player).lnk
[2012.12.27 14:00:55 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Total Commander.lnk
[2012.12.27 13:58:40 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.27 13:58:40 | 000,309,716 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.12.27 13:58:40 | 000,046,016 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.12.27 13:58:40 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.12.27 13:54:54 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.12.27 13:34:16 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2012.12.27 13:24:21 | 000,000,508 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\rajče průvodce.lnk
[2012.12.27 13:24:08 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.12.27 11:21:49 | 000,001,207 | -H-- | M] () -- C:\WINDOWS\EPMBatch.ept
[2012.12.19 15:23:09 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012.12.19 14:33:07 | 000,001,329 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Nero.lnk
[2012.12.19 14:28:15 | 000,000,169 | ---- | M] () -- C:\UnInstall.dat
[2012.12.19 14:24:18 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.12.28 13:11:13 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.12.28 13:11:11 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.12.28 10:07:09 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\ywci.sys
[2012.12.28 10:03:06 | 000,550,017 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\adwcleaner.exe
[2012.12.28 08:43:52 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.12.28 08:39:46 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.12.27 19:03:20 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\CrystalDiskInfo.lnk
[2012.12.27 18:38:44 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Dokumenty.lnk
[2012.12.27 18:35:25 | 000,002,529 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Excel 2003.lnk
[2012.12.27 18:27:42 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Zástupce - Internet Explorer.lnk
[2012.12.27 17:58:53 | 000,002,100 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Word 2003 (2).lnk
[2012.12.27 17:47:24 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.12.27 17:38:49 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\DVD Decrypter.lnk
[2012.12.27 17:08:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012.12.27 17:08:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012.12.27 17:08:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2012.12.27 17:08:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012.12.27 17:08:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2012.12.27 17:08:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012.12.27 17:08:26 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2012.12.27 17:08:25 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2012.12.27 17:08:24 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2012.12.27 17:08:24 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2012.12.27 17:08:24 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2012.12.27 17:06:58 | 000,000,367 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty - United Offensive Single Player.lnk
[2012.12.27 16:57:55 | 000,000,309 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2012.12.27 16:45:44 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd6861.sys
[2012.12.27 16:30:11 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Call of Duty Single Player.lnk
[2012.12.27 16:21:57 | 000,000,705 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2012.12.27 15:48:36 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Frozen Throne.lnk
[2012.12.27 15:18:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.12.27 15:18:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.12.27 15:08:44 | 000,000,627 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Warcraft III.lnk
[2012.12.27 14:50:34 | 000,048,052 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2012.12.27 14:50:33 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2012.12.27 14:28:54 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Wolfenstein (Single Player).lnk
[2012.12.27 14:22:35 | 000,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2012.12.27 14:00:55 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Total Commander.lnk
[2012.12.27 13:24:21 | 000,000,508 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\rajče průvodce.lnk
[2012.12.27 13:24:08 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.12.27 12:13:07 | 1610,141,696 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.27 11:19:55 | 000,001,207 | -H-- | C] () -- C:\WINDOWS\EPMBatch.ept
[2012.12.19 15:30:41 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2012.12.19 14:33:07 | 000,001,329 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Nero.lnk
[2012.12.19 14:28:15 | 000,000,169 | ---- | C] () -- C:\UnInstall.dat
[2012.12.19 14:28:14 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\grwinsthlp.exe
[2012.12.19 14:24:18 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2011.05.04 18:10:28 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.03.12 22:31:43 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\saša\default.pls
[2008.03.02 16:36:11 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\saša\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.29 22:08:28 | 000,001,240 | ---- | C] () -- C:\Documents and Settings\saša\Data aplikací\wklnhst.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.10.31 12:32:37 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2006.07.03 08:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG7
[2012.01.02 18:56:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.12.27 12:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2012.12.27 11:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2012.12.07 14:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
[2012.12.27 12:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2006.07.03 08:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2012.12.27 12:18:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2006.07.03 08:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\AVG7
[2011.05.28 22:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personál\Data aplikací\go
[2010.01.20 17:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personál\Data aplikací\OpenOffice.org
[2012.12.27 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\ESET
[2012.12.27 14:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\GHISLER
[2010.01.20 17:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\OpenOffice.org
[2012.11.29 22:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Opera
[2008.03.04 19:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Template
[2012.12.27 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\TuneUp Software

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2008.03.12 20:40:13 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacￃﾭ
[2008.03.12 20:40:13 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacￃﾭ
(C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacￃﾭ

< End of report >

[peetr.j]

OTL Extras logfile created on: 29.12.2012 18:06:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\saša\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 60,73% Memory free
2,10 Gb Paging File | 1,65 Gb Available in Paging File | 78,47% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,54 Gb Total Space | 17,11 Gb Free Space | 48,14% Space Free | Partition Type: NTFS
Drive K: | 113,50 Gb Total Space | 81,79 Gb Free Space | 72,06% Space Free | Partition Type: NTFS

Computer Name: N-41686FEFA1164 | User Name: saša | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TL-WN721N/TL-WN722N Driver
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{99DFA96E-68C8-48CC-B7A8-72FEF27F6CC1}" = ESET Smart Security
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BSPlayer1" = BSPlayer
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.5
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"rajče.net_is1" = rajče průvodce verze 1.59.45.260
"Return to Castle Wolfenstein" = Return to Castle Wolfenstein
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.11 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1375575144-2285403485-1810680641-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.12.2012 20:08:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 6.12.2012 4:33:57 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 7.12.2012 4:29:05 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 7.12.2012 5:29:50 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.3520, adresa chyby 0x00011daa.

Error - 7.12.2012 6:06:14 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul swkotor2.exe,
verze 2.0.0.0, adresa chyby 0x000b4b8d.

Error - 10.12.2012 4:08:51 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 11.12.2012 4:10:30 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 12.12.2012 6:41:45 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 12.12.2012 6:52:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 19.12.2012 9:23:52 | Computer Name = N-41686FEFA1164 | Source = MsiInstaller | ID = 11905
Description = Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
failed to unregister. HRESULT -2147220472. Contact your support personnel.

[ Application Events ]
Error - 5.12.2012 20:08:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 6.12.2012 4:33:57 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 7.12.2012 4:29:05 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 7.12.2012 5:29:50 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.3520, adresa chyby 0x00011daa.

Error - 7.12.2012 6:06:14 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul swkotor2.exe,
verze 2.0.0.0, adresa chyby 0x000b4b8d.

Error - 10.12.2012 4:08:51 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 11.12.2012 4:10:30 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 12.12.2012 6:41:45 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 12.12.2012 6:52:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =

Error - 19.12.2012 9:23:52 | Computer Name = N-41686FEFA1164 | Source = MsiInstaller | ID = 11905
Description = Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
failed to unregister. HRESULT -2147220472. Contact your support personnel.

[ System Events ]
Error - 29.12.2012 12:55:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058

Error - 29.12.2012 12:55:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 29.12.2012 12:55:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 29.12.2012 12:55:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 29.12.2012 12:55:57 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avgtp

Error - 29.12.2012 13:02:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058

Error - 29.12.2012 13:02:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 29.12.2012 13:02:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 29.12.2012 13:02:51 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba vToolbarUpdater13.2.0 neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 29.12.2012 13:02:58 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avgtp


< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\personál\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = File not found
SRV - (vToolbarUpdater13.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe File not found
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys File not found
DRV - (WFIOCTL) -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS File not found
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..extensions.enabledItems: avg@toolbar:13.2.0.5
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Bab2fff38-aae0-4afa-8635-ceca6344bb86%7D&mid=59802b646b7947d19eb0d15f51f281d0-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.23&lang=cs&pr=fr&d=2012-01-02%2018%3A56%3A09&sap=ku&q="
FF - user.js - File not found

:Services
vToolbarUpdater13.2.0
WFIOCTL
avgtp

:Files
C:\UnInstall.dat
C:\WINDOWS\System32\grwinsthlp.exe
C:\WINDOWS\System32\ezsidmv.dat
C:\Documents and Settings\Administrator\Data aplikací\AVG7
C:\Documents and Settings\Default User\Data aplikací\AVG7
C:\Program Files\Common Files\AVG Secure Search
C:\WINDOWS\system32\drivers\avgtpx86.sys
C:\WINDOWS\System32\drivers\ywci.sys
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\system32\SET*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\RECYCLER
C:\Windows\tasks\*.job

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[peetr.j]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
C:\Documents and Settings\personál\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk moved successfully.
Service vToolbarUpdater13.2.0 stopped successfully!
Service vToolbarUpdater13.2.0 deleted successfully!
File C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe File not found not found.
Service avgtp stopped successfully!
Service avgtp deleted successfully!
File C:\WINDOWS\system32\drivers\avgtpx86.sys File not found not found.
Service WFIOCTL stopped successfully!
Service WFIOCTL deleted successfully!
File C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS File not found not found.
Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
Prefs.js: avg@toolbar:13.2.0.5 removed from extensions.enabledItems
Prefs.js: "http://isearch.avg.com/search?cid=%7Bab2fff38-aae0-4afa-8635-ceca6344bb86%7D&mid=59802b646b7947d19eb0d15f51f281d0-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.23&lang=cs&pr=fr&d=2012-01-02%2018%3A56%3A09&sap=ku&q=" removed from keyword.URL
File rity] not found.
File ptytemp] not found.
File ptyflash] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 12302012_081948

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Damned]

Udělej ten skript pro OTL ještě jednou:

File rity] not found.
File ptytemp] not found.
File ptyflash] not found.
File art explorer] not found.
File boot] not found.

Špatně si ho zkopíroval. Každá hodnota musí být od hrany okýnka, bez mezery

[peetr.j]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
File move failed. C:\Documents and Settings\personál\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk scheduled to be moved on reboot.
Error: No service named vToolbarUpdater13.2.0 was found to stop!
Service\Driver key vToolbarUpdater13.2.0 not found.
File C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe File not found not found.
Error: No service named avgtp was found to stop!
Service\Driver key avgtp not found.
File C:\WINDOWS\system32\drivers\avgtpx86.sys File not found not found.
Error: No service named WFIOCTL was found to stop!
Service\Driver key WFIOCTL not found.
File C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS File not found not found.
Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename
Prefs.js: avg@toolbar:13.2.0.5 removed from extensions.enabledItems
Prefs.js: "http://isearch.avg.com/search?cid=%7Bab2fff38-aae0-4afa-8635-ceca6344bb86%7D&mid=59802b646b7947d19eb0d15f51f281d0-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=9.0.0.23&lang=cs&pr=fr&d=2012-01-02%2018%3A56%3A09&sap=ku&q=" removed from keyword.URL
========== SERVICES/DRIVERS ==========
Error: No service named vToolbarUpdater13.2.0 was found to stop!
Service\Driver key vToolbarUpdater13.2.0 not found.
Error: No service named WFIOCTL was found to stop!
Service\Driver key WFIOCTL not found.
Error: No service named avgtp was found to stop!
Service\Driver key avgtp not found.
========== FILES ==========
C:\UnInstall.dat moved successfully.
C:\WINDOWS\System32\grwinsthlp.exe moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\AVG7 folder moved successfully.
C:\Documents and Settings\Default User\Data aplikací\AVG7 folder moved successfully.
File\Folder C:\Program Files\Common Files\AVG Secure Search not found.
File\Folder C:\WINDOWS\system32\drivers\avgtpx86.sys not found.
C:\WINDOWS\System32\drivers\ywci.sys moved successfully.
C:\WINDOWS\002585_.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\RECYCLER\S-1-5-21-1375575144-2285403485-1810680641-1005 folder moved successfully.
C:\RECYCLER folder moved successfully.
File\Folder C:\$RECYCLE.BIN not found.
File\Folder C:\RECYCLER not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes

User: Owner
->Temp folder emptied: 0 bytes

User: personál
->Temp folder emptied: 0 bytes
->Java cache emptied: 412891 bytes
->FireFox cache emptied: 113597418 bytes
->Flash cache emptied: 2863946 bytes

User: saÜa

User: saša
->Temp folder emptied: 813898 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 101700986 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1692 bytes

User: saￅﾡa

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34306 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 209,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Owner

User: personál
->Flash cache emptied: 0 bytes

User: saÜa

User: saša
->Flash cache emptied: 0 bytes

User: saￅﾡa

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12302012_101210

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\personál\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Damned]

Smaž složku C:\_OTL a vysypej Koš.

Spusť OTL a klikni na "Vyčisti". Po restartu mi sem dej nový log z HJT a popiš chování PC.

[peetr.j]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:53:27, on 30.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
K:\Dokumenty\Stažené soubory\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6607212562
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6091 bytes

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Chování pc:
přetrvává dlouhé načítání obsahu okna tento počítač
Když dám správce zařízení - zůstane prázdné okno, nic se nezobrazí, jen lišta nabídky....
Pokud dam vyhledavač a chci neco hledat dlouho drva než se načtou disky a je možné zahájit hledání

[Damned]

Stáhni si znova OTL na Plochu a spusť ho.

Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Poté klikni nahoře na Prohledat. Nech program nerušeně běžet. Po dokončení se objeví log , prosím zkopíruj sem celý jeho obsah.