Dobrý den, NOD 32 mi našel trojana Kryptik.ASY . Mohl by jste mi někdo poradit jak je dostat pryč s PC ? Děkuji R.
Log z RSIT přikládám níže:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Rob at 2009-10-14 13:56:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (3%) free of 36 GB
Total RAM: 1023 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:01, on 14.10.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\restorer64_a.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Documents and Settings\Rob\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Documents and Settings\Rob\restorer64_a.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Documents and Settings\Rob\Data aplikací\seres.exe
C:\Documents and Settings\Rob\Data aplikací\svcst.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\VideoMate\ComproRemote.exe
C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lingea\Lexicon\LEXICON.EXE
D:\Programy\RSIT.exe
C:\Program Files\trend micro\Rob.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [sysgif32] C:\WINDOWS\Temp\wpv181254983689.exe
O4 - HKLM\..\Run: [restorer64_a] C:\WINDOWS\system32\restorer64_a.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Rob\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [restorer64_a] C:\Documents and Settings\Rob\restorer64_a.exe
O4 - HKCU\..\Run: [mserv] C:\Documents and Settings\Rob\Data aplikací\seres.exe
O4 - HKCU\..\Run: [svchost] C:\Documents and Settings\Rob\Data aplikací\svcst.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ikowin32.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: ComproRemote.lnk = ?
O4 - Global Startup: ComproSchedulerDTV.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1C1BF636-D768-4AE1-A1EA-BF948F3AF9AF} (Media Class) - http://www.ipstreamingservice.com/downl ... ontrol.Dll
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.235.138/plugin/h263ctrl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c986318c120822) (gupdate1c986318c120822) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11700 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-05-30 1410344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-26 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-19 2403392]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-08-14 917504]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2004-10-29 4620288]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2004-10-29 86016]
"CmPCIaudio"=RunDll32 CMICNFG3.CPL,CMICtrlWnd []
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-04-29 188416]
"ScanRegistry"=C:\W []
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2005-12-10 133016]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2003-11-10 406016]
"PMCS"=C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug []
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-11-12 185632]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"NPSStartup"= []
"sysgif32"=C:\WINDOWS\Temp\wpv181254983689.exe []
"restorer64_a"=C:\WINDOWS\system32\restorer64_a.exe [2009-10-12 45056]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\MSMSGS.EXE [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-12-16 94208]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"Google Update"=C:\Documents and Settings\Rob\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2008-08-30 133104]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-01-08 98304]
"restorer64_a"=C:\Documents and Settings\Rob\restorer64_a.exe [2009-10-12 45056]
"mserv"=C:\Documents and Settings\Rob\Data aplikací\seres.exe [2009-10-14 21504]
"svchost"=C:\Documents and Settings\Rob\Data aplikací\svcst.exe [2009-10-14 21504]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
ComproRemote.lnk - C:\Program Files\Common Files\VideoMate\ComproRemote.exe
ComproSchedulerDTV.lnk - C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe

C:\Documents and Settings\Rob\Nabídka Start\Programy\Po spuštění
ikowin32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\InterVideo\DVD6\WinDVD.exe"="C:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe"
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe"
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:*:Enabled: "
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService"
"C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe"="C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Disabled:Age of Empires II"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Alien Arena 2009\crx.exe"="C:\Alien Arena 2009\crx.exe:*:Enabled:crx"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\WINDOWS\Temp\wpv181254983689.exe"="C:\WINDOWS\Temp\wpv181254983689.exe:*:Enabled:services"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22a6be83-4940-11de-90b4-000fea14ec2b}]
shell\AutoRun\command - H:\WD_Windows_Tools\Setup.exe


======File associations======

.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-10-14 13:56:35 ----D---- C:\Program Files\trend micro
2009-10-14 13:56:34 ----D---- C:\rsit
2009-10-14 13:33:12 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-10-14 13:25:21 ----A---- C:\Documents and Settings\Rob\Data aplikací\svcst.exe
2009-10-14 13:21:33 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{EF63305C-BAD7-4144-9208-D65528260864}
2009-10-14 13:21:26 ----D---- C:\Program Files\Lavasoft
2009-10-14 13:21:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2009-10-14 13:03:43 ----A---- C:\Documents and Settings\Rob\Data aplikací\seres.exe
2009-10-14 11:34:25 ----A---- C:\Documents and Settings\Rob\Data aplikací\lizkavd.exe
2009-10-14 11:22:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
2009-10-14 11:22:00 ----A---- C:\WINDOWS\wininit.ini
2009-10-12 21:03:48 ----A---- C:\WINDOWS\system32\restorer64_a.exe
2009-09-15 07:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-15 07:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-15 07:25:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$

======List of files/folders modified in the last 1 months======

2009-10-14 13:56:52 ----D---- C:\WINDOWS\Temp
2009-10-14 13:56:35 ----RD---- C:\Program Files
2009-10-14 13:33:12 ----D---- C:\WINDOWS\system32
2009-10-14 13:26:52 ----D---- C:\WINDOWS\system32\drivers
2009-10-14 13:26:20 ----D---- C:\Program Files\Mozilla Firefox
2009-10-14 13:25:38 ----SD---- C:\WINDOWS\Tasks
2009-10-14 13:25:35 ----D---- C:\WINDOWS
2009-10-14 13:24:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-14 13:24:02 ----A---- C:\WINDOWS\LEXICON.INI
2009-10-14 13:23:51 ----HD---- C:\WINDOWS\inf
2009-10-14 13:23:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-14 13:23:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-14 13:21:33 ----SHD---- C:\WINDOWS\Installer
2009-10-14 13:21:33 ----D---- C:\Config.Msi
2009-10-14 13:21:23 ----D---- C:\WINDOWS\WinSxS
2009-10-14 13:18:21 ----D---- C:\Documents and Settings\Rob\Data aplikací\Lavasoft
2009-10-14 13:16:55 ----D---- C:\WINDOWS\Prefetch
2009-10-14 13:00:38 ----SD---- C:\Documents and Settings\Rob\Data aplikací\Microsoft
2009-10-13 20:13:44 ----D---- C:\Documents and Settings\Rob\Data aplikací\Skype
2009-10-13 17:46:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2009-10-12 21:04:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-12 14:16:46 ----SHD---- C:\WINDOWS\CSC
2009-10-11 17:17:58 ----A---- C:\AILog.txt
2009-10-09 10:02:01 ----A---- C:\WINDOWS\NeroDigital.ini
2009-10-02 19:01:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-02 19:01:10 ----A---- C:\WINDOWS\Disney.ini
2009-10-02 13:33:39 ----D---- C:\WINDOWS\Help
2009-09-15 07:26:04 ----A---- C:\WINDOWS\imsins.BAK
2009-09-15 07:26:00 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\System32\drivers\amon.sys []
R2 Ethpdrv;Ethernet Packet Driver; C:\WINDOWS\system32\DRIVERS\ethpdrv.sys [2005-09-08 9728]
R3 AF15BDA;WinFast DTV Dongle Gold BDA Filter; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2007-07-04 306816]
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmuda3.sys [2004-08-16 798592]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2007-10-07 223128]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-09-04 41984]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-10-29 2826944]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-08-11 27232]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 ZSMC301b;VideoCAM Web V4; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-02-27 90534]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 PinnacleMicroTV;Pinnacle Systems MicroTV Device; C:\WINDOWS\system32\DRIVERS\MicroTV.sys [2005-07-12 114048]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\Mozilla Firefox\SysInfo.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 ipw_bus;IPWireless; C:\WINDOWS\system32\DRIVERS\ipw_bus.sys [2005-09-27 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter; C:\WINDOWS\system32\DRIVERS\ipw_mdfl.sys [2005-09-27 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM); C:\WINDOWS\system32\DRIVERS\ipw_mdm.sys [2005-09-27 95440]
S3 mod7700;VideoMate U500 Family; C:\WINDOWS\System32\Drivers\mod7700.sys [2006-11-21 369152]
S3 MODRC;VideoMate U500 Family IR; C:\WINDOWS\system32\DRIVERS\modrc.sys [2006-11-14 13056]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-01-08 233472]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2005-05-04 9150464]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-08-14 495616]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2004-10-29 127043]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
S02000000 OMSCAN;OMSCAN; Base []
S2 gupdate1c986318c120822;Google Update Service (gupdate1c986318c120822); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-26 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-10-01 74360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-10-14 1028432]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

zdravim
stiahnes combofix takto>.pravy klik na odkaz combofixu--ulozit odkaz ako,,,napises combo-fix.exe a ulozis na plochu,,potom uz postupuj podla navodu a suhlas aj instalaciou konzoly pre zotavenie>.pre SP2=SP3navod<<

_________________
Dôležité informácie.

Počas liečby dodržujte inštrukcie a nerobte nič naviac a ani menej,,nespúšťajte žiaden iný program z vlastnej iniciatívy,,
Opravy a poradenstva v tomto vlákne sú len pre tento stroj. Neprenášajte pokyny z tohto vlákna na váš počítač,môžete poškodiť systém



Thanks! Vďaka!

Mám problém , že mi nejde vypnout NOD32 rezidentní i tak jsem spustil Combofix ,ale soubor se mi na C:\Combofix.txt nevytvořil . Trojan stále v PC. Co dále s tím ?

stiahni Malwarebytes-MBAM-z podpisu,,nainstalovat aktualizovat_sprav UPLNY-KOMPLET skan log vloz sem,

_________________
Dôležité informácie.

Počas liečby dodržujte inštrukcie a nerobte nič naviac a ani menej,,nespúšťajte žiaden iný program z vlastnej iniciatívy,,
Opravy a poradenstva v tomto vlákne sú len pre tento stroj. Neprenášajte pokyny z tohto vlákna na váš počítač,môžete poškodiť systém



Thanks! Vďaka!

Log z Malwarebytes vložen níže:

Malwarebytes' Anti-Malware 1.41
Verze databáze: 2962
Windows 5.1.2600 Service Pack 3

14.10.2009 22:00:16
mbam-log-2009-10-14 (22-00-11).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 245543
Uplynulý čas: 53 minute(s), 0 second(s)

Infikované procesy v paměti: 4
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 6
Infikované datové položky registru: 0
Infikované adresáře: 3
Infikované soubory: 35

Infikované procesy v paměti:
C:\Documents and Settings\Rob\Data aplikací\seres.exe (Worm.Ecard) -> No action taken.
C:\Documents and Settings\Rob\Data aplikací\svcst.exe (Worm.Ecard) -> No action taken.
C:\Documents and Settings\Rob\restorer64_a.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\restorer64_a.exe (Trojan.FakeAlert) -> No action taken.

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mserv (Worm.Ecard) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Worm.Ecard) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysgif32 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\restorer64_a (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\restorer64_a (Trojan.FakeAlert) -> No action taken.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
C:\Documents and Settings\All Users\Data aplikací\Secure Solutions (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\Secure Solutions\Antispyware 2008 XP (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\Secure Solutions\Antispyware 2008 XP\LOG (Rogue.Multiple) -> No action taken.

Infikované soubory:
C:\Documents and Settings\Rob\Data aplikací\seres.exe (Worm.Ecard) -> No action taken.
C:\Documents and Settings\Rob\Data aplikací\svcst.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136608.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136611.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136617.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136538.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136539.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136587.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136589.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136591.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136599.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136619.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP723\A0136712.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP725\A0136752.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP725\A0136782.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP725\A0136807.exe (Worm.Ecard) -> No action taken.
C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}\RP725\A0136808.exe (Worm.Ecard) -> No action taken.
C:\WINDOWS\system32\drivers\953.exe (Worm.Ecard) -> No action taken.
C:\Documents and Settings\Rob\Local Settings\Temp\BN3.tmp (Worm.Ecard) -> No action taken.
C:\Documents and Settings\Rob\Local Settings\Temp\BN8.tmp (Worm.Ecard) -> No action taken.
D:\Instalacky\ACDSee.v9.0.108.Photo.Manager\keygen.exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\Secure Solutions\Antispyware 2008 XP\LOG\20080808231710203.log (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\Secure Solutions\Antispyware 2008 XP\LOG\20080808232023921.log (Rogue.Multiple) -> No action taken.
C:\Documents and Settings\Rob\Data aplikací\lizkavd.exe (Rogue.AntiVirusPro) -> No action taken.
C:\Documents and Settings\Rob\Data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
C:\Documents and Settings\Rob\Nabídka Start\Programy\Po spuštění\ikowin32.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Rob\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> No action taken.
C:\Documents and Settings\Rob\restorer64_a.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\restorer64_a.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\drivers\265.exe (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\546.exe (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\671.exe (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\890.exe (Rootkit.Agent) -> No action taken.

zmaz vsetko co malwarebytes nasiel a spust combofix,,ignoruj hlasku combofixu o zapnutom NOD,,u,,log vloz sem,

_________________
Dôležité informácie.

Počas liečby dodržujte inštrukcie a nerobte nič naviac a ani menej,,nespúšťajte žiaden iný program z vlastnej iniciatívy,,
Opravy a poradenstva v tomto vlákne sú len pre tento stroj. Neprenášajte pokyny z tohto vlákna na váš počítač,môžete poškodiť systém



Thanks! Vďaka!

Co bylo nalezeno Malwarebytes jsem smazal a spustil Combofix. Neboběhl mi do konce systém zkolaboval naběhla modrá obrazovka s hláškou:

Byly zjištěny potíže a systém windows byl ukončen,aby nedošlo k poškození počítače.
BAD_POOL_HEADER
Pokud je to poprvé, co vidíte obrazovku s chybou zastavení počítače, restartujte počítač. Pokud se obrazovka objedvi znovu, pokračujte těmito kroky:
Ujistěte se , že nový HW a soft. jsou správně instalovány.
Pokud se jedná o novou instalaci, obtatte se na dodavatele hw nebo soft. a vyžádejte si případně aktualizace systému windows.
Pokud potíže potrvají vypněte nebo odeberte instalovaný hw nebo soft.Zakazte moznosti pameti systemu BIOS, například ukládání do mezipaměti nebo stínové řízení. Pokud potřebujete pro odebrání nebo vypnutí součástí pouzití nouzový režim ( který mi mimochodem nefunguje - nejde spustit F8kou) vyberte upřesnění možností spouštění a pote vyberte polozku nouzový režim.
Technicke informace:
***STOP:0x00000019 (0x00000020,0x851C0AD8,0x851C0EF0,0x1A83001A)

Zahajování výpisu fyzické paměti RAM
Výpis fyzické paměti je dokončen.
Požádejte o pomoc spravce systému nebo skupinu technické podpory.

Toť zatím vše

noo toto je jednoznacne HW-problem,
RAM
Zdroj
atd
teraz si na tom ako??mozes do win,,alebo nie,

_________________
Dôležité informácie.

Počas liečby dodržujte inštrukcie a nerobte nič naviac a ani menej,,nespúšťajte žiaden iný program z vlastnej iniciatívy,,
Opravy a poradenstva v tomto vlákne sú len pre tento stroj. Neprenášajte pokyny z tohto vlákna na váš počítač,môžete poškodiť systém



Thanks! Vďaka!

Jsem na tom tak, že když restartuji PC tak normálně jede ,ale trojan je tam pořád .. četl jsem že by toho trojana Kryptik.ASY mohl uměl odtsranit soft PREVX ,ale jen v placené verzi ( nechce se mi dávat cca 15 dolarů ješte z nejistým výsledkem) . Jinak přihlašuji se jen občas, protože makám na druhém PC ( notasu)

ok,stacis,,
takto,,neskusaj a neinstaluj nic,,nakolko ta hlaska moze byt aj SW-problem,,rob len to co ja ti pisem,,nic viac a nic menej,,ak si nieco instaloval odinstalovat,

_________________
Dôležité informácie.

Počas liečby dodržujte inštrukcie a nerobte nič naviac a ani menej,,nespúšťajte žiaden iný program z vlastnej iniciatívy,,
Opravy a poradenstva v tomto vlákne sú len pre tento stroj. Neprenášajte pokyny z tohto vlákna na váš počítač,môžete poškodiť systém



Thanks! Vďaka!

Tak jsem udělal co jsi radil
Tady první log z OTL:
OTL logfile created on: 15.10.2009 19:59:25 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Rob\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 570,82 Mb Available Physical Memory | 55,77% Memory free
2,41 Gb Paging File | 2,08 Gb Available in Paging File | 86,30% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,27 Gb Total Space | 2,32 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 76,51 Gb Total Space | 0,22 Gb Free Space | 0,29% Space Free | Partition Type: NTFS
Drive E: | 4,15 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROB-30BN7NJUNKS
Current User Name: Rob
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009.10.15 19:57:05 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rob\Plocha\OTL.exe
PRC - [2009.09.12 11:32:21 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.07.01 08:23:09 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Rob\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
PRC - [2009.03.09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009.03.09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009.01.08 09:55:56 | 00,098,304 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.01.08 09:42:54 | 00,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
PRC - [2008.10.19 15:30:02 | 00,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 05:22:36 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\MSMSGS.EXE
PRC - [2008.04.14 05:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007.11.12 21:39:49 | 00,185,632 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2007.08.14 22:03:27 | 00,917,504 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32kui.exe
PRC - [2007.08.14 22:03:27 | 00,495,616 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe
PRC - [2006.12.05 11:02:02 | 00,155,648 | ---- | M] (Compro Technology, Inc.) -- C:\Program Files\Common Files\VideoMate\ComproRemote.exe
PRC - [2006.11.13 16:50:20 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006.11.13 16:50:06 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006.10.27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006.10.18 16:11:26 | 00,081,920 | ---- | M] (Compro Technology, Inc.) -- C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe
PRC - [2006.09.01 16:57:48 | 00,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2005.12.16 12:57:56 | 00,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
PRC - [2005.12.10 16:57:19 | 00,133,016 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2005.05.04 00:04:28 | 09,150,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
PRC - [2005.02.21 21:18:00 | 00,237,568 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2004.12.13 04:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004.10.29 10:50:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2003.07.31 07:59:14 | 00,561,152 | R--- | M] (VIA) -- C:\Program Files\VIA\RAID\raid_tool.exe
PRC - [2002.04.29 21:11:15 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

========== Win32 Services (SafeList) ==========

SRV - [2009.10.14 13:22:47 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Stopped])
SRV - [2009.03.26 11:06:03 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2009.03.09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009.02.03 20:59:29 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c986318c120822 [Auto | Stopped])
SRV - [2009.01.08 09:42:54 | 00,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe -- (FsUsbExService [Auto | Running])
SRV - [2008.10.19 15:30:02 | 00,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service [Auto | Running])
SRV - [2008.07.29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008.07.29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008.07.29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008.07.25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008.07.25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008.04.14 05:21:53 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007.10.01 20:33:59 | 00,074,360 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [On_Demand | Stopped])
SRV - [2007.08.14 22:03:27 | 00,495,616 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn [Auto | Running])
SRV - [2006.10.27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2006.10.26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006.10.26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2005.05.04 00:04:28 | 09,150,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS [Auto | Running])
SRV - [2005.05.03 22:50:28 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -- (MSSQLServerADHelper [On_Demand | Stopped])
SRV - [2005.05.03 21:42:56 | 00,323,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS [On_Demand | Stopped])
SRV - [2004.12.13 04:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])
SRV - [2004.10.29 10:50:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2009.07.03 16:49:08 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running])
DRV - [2009.01.08 09:42:54 | 00,036,608 | ---- | M] () -- C:\WINDOWS\System32\FsUsbExDisk.SYS -- (FsUsbExDisk [On_Demand | Running])
DRV - [2008.04.13 20:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
DRV - [2008.04.13 20:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
DRV - [2008.04.13 20:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
DRV - [2008.04.13 20:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
DRV - [2008.02.22 15:33:02 | 00,114,304 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\sscdmdm.sys -- (sscdmdm [On_Demand | Stopped])
DRV - [2008.02.22 15:33:02 | 00,014,976 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\sscdmdfl.sys -- (sscdmdfl [On_Demand | Stopped])
DRV - [2008.02.22 15:33:00 | 00,087,936 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\sscdbus.sys -- (sscdbus [On_Demand | Stopped])
DRV - [2007.11.13 12:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2007.10.07 22:23:00 | 00,223,128 | ---- | M] () -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi [On_Demand | Running])
DRV - [2007.10.07 22:21:36 | 00,642,560 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007.08.16 00:33:10 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2007.08.14 22:03:27 | 00,502,208 | ---- | M] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys -- (AMON [Auto | Running])
DRV - [2007.07.04 07:58:26 | 00,306,816 | R--- | M] (AfaTech ) -- C:\WINDOWS\System32\DRIVERS\AF15BDA.sys -- (AF15BDA [On_Demand | Running])
DRV - [2006.11.21 11:24:56 | 00,369,152 | ---- | M] (DiBcom) -- C:\WINDOWS\System32\Drivers\mod7700.sys -- (mod7700 [On_Demand | Stopped])
DRV - [2006.11.14 17:59:12 | 00,013,056 | ---- | M] (DiBcom S.A.) -- C:\WINDOWS\System32\DRIVERS\modrc.sys -- (MODRC [On_Demand | Stopped])
DRV - [2006.11.06 18:04:56 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])
DRV - [2005.10.21 03:47:05 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
DRV - [2005.09.27 10:21:54 | 00,095,440 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ipw_mdm.sys -- (ipw_mdm [On_Demand | Stopped])
DRV - [2005.09.27 10:21:50 | 00,008,272 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ipw_mdfl.sys -- (ipw_mdfl [On_Demand | Stopped])
DRV - [2005.09.27 10:21:28 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\ipw_bus.sys -- (ipw_bus [On_Demand | Stopped])
DRV - [2005.09.08 01:18:54 | 00,009,728 | ---- | M] (Gemfor s.r.o.) -- C:\WINDOWS\System32\DRIVERS\ethpdrv.sys -- (Ethpdrv [Auto | Running])
DRV - [2005.07.12 11:51:26 | 00,114,048 | ---- | M] (Pinnacle Systems) -- C:\WINDOWS\System32\DRIVERS\MicroTV.sys -- (PinnacleMicroTV [System | Stopped])
DRV - [2004.10.29 10:50:00 | 02,826,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2004.08.16 13:17:18 | 00,798,592 | R--- | M] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda3.sys -- (cmuda3 [On_Demand | Running])
DRV - [2004.08.11 10:27:52 | 00,027,232 | ---- | M] (Ulead Systems, Inc.) -- C:\WINDOWS\System32\Drivers\ULCDRHlp.sys -- (ULCDRHlp [On_Demand | Running])
DRV - [2004.08.09 13:33:26 | 00,114,016 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02 [Boot | Running])
DRV - [2004.08.09 13:29:28 | 00,053,920 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06 [System | Running])
DRV - [2004.07.19 16:49:54 | 00,007,040 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1 [Boot | Running])
DRV - [2004.02.27 08:14:30 | 00,090,534 | R--- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\Drivers\usbVM31b.sys -- (ZSMC301b [On_Demand | Running])
DRV - [2003.12.01 17:20:52 | 00,004,832 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01 [Boot | Running])
DRV - [2003.09.04 04:37:04 | 00,041,984 | R--- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5b.sys -- (FETNDISB [On_Demand | Running])
DRV - [2003.07.17 10:10:06 | 00,007,040 | R--- | M] (VIA Networking Technologies, Inc. ) -- C:\WINDOWS\System32\ntsim.sys -- (NTSIM [On_Demand | Stopped])
DRV - [2003.07.01 22:42:00 | 00,027,904 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1 [Boot | Running])
DRV - [2003.06.12 12:31:46 | 00,075,904 | R--- | M] (VIA Technologies inc,.ltd) -- C:\WINDOWS\system32\drivers\viasraid.sys -- (viasraid [Boot | Running])
DRV - [2001.10.25 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2001.08.17 22:13:08 | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys -- (FETNDIS [On_Demand | Stopped])
DRV - [2001.08.17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-725345543-507921405-839522115-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-725345543-507921405-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-725345543-507921405-839522115-1003\S-1-5-21-725345543-507921405-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008.11.29 11:49:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 13:47:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.09.15 15:43:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.09.12 11:32:27 | 00,000,000 | ---D | M]

[2009.03.25 20:38:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\mozilla\Extensions
[2008.09.01 19:11:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.03.25 20:38:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\mozilla\Extensions\XulPlayer
[2009.10.14 20:22:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\mozilla\Firefox\Profiles\32ugf2dr.default\extensions
[2009.09.02 19:10:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\mozilla\Firefox\Profiles\32ugf2dr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.11.29 11:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\mozilla\Firefox\Profiles\32ugf2dr.default\extensions\cs@dictionaries.addons.mozilla(2).org
[2009.10.15 14:16:56 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Rob\Data aplikací\Mozilla\FireFox\Profiles\32ugf2dr.default\searchplugins\icqplugin-2.xml
[2009.06.30 15:08:25 | 00,000,950 | ---- | M] () -- C:\Documents and Settings\Rob\Data aplikací\Mozilla\FireFox\Profiles\32ugf2dr.default\searchplugins\icqplugin-3.xml
[2009.04.21 13:18:55 | 00,000,950 | ---- | M] () -- C:\Documents and Settings\Rob\Data aplikací\Mozilla\FireFox\Profiles\32ugf2dr.default\searchplugins\icqplugin.xml
[2009.10.14 20:22:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009.09.12 11:32:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007.10.01 21:43:47 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007.11.05 21:18:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008.04.03 17:55:26 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008.08.03 15:20:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008.11.29 11:49:37 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009.01.10 09:07:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.03.31 20:32:10 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.09.12 11:32:20 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009.09.12 11:32:20 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009.03.09 05:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2008.09.16 02:11:52 | 01,335,600 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2008.09.16 02:12:12 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009.09.12 11:32:22 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2007.05.10 22:52:00 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007.11.12 21:39:53 | 00,144,720 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2007.12.02 19:12:03 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2007.12.02 19:12:03 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2007.12.02 19:12:03 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2007.12.02 19:12:03 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2007.12.02 19:12:03 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2007.12.02 19:12:03 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2007.12.02 19:12:03 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007.11.12 21:39:58 | 00,024,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2007.11.12 21:39:52 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009.07.02 18:57:29 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009.07.02 18:57:29 | 00,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.07.02 18:57:29 | 00,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.07.02 18:57:29 | 00,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.07.02 18:57:29 | 00,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.07.02 18:57:29 | 00,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (737 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-725345543-507921405-839522115-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Ser File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [ScanRegistry] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-725345543-507921405-839522115-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-725345543-507921405-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-725345543-507921405-839522115-1003..\Run: [Google Update] C:\Documents and Settings\Rob\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-725345543-507921405-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-725345543-507921405-839522115-1003..\Run: [MSMSGS] C:\Program Files\Messenger\MSMSGS.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ComproRemote.lnk = C:\Program Files\Common Files\VideoMate\ComproRemote.exe (Compro Technology, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ComproSchedulerDTV.lnk = C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe (Compro Technology, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe (VIA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 55924053
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 55924053
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 55924053
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 55924053
O7 - HKU\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {1C1BF636-D768-4AE1-A1EA-BF948F3AF9AF} http://www.ipstreamingservice.com/downl ... ontrol.Dll (Media Class)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} https://www.mojebanka.cz/jars/confwiz/MVSGif.cab (AnimatedGif Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} http://88.83.235.138/plugin/h263ctrl.cab (VaPgCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.08.14 20:50:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 7 Days ==========

[16 C:\WINDOWS\*.tmp files]
[2009.10.14 13:21:33 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{EF63305C-BAD7-4144-9208-D65528260864}
[2009.10.14 13:21:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2009.10.14 20:50:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.10.14 11:22:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2009.10.14 20:50:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rob\Data aplikací\Malwarebytes
[2009.10.14 13:21:26 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009.10.14 20:50:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.10.14 13:56:35 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009.10.15 19:56:38 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rob\Plocha\OTL.exe
[2009.10.15 14:01:46 | 00,000,000 | ---D | C] -- C:\Fotky 2009
[2009.10.15 13:52:40 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF6950.exe
[2009.10.15 13:52:40 | 00,000,000 | --SD | C] -- C:\combo-fix
[2009.10.15 13:42:31 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF27610.exe
[2009.10.15 13:40:31 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF24411.exe
[2009.10.14 20:50:26 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.10.14 20:50:24 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.10.14 19:44:03 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF1647.exe
[2009.10.14 19:29:46 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009.10.14 19:28:01 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009.10.14 19:28:01 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009.10.14 19:28:01 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009.10.14 19:27:40 | 00,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF3005.exe
[2009.10.14 19:22:06 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009.10.14 19:22:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.10.14 19:18:14 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.10.14 13:56:34 | 00,000,000 | ---D | C] -- C:\rsit
[2009.10.14 13:23:28 | 00,064,160 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009.10.09 08:44:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rob\Plocha\sklep

========== Files - Modified Within 7 Days ==========

[6 C:\WINDOWS\System32\*.tmp files]
[16 C:\WINDOWS\*.tmp files]
[2009.10.15 19:57:05 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rob\Plocha\OTL.exe
[2009.10.15 19:52:20 | 00,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009.10.15 19:47:17 | 00,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.10.15 19:47:13 | 00,008,474 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.10.15 19:47:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.10.15 19:47:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.10.15 14:28:00 | 00,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-839522115-1003UA.job
[2009.10.15 14:21:00 | 00,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009.10.15 14:08:26 | 02,058,706 | ---- | M] () -- C:\Documents and Settings\Rob\Plocha\Chyba.JPG
[2009.10.15 14:00:34 | 00,002,565 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ACDSee 9 Photo Manager.lnk
[2009.10.15 13:52:19 | 00,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF6950.exe
[2009.10.15 13:41:59 | 00,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF27610.exe
[2009.10.15 13:41:16 | 03,339,138 | R--- | M] () -- C:\Documents and Settings\Rob\Plocha\combo-fix.exe
[2009.10.15 13:40:12 | 00,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF24411.exe
[2009.10.14 23:47:15 | 00,227,328 | ---- | M] () -- C:\Documents and Settings\Rob\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.14 20:50:28 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.10.14 20:49:20 | 00,553,984 | ---- | M] () -- C:\Documents and Settings\Rob\Plocha\Malwarebytes.doc
[2009.10.14 20:35:17 | 00,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2009.10.14 19:43:14 | 00,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF1647.exe
[2009.10.14 19:29:50 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009.10.14 19:27:25 | 00,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF3005.exe
[2009.10.14 14:03:19 | 00,000,212 | ---- | M] () -- C:\WINDOWS\LEXICON.INI
[2009.10.14 13:23:48 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.10.14 13:23:15 | 00,015,688 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2009.10.14 13:21:33 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
[2009.10.14 11:22:00 | 00,000,062 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2009.10.12 22:28:01 | 00,000,045 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat
[2009.10.12 00:28:07 | 02,643,152 | -H-- | M] () -- C:\Documents and Settings\Rob\Local Settings\Data aplikací\IconCache.db
[2009.10.11 08:10:09 | 00,236,544 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009.10.09 10:25:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009.10.09 10:02:01 | 00,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

========== Files - No Company Name ==========
[2009.10.15 14:01:35 | 02,058,706 | ---- | C] () -- C:\Documents and Settings\Rob\Plocha\Chyba.JPG
[2009.10.14 20:50:28 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2009.10.14 20:49:19 | 00,553,984 | ---- | C] () -- C:\Documents and Settings\Rob\Plocha\Malwarebytes.doc
[2009.10.14 19:29:50 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009.10.14 19:29:49 | 00,261,312 | ---- | C] () -- C:\cmldr
[2009.10.14 19:28:02 | 00,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.10.14 19:28:01 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.10.14 19:28:01 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.10.14 19:28:01 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.10.14 19:15:00 | 03,339,138 | R--- | C] () -- C:\Documents and Settings\Rob\Plocha\combo-fix.exe
[2009.10.14 13:33:12 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009.10.14 13:23:47 | 00,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.10.14 13:21:33 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ad-Aware.lnk
[2009.10.14 11:22:00 | 00,000,062 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.09.10 17:57:43 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009.09.10 17:57:43 | 00,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009.08.07 22:40:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2009.02.13 13:22:09 | 00,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.09.16 02:12:02 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008.09.16 02:12:02 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008.09.16 02:11:10 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008.09.05 19:10:04 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2008.06.11 02:07:20 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.03.29 19:48:35 | 00,000,400 | ---- | C] () -- C:\WINDOWS\T602.INI
[2008.01.01 21:10:44 | 00,000,868 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2007.12.25 12:30:15 | 00,001,900 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.12.02 19:29:08 | 00,002,921 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.11.30 19:09:47 | 00,000,433 | ---- | C] () -- C:\WINDOWS\KA.ini
[2007.11.13 22:17:10 | 02,643,152 | -H-- | C] () -- C:\Documents and Settings\Rob\Local Settings\Data aplikací\IconCache.db
[2007.11.07 21:39:40 | 00,000,212 | ---- | C] () -- C:\WINDOWS\LEXICON.INI
[2007.10.25 17:26:10 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.10.07 22:23:00 | 00,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2007.10.07 22:21:36 | 00,642,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.10.07 22:21:36 | 00,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd7133.sys
[2007.10.01 20:33:34 | 00,000,123 | ---- | C] () -- C:\Documents and Settings\Rob\Local Settings\Data aplikací\fusioncache.dat
[2007.09.24 20:22:42 | 00,000,248 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.09.08 14:32:25 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Rob\Data aplikací\$_hpcst$.hpc
[2007.09.06 18:25:34 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.09.06 18:25:20 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\remove.dll
[2007.08.26 21:06:03 | 00,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.08.23 20:55:13 | 00,000,045 | ---- | C] () -- C:\WINDOWS\Twacker.ini
[2007.08.23 20:54:59 | 00,000,041 | ---- | C] () -- C:\WINDOWS\lifeview.ini
[2007.08.22 19:42:24 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.08.20 19:19:34 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.08.20 17:24:47 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.08.20 17:24:47 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.08.20 17:24:47 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.08.20 17:24:47 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.08.20 17:24:47 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.08.20 17:24:47 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007.08.20 17:24:33 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2007.08.19 20:16:32 | 00,111,496 | ---- | C] () -- C:\Documents and Settings\Rob\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2007.08.15 20:18:27 | 00,028,672 | R--- | C] () -- C:\WINDOWS\System32\CMRMDRV3.DLL
[2007.08.15 19:56:42 | 00,227,328 | ---- | C] () -- C:\Documents and Settings\Rob\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.14 22:42:51 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
[2007.08.14 22:02:30 | 00,001,743 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.08.14 20:54:08 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Rob\Data aplikací\desktop.ini
[2005.08.10 00:13:31 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.08.10 00:13:31 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2002.03.21 14:39:02 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2001.10.25 14:00:00 | 00,000,843 | ---- | C] () -- C:\WINDOWS\win.ini
[2001.10.25 14:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[1999.01.22 23:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1997.06.14 02:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2009.10.14 20:50:24 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Data aplikací
[2009.10.14 13:21:35 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{EF63305C-BAD7-4144-9208-D65528260864}
[2007.09.14 07:02:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2009.06.14 10:57:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ahead
[2007.10.01 20:29:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2008.10.21 10:17:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Barbie Fashion Show
[2008.01.20 17:12:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
[2009.03.10 18:15:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.10.09 12:47:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2009.10.14 13:09:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2007.09.24 20:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.11.16 20:39:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2007.11.30 19:10:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vivendi Universal Games
[2009.05.19 17:56:47 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Data aplikací
[2008.03.25 19:06:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací
[2007.08.14 20:53:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací
[2009.10.15 07:58:56 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Rob\Data aplikací
[2007.08.20 19:10:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\ACD Systems
[2007.08.24 17:49:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\Ahead
[2009.01.28 18:01:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\Any Video Converter
[2007.10.01 20:36:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\Autodesk
[2009.03.25 20:38:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\Broad Intelligence
[2008.03.31 11:54:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\Happy Foto
[2008.10.19 12:50:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\ICQ
[2007.08.16 12:12:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\ICQLite
[2007.08.20 17:26:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\InterVideo
[2009.09.10 17:57:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\Samsung
[2008.01.20 16:28:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\U3
[2007.11.16 20:44:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\Ulead Systems
[2007.09.24 20:46:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rob\Data aplikací\VideoReDoPlus
[2009.10.14 13:23:48 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009.10.09 10:25:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2001.10.25 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.10.15 19:52:20 | 00,000,960 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009.10.15 19:47:17 | 00,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009.10.15 14:21:00 | 00,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2009.10.08 08:28:00 | 00,000,966 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-839522115-1003Core.job
[2009.10.15 14:28:00 | 00,001,018 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-839522115-1003UA.job
[2009.10.15 19:47:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


< End of report >

Tady druhý log z OTL ( extras)
OTL Extras logfile created on: 15.10.2009 19:59:25 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Rob\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 570,82 Mb Available Physical Memory | 55,77% Memory free
2,41 Gb Paging File | 2,08 Gb Available in Paging File | 86,30% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,27 Gb Total Space | 2,32 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 76,51 Gb Total Space | 0,22 Gb Free Space | 0,29% Space Free | Partition Type: NTFS
Drive E: | 4,15 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROB-30BN7NJUNKS
Current User Name: Rob
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = AutoCADScriptFile] -- C:\WINDOWS\notepad.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [ACDSee 9.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet 3] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 3\Fotolab Fotosvet 3.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQLite\ICQLite.exe" = C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Program Files\InterVideo\DVD6\WinDVD.exe" = C:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD -- (InterVideo Inc.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe" = C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe -- File not found
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe" = C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe -- File not found
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe" = C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe -- File not found
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe" = C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe -- File not found
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe" = C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:*:Enabled: -- File not found
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" = C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService -- File not found
"C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe" = C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Disabled:Age of Empires II -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe" = C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application -- File not found
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Alien Arena 2009\crx.exe" = C:\Alien Arena 2009\crx.exe:*:Enabled:crx -- File not found
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\WINDOWS\Temp\wpv181254983689.exe" = C:\WINDOWS\Temp\wpv181254983689.exe:*:Enabled:services -- File not found
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{082175CF-174B-47DC-B6A9-9AC1A9D66DD1}" = VideoMate U500 Family Driver
"{12346CA2-3799-4C06-90BC-A4AF242F439B}" = ComproDTV 3
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{21DAFB84-2421-488F-B17D-102FF53396AA}" = ComproDVD 2
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 13
"{2F6DA398-707F-4D52-AE6A-7E812D1662D6}" = MioTransfer
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{460CE8B9-6EC2-458A-90D4-691631ECE9D9}" = Pinnacle MediaServer
"{55FA89BD-21D3-42F7-9249-C94C0094A83C}" = Apple Software Update
"{5783F2D7-0301-0409-0002-0060B0CE6BBA}" = AutoCAD 2005 - English
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0 SP1
"{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}" = InterVideo WinDVD 6
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE Basic
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9E8DFEEF-D730-4ECB-B302-6295A18B290C}" = Barbie(TM) Módní přehlídka
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8361CC1-6B90-4525-B04C-E2F58078A366}" = Camera Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}" = ACDSee 9 Photo Manager
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD71ADC0-0616-4EC2-A43A-8A7EBF3A85E6}" = Tygrova výprava
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5F0FD86-1E2B-4FE3-8996-B976FCA2E64F}" = Barbie(TM) Salon krásy CD-ROM
"{C93369CB-B4E9-E095-9289-E6B5AE941029}" = Nero 7 Demo
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (PINNACLESYS)
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle MediaCenter
"{F827DB7E-9F8F-46BA-9F22-46CE2CEE1D7E}" = Barbie(TM) Dobrodružství s koňmi(TM)
"{F85A7717-4DF5-48A4-8D9E-F84F549A787A}" = Barbie(TM) od Labutího jezera
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Balíček ovladače systému Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Balíček ovladače systému Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"Any Video Converter_is1" = Any Video Converter 2.7.0
"Atout Clic Anglais_CP" = Tell me More Kids
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"BitComet" = BitComet 0.57
"BSPlayer" = BSPlayer
"C-Media PCI Audio Driver" = C-Media WDM Audio Driver
"C-Media PCI Sound" = C-Media PCI Audio
"CTDVDAudio Plugin" = Creative DVD Audio Plugin for Audigy Series
"Cyklotrasy 2.11" = Cyklotrasy 2.11
"DVD Shrink_is1" = DVD Shrink 3.2
"Enable S3 for USB Device" = Enable S3 for USB Device
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ENTERPRISER" = Zkušební verze produktu Microsoft Office Enterprise 2007
"Fotolab Fotosvet 3" = Fotolab Fotosvet 3
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 2.4
"Google Updater" = Google Updater
"HD Tune_is1" = HD Tune 2.54
"HF_ASISTENT" = Happy Foto HF Asistent (Jen odstranit)
"HijackThis" = HijackThis 2.0.2
"hp deskjet 3420 series" = hp deskjet 3420 series (Pouze odstranit)
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{9497EBAA-87AD-41E6-8ED6-E1E52995A76C}" = VIA Integrated Setup Wizard
"InstallShield_{BD71ADC0-0616-4EC2-A43A-8A7EBF3A85E6}" = Tygrova výprava
"InstallShield_{C5F0FD86-1E2B-4FE3-8996-B976FCA2E64F}" = Barbie(TM) Salon krásy CD-ROM
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"iTube_is1" = iTube 2.0
"Lingea Lexicon" = Lingea Lexicon
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micro DVD Player" = Micro DVD Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NOD32" = Antivirový systém NOD32
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"ProgDVB" = ProgDVB
"RealPlayer 6.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ST6UNST #1" = FreeDVD v2.0
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.0
"VideoReDo-Plus_is1" = VideoReDo/Plus Version 2.5.5.512
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"WinAVIVideoConverter_is1" = WinAVIVideoConverter
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Mobile Device Handbook" = Příručka k zařízení MDA Touch se systémem Windows Mobile®
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WM Converter 2.0" = WM Converter 2.0
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XULPlayer" = XULPlayer 0.5-pre6

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-725345543-507921405-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13.10.2009 11:49:53 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

Error - 13.10.2009 12:35:32 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

Error - 13.10.2009 13:08:15 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

Error - 13.10.2009 13:09:16 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

Error - 14.10.2009 5:30:32 | Computer Name = ROB-30BN7NJUNKS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace prevx.exe, verze 3.0.1.65, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.10.2009 7:03:49 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

Error - 14.10.2009 7:21:43 | Computer Name = ROB-30BN7NJUNKS | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 14.10.2009 7:25:50 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

Error - 14.10.2009 13:28:14 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

Error - 15.10.2009 7:53:17 | Computer Name = ROB-30BN7NJUNKS | Source = nview_info | ID = 11141121
Description =

[ System Events ]
Error - 15.10.2009 7:53:23 | Computer Name = ROB-30BN7NJUNKS | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 15.10.2009 7:53:49 | Computer Name = ROB-30BN7NJUNKS | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
PEVSystemStart.

Error - 15.10.2009 8:00:02 | Computer Name = ROB-30BN7NJUNKS | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 15.10.2009 8:00:18 | Computer Name = ROB-30BN7NJUNKS | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 842957a8, parametr3
84295bc0, parametr4 1a830005.

Error - 15.10.2009 8:00:25 | Computer Name = ROB-30BN7NJUNKS | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 84280228, parametr3
84280640, parametr4 1a830016.

Error - 15.10.2009 8:00:26 | Computer Name = ROB-30BN7NJUNKS | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 851ac000, parametr3
851ac418, parametr4 1a830000.

Error - 15.10.2009 8:00:27 | Computer Name = ROB-30BN7NJUNKS | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 851c0ad8, parametr3
851c0ef0, parametr4 1a83001a.

Error - 15.10.2009 8:06:26 | Computer Name = ROB-30BN7NJUNKS | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 15.10.2009 9:37:49 | Computer Name = ROB-30BN7NJUNKS | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 15.10.2009 13:47:39 | Computer Name = ROB-30BN7NJUNKS | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2


< End of report >

Tady log ze SysProt:

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

Process:
Name: [System Idle Process]
PID: 0
Hidden: No
Window Visible: No

Name: SYSTEM
PID: 4
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\smss.exe
PID: 600
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\csrss.exe
PID: 684
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\winlogon.exe
PID: 708
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\services.exe
PID: 756
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\lsass.exe
PID: 768
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 928
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1008
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1112
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1160
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1240
Hidden: No
Window Visible: No

Name: C:\WINDOWS\explorer.exe
PID: 1548
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\spoolsv.exe
PID: 1628
Hidden: No
Window Visible: No

Name: C:\Program Files\ESET\nod32kui.exe
PID: 1744
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\rundll32.exe
PID: 1844
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\rundll32.exe
PID: 1852
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\rundll32.exe
PID: 1864
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
PID: 1876
Hidden: No
Window Visible: No

Name: C:\Program Files\DAEMON Tools\daemon.exe
PID: 1892
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PID: 468
Hidden: No
Window Visible: No

Name: C:\Program Files\QuickTime\qttask.exe
PID: 476
Hidden: No
Window Visible: No

Name: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PID: 504
Hidden: No
Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jusched.exe
PID: 572
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\ctfmon.exe
PID: 652
Hidden: No
Window Visible: No

Name: C:\Program Files\Messenger\msmsgs.exe
PID: 672
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PID: 668
Hidden: No
Window Visible: No

Name: C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PID: 824
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Rob\Local Settings\Data aplikací\Google\Update\1.2.183.7\GoogleCrashHandler.exe
PID: 1056
Hidden: No
Window Visible: No

Name: C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PID: 1080
Hidden: No
Window Visible: No

Name: C:\PROGRA~1\MICROS~4\rapimgr.exe
PID: 1232
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\VideoMate\ComproRemote.exe
PID: 1324
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\VideoMate\ComproSchedulerDTV.exe
PID: 1156
Hidden: No
Window Visible: No

Name: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PID: 1472
Hidden: No
Window Visible: No

Name: C:\Program Files\VIA\RAID\raid_tool.exe
PID: 1704
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 276
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\FsUsbExService.Exe
PID: 372
Hidden: No
Window Visible: No

Name: C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PID: 632
Hidden: No
Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jqs.exe
PID: 896
Hidden: No
Window Visible: No

Name: C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
PID: 1256
Hidden: No
Window Visible: No

Name: C:\Program Files\ESET\nod32krn.exe
PID: 1484
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\nvsvc32.exe
PID: 2092
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 2152
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PID: 2184
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\alg.exe
PID: 3376
Hidden: No
Window Visible: No

Name: C:\Program Files\Mozilla Firefox\firefox.exe
PID: 2060
Hidden: No
Window Visible: No

Name: D:\Programy\SysProt\SysProt\SysProt.exe
PID: 3836
Hidden: No
Window Visible: Yes

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\D:\Programy\SysProt\SysProt\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: EC5EE000
Module End: EC5F9000
Hidden: No

Module Name: C:\WINDOWS\system32\ntoskrnl.exe
Service Name: ---
Module Base: 804D7000
Module End: 806EDF80
Hidden: No

Module Name: C:\WINDOWS\system32\hal.dll
Service Name: ---
Module Base: 806EE000
Module End: 8070E300
Hidden: No

Module Name: C:\WINDOWS\system32\KDCOM.DLL
Service Name: ---
Module Base: F7B2F000
Module End: F7B31000
Hidden: No

Module Name: C:\WINDOWS\system32\BOOTVID.dll
Service Name: ---
Module Base: F7A3F000
Module End: F7A42000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sptd.sys
Service Name: sptd
Module Base: F753E000
Module End: F760E000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\WMILIB.SYS
Service Name: ---
Module Base: F7B31000
Module End: F7B33000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\SPTD7133.SYS
Service Name: ---
Module Base: F7526000
Module End: F753E000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ACPI.sys
Service Name: ACPI
Module Base: F74F8000
Module End: F7526000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pci.sys
Service Name: PCI
Module Base: F74E7000
Module End: F74F8000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\isapnp.sys
Service Name: isapnp
Module Base: F762F000
Module End: F7639000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ohci1394.sys
Service Name: ohci1394
Module Base: F763F000
Module End: F764F000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\1394BUS.SYS
Service Name: ---
Module Base: F764F000
Module End: F765D000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\viaide.sys
Service Name: ViaIde
Module Base: F7B33000
Module End: F7B35000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PCIIDEX.SYS
Service Name: ---
Module Base: F78AF000
Module End: F78B6000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\MountMgr.sys
Service Name: MountMgr
Module Base: F765F000
Module End: F766A000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ftdisk.sys
Service Name: Disk
Module Base: F74C8000
Module End: F74E7000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\dmload.sys
Service Name: dmload
Module Base: F7B35000
Module End: F7B37000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\dmio.sys
Service Name: dmio
Module Base: F74A2000
Module End: F74C8000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PartMgr.sys
Service Name: PartMgr
Module Base: F78B7000
Module End: F78BC000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\VolSnap.sys
Service Name: VolSnap
Module Base: F766F000
Module End: F767C000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\atapi.sys
Service Name: atapi
Module Base: F748A000
Module End: F74A2000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\viasraid.sys
Service Name: viasraid
Module Base: F7477000
Module End: F748A000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\SCSIPORT.SYS
Service Name: ScsiPort
Module Base: F745F000
Module End: F7477000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\disk.sys
Service Name: ---
Module Base: F767F000
Module End: F7688000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\CLASSPNP.SYS
Service Name: ---
Module Base: F768F000
Module End: F769C000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: F743F000
Module End: F745F000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sr.sys
Service Name: sr
Module Base: F742D000
Module End: F743F000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Lbd.sys
Service Name: Lbd
Module Base: F769F000
Module End: F76AE000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PxHelp20.sys
Service Name: PxHelp20
Module Base: F76AF000
Module End: F76B8000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\KSecDD.sys
Service Name: KSecDD
Module Base: F7416000
Module End: F742D000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Ntfs.sys
Service Name: Ntfs
Module Base: F7389000
Module End: F7416000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\NDIS.sys
Service Name: NDIS
Module Base: F735C000
Module End: F7389000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\viaagp1.sys
Service Name: viaagp1
Module Base: F78BF000
Module End: F78C6000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sfhlp01.sys
Service Name: sfhlp01
Module Base: F7B37000
Module End: F7B39000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\prosync1.sys
Service Name: prosync1
Module Base: F7B39000
Module End: F7B3B000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\prohlp02.sys
Service Name: prohlp02
Module Base: F7340000
Module End: F735C000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Mup.sys
Service Name: Mup
Module Base: F7326000
Module End: F7340000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\amdk7.sys
Service Name: AmdK7
Module Base: F777F000
Module End: F778A000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\nv4_mini.sys
Service Name: nv
Module Base: F60F8000
Module End: F63AB000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS
Service Name: ---
Module Base: F60E4000
Module End: F60F8000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\cmuda3.sys
Service Name: cmuda3
Module Base: F6021000
Module End: F60E4000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\portcls.sys
Service Name: ---
Module Base: F5FFD000
Module End: F6021000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\drmk.sys
Service Name: ---
Module Base: F778F000
Module End: F779E000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ks.sys
Service Name: ---
Module Base: F5FDA000
Module End: F5FFD000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\imapi.sys
Service Name: Imapi
Module Base: F779F000
Module End: F77AA000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\ULCDRHlp.sys
Service Name: ULCDRHlp
Module Base: F79AF000
Module End: F79B6000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Service Name: Cdrom
Module Base: F77AF000
Module End: F77BF000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\redbook.sys
Service Name: redbook
Module Base: F77BF000
Module End: F77CE000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\usbuhci.sys
Service Name: usbuhci
Module Base: F79B7000
Module End: F79BD000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: F5FB6000
Module End: F5FDA000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: F79BF000
Module End: F79C7000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\fetnd5b.sys
Service Name: FETNDISB
Module Base: F77CF000
Module End: F77DA000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\dtscsi.sys
Service Name: dtscsi
Module Base: F5F6C000
Module End: F5FB6000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\serial.sys
Service Name: Serial
Module Base: EF885000
Module End: EF895000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\serenum.sys
Service Name: serenum
Module Base: EB088000
Module End: EB08C000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\parport.sys
Service Name: Parport
Module Base: EB02C000
Module End: EB040000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\audstub.sys
Service Name: audstub
Module Base: F075D000
Module End: F075E000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: EFB49000
Module End: EFB56000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: EB084000
Module End: EB087000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: EB123000
Module End: EB13A000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: EFB39000
Module End: EFB44000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: EFB29000
Module End: EFB35000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: EFDAA000
Module End: EFDAF000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\psched.sys
Service Name: PSched
Module Base: EB0A7000
Module End: EB0B8000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\msgpc.sys
Service Name: Gpc
Module Base: EFB66000
Module End: EFB6F000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\ptilink.sys
Service Name: Ptilink
Module Base: EFDA2000
Module End: EFDA7000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\raspti.sys
Service Name: Raspti
Module Base: EFD9A000
Module End: EFD9F000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\rdpdr.sys
Service Name: rdpdr
Module Base: EB0F3000
Module End: EB123000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: F0271000
Module End: F027B000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Service Name: Kbdclass
Module Base: EFD92000
Module End: EFD98000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\mouclass.sys
Service Name: Mouclass
Module Base: EFD8A000
Module End: EFD90000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: F1598000
Module End: F159A000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\update.sys
Service Name: Update
Module Base: EB8C3000
Module End: EB921000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: EF5CD000
Module End: EF5D1000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Service Name: NDProxy
Module Base: F05AC000
Module End: F05B6000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: F058C000
Module End: F059B000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: F1594000
Module End: F1596000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\flpydisk.sys
Service Name: Flpydisk
Module Base: EFA5B000
Module End: EFA60000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Service Name: Fs_Rec
Module Base: F1A11000
Module End: F1A13000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Null.SYS
Service Name: Null
Module Base: F7C89000
Module End: F7C8A000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Beep.SYS
Service Name: Beep
Module Base: F1A0F000
Module End: F1A11000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\HIDPARSE.SYS
Service Name: ---
Module Base: F7A17000
Module End: F7A1E000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\vga.sys
Service Name: VgaSave
Module Base: F78E7000
Module End: F78ED000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Service Name: mnmdd
Module Base: F1A0D000
Module End: F1A0F000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: F1A0B000
Module End: F1A0D000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Msfs.SYS
Service Name: Msfs
Module Base: F7947000
Module End: F794C000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Npfs.SYS
Service Name: Npfs
Module Base: F7957000
Module End: F795F000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\rasacd.sys
Service Name: RasAcd
Module Base: F7AF3000
Module End: F7AF6000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\ipsec.sys
Service Name: IPSec
Module Base: EB0C0000
Module End: EB0D3000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\tcpip.sys
Service Name: Tcpip
Module Base: EB76A000
Module End: EB7C3000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: EB742000
Module End: EB76A000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\ws2ifsl.sys
Service Name: WS2IFSL
Module Base: F69D9000
Module End: F69DC000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\afd.sys
Service Name: AFD
Module Base: EB720000
Module End: EB742000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: F055C000
Module End: F0565000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\rdbss.sys
Service Name: Rdbss
Module Base: EB6F5000
Module End: EB720000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\prodrv06.sys
Service Name: prodrv06
Module Base: F053C000
Module End: F054A000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\BdaSup.SYS
Service Name: ---
Module Base: F72F6000
Module End: F72F9000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Service Name: MRxSmb
Module Base: EB685000
Module End: EB6F5000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fips.SYS
Service Name: Fips
Module Base: F781F000
Module End: F782A000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\ipnat.sys
Service Name: IpNat
Module Base: EB65F000
Module End: EB685000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\wanarp.sys
Service Name: Wanarp
Module Base: F775F000
Module End: F7768000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\usbccgp.sys
Service Name: usbccgp
Module Base: F790F000
Module End: F7917000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\AF15BDA.sys
Service Name: AF15BDA
Module Base: EB614000
Module End: EB65F000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\hidusb.sys
Service Name: hidusb
Module Base: F7B23000
Module End: F7B26000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\HIDCLASS.SYS
Service Name: ---
Module Base: F641B000
Module End: F6424000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\kbdhid.sys
Service Name: kbdhid
Module Base: F7B27000
Module End: F7B2B000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\usbVM31b.sys
Service Name: ZSMC301b
Module Base: EB5FD000
Module End: EB614000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\STREAM.SYS
Service Name: ---
Module Base: F5D83000
Module End: F5D90000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\mouhid.sys
Service Name: mouhid
Module Base: F72D6000
Module End: F72D9000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Udfs.SYS
Service Name: Udfs
Module Base: EB5EC000
Module End: EB5FD000
Hidden: No

Module Name: \SystemRoot\System32\Drivers\dump_diskdump.sys
Service Name: ---
Module Base: F7B0B000
Module End: F7B0F000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_viasraid.sys
Service Name: ---
Module Base: EB5D9000
Module End: EB5EC000
Hidden: Yes

Module Name: C:\WINDOWS\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: F57B7000
Module End: F57BA000
Hidden: No

Module Name: C:\WINDOWS\System32\watchdog.sys
Service Name: ---
Module Base: F7937000
Module End: F793C000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\dxgthk.sys
Service Name: ---
Module Base: EB066000
Module End: EB067000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ethpdrv.sys
Service Name: Ethpdrv
Module Base: F580B000
Module End: F5813000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: EB094000
Module End: EB098000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\wdmaud.sys
Service Name: wdmaud
Module Base: EB289000
Module End: EB29E000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sysaudio.sys
Service Name: sysaudio
Module Base: EF8D5000
Module End: EF8E4000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Service Name: MRxDAV
Module Base: EBA97000
Module End: EBAC4000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Service Name: ParVdm
Module Base: F7B79000
Module End: F7B7B000
Hidden: No

Module Name: \??\C:\WINDOWS\System32\drivers\amon.sys
Service Name: AMON
Module Base: EBA15000
Module End: EBA8F000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\srv.sys
Service Name: Srv
Module Base: EB99F000
Module End: EB9F1000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\HTTP.sys
Service Name: HTTP
Module Base: EC37A000
Module End: EC3BB000
Hidden: No

Module Name: \??\C:\WINDOWS\system32\FsUsbExDisk.SYS
Service Name: FsUsbExDisk
Module Base: EBFB0000
Module End: EBFB9000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Service Name: Cdfs
Module Base: EC0F8000
Module End: EC108000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\kmixer.sys
Service Name: kmixer
Module Base: EC47B000
Module End: EC4A6000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\usbprint.sys
Service Name: usbprint
Module Base: F5813000
Module End: F581A000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\fdc.sys
Service Name: Fdc
Module Base: EFA95000
Module End: EFA9C000
Hidden: No

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwCreateKey
Address: F769F87E
Driver Base: F769F000
Driver End: F76AE000
Driver Name: Lbd.sys

Function Name: ZwEnumerateKey
Address: F7543C7E
Driver Base: F753E000
Driver End: F760E000
Driver Name: sptd.sys

Function Name: ZwEnumerateValueKey
Address: F7543FF6
Driver Base: F753E000
Driver End: F760E000
Driver Name: sptd.sys

Function Name: ZwOpenKey
Address: F7543A18
Driver Base: F753E000
Driver End: F760E000
Driver Name: sptd.sys

Function Name: ZwQueryKey
Address: F75440C0
Driver Base: F753E000
Driver End: F760E000
Driver Name: sptd.sys

Function Name: ZwQueryValueKey
Address: F7543F58
Driver Base: F753E000
Driver End: F760E000
Driver Name: sptd.sys

Function Name: ZwSetValueKey
Address: F769FBFE
Driver Base: F769F000
Driver End: F76AE000
Driver Name: Lbd.sys

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
IRP Hooks:
Hooked Module: C:\WINDOWS\System32\Drivers\dtscsi.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: 86CBD878
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\Drivers\dtscsi.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: 86CBD878
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\Drivers\dtscsi.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: 86CBD878
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\Drivers\dtscsi.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: 86CBD878
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\Drivers\dtscsi.sys
Hooked IRP: IRP_MJ_POWER
Jump To: 86CBD878
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\Drivers\dtscsi.sys
Hooked IRP: IRP_MJ_SYSTEM_CONTROL
Jump To: 86CBD878
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\atapi.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: F7B396C1
Hooking Module: C:\WINDOWS\system32\drivers\prosync1.sys

Hooked Module: \Driver\00000047
Hooked IRP: IRP_MJ_POWER
Jump To: F754AEA8
Hooking Module: C:\WINDOWS\system32\drivers\sptd.sys

Hooked Module: \Driver\00000047
Hooked IRP: IRP_MJ_SYSTEM_CONTROL
Jump To: F755EA70
Hooking Module: C:\WINDOWS\system32\drivers\sptd.sys

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_READ
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_WRITE
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_FLUSH_BUFFERS
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_SHUTDOWN
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_POWER
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\dmio.sys
Hooked IRP: IRP_MJ_SYSTEM_CONTROL
Jump To: 86FD6808
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\drivers\prodrv06.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: E18E9320
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\drivers\prodrv06.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: E18E9320
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\drivers\prodrv06.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: E18E9320
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_READ
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_WRITE
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_FLUSH_BUFFERS
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_SHUTDOWN
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_CLEANUP
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_POWER
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys
Hooked IRP: IRP_MJ_SYSTEM_CONTROL
Jump To: 86FD6A40
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\prohlp02.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: E10082F0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\prohlp02.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: E10082F0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\prohlp02.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: E10082F0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: 869860E8
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: 869860E8
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: 869860E8
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: 869860E8
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys
Hooked IRP: IRP_MJ_CLEANUP
Jump To: 869860E8
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_READ
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_WRITE
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_FLUSH_BUFFERS
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_SHUTDOWN
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_POWER
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Hooked IRP: IRP_MJ_SYSTEM_CONTROL
Jump To: 86D03BD0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_READ
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_WRITE
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_FLUSH_BUFFERS
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_SHUTDOWN
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_POWER
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\disk.sys
Hooked IRP: IRP_MJ_SYSTEM_CONTROL
Jump To: 86F8BEB0
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\viasraid.sys
Hooked IRP: IRP_MJ_CREATE
Jump To: 86FD6398
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\viasraid.sys
Hooked IRP: IRP_MJ_CLOSE
Jump To: 86FD6398
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\viasraid.sys
Hooked IRP: IRP_MJ_DEVICE_CONTROL
Jump To: 86FD6398
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\viasraid.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: F7B396C1
Hooking Module: C:\WINDOWS\system32\drivers\prosync1.sys

Hooked Module: C:\WINDOWS\system32\drivers\viasraid.sys
Hooked IRP: IRP_MJ_POWER
Jump To: 86FD6398
Hooking Module: _unknown_

Hooked Module: C:\WINDOWS\system32\drivers\viasraid.sys
Hooked IRP: IRP_MJ_SYSTEM_CONTROL
Jump To: 86FD6398
Hooking Module: _unknown_

******************************************************************************************
******************************************************************************************
Ports:
Local Address: ROB-30BN7NJUNKS:7438
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Microsoft ActiveSync\wcescomm.exe
State: LISTENING

Local Address: ROB-30BN7NJUNKS:5679
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Microsoft ActiveSync\wcescomm.exe
State: LISTENING

Local Address: ROB-30BN7NJUNKS:5152
Remote Address: LOCALHOST:1061
Type: TCP
Process: C:\Program Files\Java\jre6\bin\jqs.exe
State: CLOSE_WAIT

Local Address: ROB-30BN7NJUNKS:5152
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Java\jre6\bin\jqs.exe
State: LISTENING

Local Address: ROB-30BN7NJUNKS:1064
Remote Address: LOCALHOST:1063
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1063
Remote Address: LOCALHOST:1064
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1060
Remote Address: LOCALHOST:1059
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1059
Remote Address: LOCALHOST:1060
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1032
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\alg.exe
State: LISTENING

Local Address: ROB-30BN7NJUNKS:1174
Remote Address: HB-IN-F137.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1161
Remote Address: HB-IN-F165.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1160
Remote Address: 78.128.147.26:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1153
Remote Address: HB-IN-F102.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1152
Remote Address: HB-IN-F155.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1151
Remote Address: HB-IN-F155.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1150
Remote Address: HB-IN-F155.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1149
Remote Address: HB-IN-F155.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1146
Remote Address: HB-IN-F165.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1138
Remote Address: HB-IN-F101.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1137
Remote Address: HB-IN-F100.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1136
Remote Address: HB-IN-F147.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1135
Remote Address: HB-IN-F147.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1134
Remote Address: HB-IN-F147.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:1133
Remote Address: HB-IN-F101.GOOGLE.COM:HTTP
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ROB-30BN7NJUNKS:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: SYSTEM
State: LISTENING

Local Address: ROB-30BN7NJUNKS:MS-SQL-S
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
State: LISTENING

Local Address: ROB-30BN7NJUNKS:990
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\PROGRA~1\MICROS~4\rapimgr.exe
State: LISTENING

Local Address: ROB-30BN7NJUNKS:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: SYSTEM
State: LISTENING

Local Address: ROB-30BN7NJUNKS:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\svchost.exe
State: LISTENING

Local Address: ROB-30BN7NJUNKS:1900
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: ROB-30BN7NJUNKS:123
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: ROB-30BN7NJUNKS:1900
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: ROB-30BN7NJUNKS:138
Remote Address: NA
Type: UDP
Process: SYSTEM
State: NA

Local Address: ROB-30BN7NJUNKS:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: SYSTEM
State: NA

Local Address: ROB-30BN7NJUNKS:123
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: ROB-30BN7NJUNKS:4500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: ROB-30BN7NJUNKS:MS-SQL-M
Remote Address: NA
Type: UDP
Process: C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
State: NA

Local Address: ROB-30BN7NJUNKS:500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: ROB-30BN7NJUNKS:MICROSOFT-DS
Remote Address: NA
Type: UDP
Process: SYSTEM
State: NA

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\Rob\Plocha\oblíbené explorer-záloha\Cestování, Hory zima- leto atd\tatry\Orlí stezka- Polská část vysokých tater\Chata Murowaniec -TATRY - Schronisko Górskie PTTK Murowaniec - ZAKOPANE (noclegi, góry, narty, mountain hostel, Orla
Status: Hidden

Object: C:\System Volume Information\MountPointManagerRemoteDatabase
Status: Access denied

Object: C:\System Volume Information\tracking.log
Status: Access denied

Object: C:\System Volume Information\_restore{E4648308-0228-4A7F-A699-0B671240449F}
Status: Access denied

Object: C:\System Volume Information\_restore{E60EB035-8B9F-41B5-B87A-1F017C0E4C73}
Status: Access denied

spust program OTLIST>
do okna CustomScans/Fixes>vloz zeleny text a klikni Run Fix>>suhlas po restarte vloz sem log

_________________
Dôležité informácie.

Počas liečby dodržujte inštrukcie a nerobte nič naviac a ani menej,,nespúšťajte žiaden iný program z vlastnej iniciatívy,,
Opravy a poradenstva v tomto vlákne sú len pre tento stroj. Neprenášajte pokyny z tohto vlákna na váš počítač,môžete poškodiť systém



Thanks! Vďaka!

Vkládám log:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ScanRegistry deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\ deleted successfully.
Starting removal of ActiveX control {33564D57-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wmv9dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\Temp\wpv181254983689.exe deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2352051 bytes

User: Rob
File delete failed. C:\Documents and Settings\Rob\Local Settings\Temp\WCESLog.log scheduled to be deleted on reboot.
->Temp folder emptied: 3544001 bytes
File delete failed. C:\Documents and Settings\Rob\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 1244282283 bytes
->Java cache emptied: 93934346 bytes
File delete failed. C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\XUL.mfl scheduled to be deleted on reboot.
->FireFox cache emptied: 217783126 bytes
->Google Chrome cache emptied: 155679922 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 2163202 bytes
%systemroot%\System32 .tmp files removed: 4397512 bytes
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_52c.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_620.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 42754 bytes
RecycleBin emptied: 163518 bytes

Total Files Cleaned = 1644,52 mb

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.

OTL by OldTimer - Version 3.0.21.0 log created on 10162009_133559

Files\Folders moved on Reboot...
C:\Documents and Settings\Rob\Local Settings\Temp\WCESLog.log moved successfully.
C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Rob\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\32ugf2dr.default\XUL.mfl moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_52c.dat not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_620.dat not found!

Registry entries deleted on Reboot...