Zavirováno

[Hajadlo]

Tak, píšu vám z nouzového režimu, jelikož můj PC stávkuje tak sem si říkal že sem v nekdě. Právě testuji svůj komp programem MWAV, a vypsal mi spoustu věcí, posuďte sami...

Objekt "AntiMalware Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Jqs.exe Generic Malware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "cws.tooncomics Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Zlob Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "All-In-One Spy Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "PurityScan Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Jqs.exe Generic Malware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "cws.tooncomics Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Zlob Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "All-In-One Spy Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "PurityScan Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Backdoor (IRCBot) Trojans Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Adware.Tracking Cookie Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Adware.Tracking Cookie Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Adware.Tracking Cookie Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Adware.Tracking Cookie Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\DirectAnimation.PathControl" odkazuje na neplatný objekt "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\DirectAnimation.Sequence" odkazuje na neplatný objekt "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\DirectAnimation.SequencerControl" odkazuje na neplatný objekt "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\DirectAnimation.SpriteControl" odkazuje na neplatný objekt "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\DirectAnimation.StructuredGraphicsControl" odkazuje na neplatný objekt "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\JavaPlugin.FamilyVersionSupport" odkazuje na neplatný objekt "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\MailFileAtt" odkazuje na neplatný objekt "{00020D05-0000-0000-C000-000000000046}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\mapifvbx.object" odkazuje na neplatný objekt "{41116C00-8B90-101B-96CD-00AA003B14FC}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\mapifvbx.object.1" odkazuje na neplatný objekt "{41116C00-8B90-101B-96CD-00AA003B14FC}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCR\SPort.SPortAx" odkazuje na neplatný objekt "{BAF2361D-5CCA-49AE-9BFB-6BF65FD28C4C}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "C:\WINDOWS\winsxs\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "C:\WINDOWS\winsxs\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "C:\WINDOWS\winsxs\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "C:\WINDOWS\winsxs\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\de\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\es\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\fr\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\it\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\ja\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\ko\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\ru\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\zh-Hans\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\zh-Hant\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\ar\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\bg\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\ca\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\cs\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\da\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\el\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\et\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\eu\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\fi\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\he\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\hr\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\hu\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\id\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\lt\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\lv\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\ms\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\nl\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\no\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\pl\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\pt-BR\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\pt\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\ro\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\sk\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\sl\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\sr-Cyrl-CS\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\sr-Latn-CS\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\sv\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\th\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\tr\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\uk\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Program Files\Microsoft Silverlight\4.0.60310.0\vi\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" odkazuje na neplatný objekt "c:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Games for Windows - LIVE\". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".acr". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".b3d". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cam". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".cr2". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".crw". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".dcm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".dcx". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".dds". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".djvu". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".ecw". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".exr". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".fpx". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".fsh". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".g3". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".hdp". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".icl". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".iff". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".IMA". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".iw44". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".j2k". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".jad". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".jng". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".jpc". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".JPF". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".jpm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".kdc". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".lbm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".ldf". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".lwf". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".mng". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".ngg". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".nlm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".nol". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".pbm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".pcd". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".pgm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".ppm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".psp". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".ras". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".raw". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sff". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sfw". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sid". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".sun". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".wbmp". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".xpm". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{01C89AF1-9128-499B-84DE-4F3C1BCE01C0}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{06AA7623-E681-4F28-8AC5-FE9906B069A9}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{06CB0602-2EBD-4924-ADC3-217A3B128D3F}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{10473EB6-2CD1-3BCC-9DA9-D10118EF92FF}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{13DCEF71-A389-4227-910E-D07F154D4ABD}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{18799355-2D9A-3BFF-A2FE-8F38351FDABA}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{1C8DFA71-4079-4F02-B8BB-47B12C1A565F}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{1EFE09D3-6C77-4E6D-876F-76CB30D2056C}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{268789C4-53E6-4DDB-8F33-8D0F9E000BEA}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{2D1AC484-E516-408C-8825-ACB1C356AC7A}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{2E6863BB-4082-3B05-BB2C-20EF16D4BD82}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{2F3AB6ED-951C-4CE7-8AC9-8546FDCF1F5A}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{309E2514-29D4-405C-B3B1-14D7231BFA16}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{3A66FD42-50D2-3E9A-81B5-ECE3E5C3097A}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{3B45CBBB-5CA1-44FB-9885-ACC81F76521E}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{4582C7EB-93F5-408D-9F29-5A5BE1E76845}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{492CD592-87DD-31E9-8083-8665A0256163}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{494AD45E-E071-4819-8E15-E1041FBFF073}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{4B565810-71D8-427C-AED5-A076FD7C1212}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{5B076A14-F478-3566-BE7A-985C3C629FA4}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{63EDF167-08E4-494F-91BC-25E1BE6188DA}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{724309E5-E712-426C-B94D-B6B42511C29F}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{81719652-18E0-47B1-9A12-F82BF075D4DB}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{857B0113-C2A1-44F5-91D5-A0F39D68B7B8}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{86F7BB71-FE8F-3306-A325-F93EE06417B8}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{95DF5260-331D-4FFD-A2D5-C64164751945}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{9130F5F8-4C36-4D81-AFDD-FB0CD8B5540D}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{971D6F8B-E8C5-49A4-9ED3-89C010B0D8D2}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{AC76BA86-7AD7-0000-2550-7A8C40000944}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{AC76BA86-7AD7-0000-2550-7A8C40000945}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{AC76BA86-7AD7-1029-7B44-A90000000001}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{AF5D3F34-843A-41BF-A0F3-2FBBA00BA9B9}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{BB85B4D1-FE48-9AC2-ACF3-5833D539C606}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{BEEBFC3C-48B1-4A38-A3C5-81BA19DF5F40}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{C0539D93-1DCF-3518-BB9E-6CE958422534}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{C49C311D-56FD-4766-9085-0017F4754D24}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{C96D1542-585F-412D-8C5A-0240BDA164B9}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{C981845E-8D26-4677-A640-9433C8EEC70C}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{CF24EDF1-E236-4332-83CB-4C701A9BCBF0}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{D72EEDE5-D3FA-3979-92ED-8F4948E62D0F}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{DAC0309E-07F6-45AD-B5BF-5B0DEF71FFEE}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{DB164C6E-8E4A-4730-97C6-DE8486EB367F}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{DF76B188-11DB-43DC-A389-10422995A979}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{E7B1D42F-2419-4D63-A751-D0352A0D64D9}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{ECD82B28-48BE-426C-B55B-6EC022616285}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{EE477D70-7E70-4D74-A44E-219F79A36AA9}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{F0B7330E-24B8-43EA-8CD6-D114428A1CEC}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{F4D03C19-DCA0-4B09-83E7-BE3B06C8D4DC}". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" odkazuje na neplatný objekt "{F7F4F635-EC77-4BDA-B0C9-5DBC9F5C311E}". Provedené akce: Ponecháno, neodstraněno!.

[Caroprd111]

Zdravím

Zkuste v nouzovém režimu spustit RSIT a vložit mi z něj log http://www.viry.cz/forum/viewtopic.php?f=13&t=105895

[Hajadlo]

tady to máte Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-07-19 21:04:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 57 GB (19%) free of 305 GB
Total RAM: 2047 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:04:39, on 19.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mexe.com
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\T519W5L1\RSIT[1].exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "c:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Ckemeo] C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5917 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F6779CCA-FB89-40E5-8136-935A900EBF38}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=c:\Program Files\uTorrent\uTorrent.exe [2011-07-16 639352]
"Ckemeo"=C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe [2011-07-19 212480]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-06-24 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Steam\steamapps\common\men of war\mow.exe"="C:\Program Files\Steam\steamapps\common\men of war\mow.exe:*:Enabled:Men of War"
"C:\Program Files\Steam\steamapps\common\men of war\mow_editor.exe"="C:\Program Files\Steam\steamapps\common\men of war\mow_editor.exe:*:Enabled:Men of War"
"C:\Program Files\Steam\steamapps\common\men of war red tide\redtide.exe"="C:\Program Files\Steam\steamapps\common\men of war red tide\redtide.exe:*:Enabled:Men of War: Red Tide"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe"="C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe:*:Enabled:ArmA 2"
"C:\Program Files\Valve\Portal 2\portal2.exe"="C:\Program Files\Valve\Portal 2\portal2.exe:*:Enabled:portal2"
"C:\Program Files\Runes of Magic\Client.exe"="C:\Program Files\Runes of Magic\Client.exe:*:Enabled:Runes of Magic"
"C:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe"="C:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi"
"C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe"="C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit"
"C:\Documents and Settings\Administrator\Plocha\Terrarium\TerrariaServer.exe"="C:\Documents and Settings\Administrator\Plocha\Terrarium\TerrariaServer.exe:*:Enabled:Terraria"
"C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe"="C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe:*:Enabled:Napoleon: Total War"
"C:\Program Files\Steam\steamapps\common\men of war assault squad\mow_assault_squad.exe"="C:\Program Files\Steam\steamapps\common\men of war assault squad\mow_assault_squad.exe:*:Enabled:Men of War: Assault Squad"
"C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe"="C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe:*:Enabled:Warhammer® 40,000™: Dawn of War® II – Chaos Rising™"
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe"="C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe:*:Enabled:Company of Heroes: Opposing Fronts"
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe"="C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2011-07-19 21:04:35 ----D---- C:\Program Files\trend micro
2011-07-19 21:04:34 ----D---- C:\rsit
2011-07-19 20:50:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2011-07-19 20:49:55 ----D---- C:\Program Files\McAfee Security Scan
2011-07-19 20:49:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2011-07-19 20:47:11 ----AD---- C:\WINDOWS\VDLL.DLL
2011-07-19 20:47:11 ----AD---- C:\WINDOWS\system32\runouce.exe
2011-07-19 20:47:11 ----AD---- C:\WINDOWS\rundll16.exe
2011-07-19 20:47:11 ----AD---- C:\WINDOWS\RUNDL132.EXE
2011-07-19 20:47:11 ----AD---- C:\WINDOWS\logo1_.exe
2011-07-19 20:47:11 ----AD---- C:\WINDOWS\logo_1.exe
2011-07-19 20:40:16 ----A---- C:\WINDOWS\system32\msvcr80.dll
2011-07-19 20:40:15 ----A---- C:\WINDOWS\system32\msvcp80.dll
2011-07-19 20:40:14 ----A---- C:\WINDOWS\system32\eEmpty.exe
2011-07-19 20:40:12 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2011-07-19 20:40:12 ----A---- C:\WINDOWS\system32\T.COM
2011-07-19 20:40:12 ----A---- C:\WINDOWS\REGEDIT.COM
2011-07-19 20:40:12 ----A---- C:\WINDOWS\R.COM
2011-07-19 20:40:10 ----D---- C:\Program Files\Common Files\MicroWorld
2011-07-19 20:40:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2011-07-19 20:35:40 ----D---- C:\WINDOWS\CSC
2011-07-19 20:34:12 ----A---- C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe
2011-07-19 20:30:55 ----A---- C:\WINDOWS\ntbtlog.txt
2011-07-16 11:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-16 11:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-10 19:15:34 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Canneverbe Limited
2011-07-10 19:12:47 ----D---- C:\Program Files\CDBurnerXP
2011-07-10 19:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2011-07-07 22:13:29 ----D---- C:\WINDOWS\system32\xlive
2011-07-07 22:13:29 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-07-02 21:11:12 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2011-06-30 22:32:34 ----D---- C:\Program Files\Zrychleni Pocitace
2011-06-30 22:32:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
2011-06-30 22:32:11 ----D---- C:\Program Files\MyPhoneExplorer
2011-06-30 22:32:11 ----D---- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
2011-06-30 19:13:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mobile Atlas Creator
2011-06-30 13:47:08 ----D---- C:\Program Files\Ranked Gaming Client
2011-06-29 18:00:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-06-29 10:10:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\The Creative Assembly
2011-06-24 19:00:10 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2011-06-24 19:00:08 ----D---- C:\Program Files\Microsoft WSE
2011-06-24 18:49:17 ----D---- C:\Program Files\Electronic Arts
2011-06-24 13:11:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2011-06-24 13:09:53 ----D---- C:\Program Files\AMD APP
2011-06-23 18:02:07 ----D---- C:\Program Files\Microsoft XNA
2011-06-20 07:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$

======List of files/folders modified in the last 1 month======

2011-07-19 21:04:35 ----RD---- C:\Program Files
2011-07-19 20:47:11 ----D---- C:\WINDOWS\system32
2011-07-19 20:47:11 ----D---- C:\WINDOWS
2011-07-19 20:40:10 ----D---- C:\Program Files\Common Files
2011-07-19 20:34:28 ----D---- C:\WINDOWS\Temp
2011-07-19 20:34:10 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-07-19 20:33:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Dropbox
2011-07-19 20:33:43 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-07-19 20:31:57 ----D---- C:\WINDOWS\network diagnostic
2011-07-19 19:50:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-19 19:47:04 ----D---- C:\WINDOWS\Prefetch
2011-07-19 18:01:28 ----D---- C:\Program Files\Garena
2011-07-19 17:58:02 ----D---- C:\Program Files\Warcraft IIIa
2011-07-19 12:35:15 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-18 13:53:31 ----D---- C:\Program Files\Steam
2011-07-17 19:54:32 ----D---- C:\Documents and Settings\Administrator\Data aplikací\AIMP
2011-07-17 10:21:42 ----D---- C:\Program Files\uTorrent
2011-07-16 17:27:37 ----SHD---- C:\WINDOWS\Installer
2011-07-16 17:21:48 ----HD---- C:\WINDOWS\inf
2011-07-16 17:21:17 ----D---- C:\WINDOWS\system32\DirectX
2011-07-16 11:54:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-16 11:53:11 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-16 11:53:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-16 11:52:32 ----A---- C:\WINDOWS\imsins.BAK
2011-07-16 00:56:41 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-13 18:24:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-09 16:10:07 ----D---- C:\WINDOWS\system32\drivers
2011-07-09 16:10:00 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-09 11:58:38 ----D---- C:\WINDOWS\Logs
2011-07-09 11:58:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-07-07 22:13:29 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-07-07 22:12:01 ----RSD---- C:\WINDOWS\assembly
2011-07-04 13:43:51 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-02 13:58:12 ----D---- C:\Program Files\Runes of Magic
2011-07-01 21:16:22 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-07-01 19:33:38 ----D---- C:\Install
2011-06-30 22:30:53 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-06-29 18:00:19 ----D---- C:\Program Files\Microsoft Office
2011-06-29 14:09:57 ----D---- C:\Program Files\Opera
2011-06-29 14:08:57 ----D---- C:\Program Files\The KMPlayer
2011-06-26 14:20:16 ----D---- C:\WINDOWS\Minidump
2011-06-26 07:41:44 ----D---- C:\WINDOWS\system32\config
2011-06-25 05:40:32 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-24 18:59:58 ----D---- C:\WINDOWS\WinSxS
2011-06-24 16:51:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-06-24 13:09:38 ----D---- C:\Program Files\ATI Technologies
2011-06-24 13:08:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-06-24 12:43:01 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-06-24 12:43:00 ----A---- C:\WINDOWS\system32\atioglxx.dll
2011-06-24 12:42:53 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-06-24 12:42:52 ----A---- C:\WINDOWS\system32\ati3duag.dll
2011-06-24 12:42:41 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-06-24 12:42:40 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2011-06-24 12:42:34 ----A---- C:\WINDOWS\system32\atitvo32.dll
2011-06-24 12:42:29 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2011-06-24 12:42:28 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2011-06-24 12:42:28 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2011-06-24 12:42:27 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2011-06-24 12:42:27 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-06-24 12:42:27 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-06-24 12:42:27 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2011-06-24 12:42:27 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2011-06-24 12:42:25 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2011-06-24 12:42:25 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2011-06-24 12:42:24 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2011-06-24 12:42:22 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2011-06-24 12:42:21 ----A---- C:\WINDOWS\system32\ATIODE.exe
2011-06-24 12:42:21 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2011-06-24 12:42:20 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2011-06-24 12:42:18 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2011-06-24 12:42:18 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2011-06-24 12:42:18 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2011-06-24 12:42:17 ----A---- C:\WINDOWS\system32\atikvmag.dll
2011-06-24 12:42:16 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-06-24 12:42:15 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2011-06-24 12:42:14 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2011-06-24 12:42:13 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-06-23 17:59:59 ----D---- C:\WINDOWS\system32\cs-CZ
2011-06-23 17:55:26 ----D---- C:\WINDOWS\system32\en-US
2011-06-23 17:55:19 ----D---- C:\Program Files\Microsoft.NET
2011-06-22 18:57:06 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-06-20 07:10:22 ----RSD---- C:\WINDOWS\Fonts
2011-06-20 07:10:05 ----D---- C:\Program Files\Microsoft Works
2011-06-20 07:08:43 ----D---- C:\Program Files\Common Files\System
2011-06-20 07:08:43 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
S1 AsrAppCharger;AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [2010-06-11 13832]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
S1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-06-24 6554624]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 usbser;GPS USB Serial Interface driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-11-25 1617408]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-06-24 643072]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-08 136176]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-17 153376]
S2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-08 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-27 820520]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Caroprd111]

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys 
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys 
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys 
nvrd32.sys 
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[Hajadlo]

ještě detail, kde mám ty logy najít?
nebo se to snad ještě neudělalo?

[Caroprd111]

Měly by být v místě spuštění programu.

[Hajadlo]

Tak znova, OTL najednou spadl
navíc OTL nevypadá že by pracovalo

[Caroprd111]

Ok

[Hajadlo]

oo, tak kvůli malému rozlišení nevidím nic... za chvíli tu bude ten log hádám...
Edit: ještě se zeptám, jak dlouho by to mělo trvat?

[Caroprd111]

Sken trvá obvykle do 15 minut.

[Hajadlo]

OTL logfile created on: 19.7.2011 21:20:54 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,13% Memory free
3,85 Gb Paging File | 3,42 Gb Available in Paging File | 88,87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 55,39 Gb Free Space | 18,58% Space Free | Partition Type: NTFS

Computer Name: PRACOVNA | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.19 21:12:07 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2011.06.17 16:33:02 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011.07.19 21:12:07 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.17 16:33:02 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.03.04 23:38:02 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)


========== Driver Services (SafeList) ==========

DRV - [2011.07.04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.07.04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.07.04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.07.04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.07.04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.07.04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.07.04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.06.24 12:43:10 | 006,554,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.06.11 14:37:04 | 000,013,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV - [2009.11.25 14:57:28 | 001,617,408 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009.11.12 14:48:58 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\StarOpen.sys -- (StarOpen)
DRV - [2009.06.26 09:29:34 | 001,656,960 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (AMBFilt)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.12.02 08:56:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (MonFilt)
DRV - [2008.08.18 12:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008.03.25 05:48:08 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.03.25 05:48:06 | 000,054,400 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.06.25 09:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007.06.25 09:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007.06.25 09:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.25 09:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007.06.25 09:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007.06.25 09:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007.06.25 09:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-602162358-1060284298-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-602162358-1060284298-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1060284298-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



O1 HOSTS File: ([2001.10.25 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-602162358-1060284298-839522115-500..\Run: [Ckemeo] C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe ()
O4 - HKU\S-1-5-21-602162358-1060284298-839522115-500..\Run: [uTorrent] c:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Dropbox.lnk = C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-1060284298-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Dokumenty\Obrázky\ubuntu_hardy_heron_bird_by_em3rveillement.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.08 04:55:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{58b69ec2-792c-11e0-a621-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{58b69ec2-792c-11e0-a621-806d6172696f}\Shell\AutoRun\command - "" = D:\ASRSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.07.19 21:12:06 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.07.19 21:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.19 21:04:34 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.19 20:50:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
[2011.07.19 20:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\McAfee Security Scan Plus
[2011.07.19 20:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2011.07.19 20:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\McAfee
[2011.07.19 20:47:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2011.07.19 20:47:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2011.07.19 20:47:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2011.07.19 20:47:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2011.07.19 20:47:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2011.07.19 20:47:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2011.07.19 20:40:16 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011.07.19 20:40:15 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011.07.19 20:40:14 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011.07.19 20:40:12 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2011.07.19 20:40:12 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2011.07.19 20:40:12 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2011.07.19 20:40:12 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2011.07.19 20:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2011.07.19 20:40:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2011.07.19 20:35:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011.07.10 19:15:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Canneverbe Limited
[2011.07.10 19:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011.07.10 19:12:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CDBurnerXP
[2011.07.10 19:12:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2011.07.09 20:53:06 | 000,068,096 | ---- | C] (YuLv.Net) -- C:\Documents and Settings\Administrator\Plocha\WarKey.exe
[2011.07.09 18:53:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
[2011.07.07 22:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2011.07.07 22:13:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive
[2011.07.07 22:13:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011.07.06 21:22:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Take On Helis Preview
[2011.07.02 21:11:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2011.06.30 22:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Zrychleni Pocitace
[2011.06.30 22:32:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2011.06.30 22:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\OpenCandy
[2011.06.30 22:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\MyPhoneExplorer
[2011.06.30 22:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2011.06.30 22:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2011.06.30 19:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Mobile Atlas Creator
[2011.06.30 13:56:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Games
[2011.06.30 13:47:08 | 000,000,000 | ---D | C] -- C:\Program Files\Ranked Gaming Client
[2011.06.29 10:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\The Creative Assembly
[2011.06.24 19:15:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Games
[2011.06.24 19:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Electronic Arts
[2011.06.24 19:00:10 | 000,447,752 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2011.06.24 19:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2011.06.24 18:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2011.06.24 13:11:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ATI
[2011.06.24 13:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011.06.24 13:09:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Catalyst Control Center
[2011.06.23 18:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
[2011.06.23 17:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\Terrarium
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.19 21:21:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.19 21:17:33 | 000,031,132 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\pinfect.zip
[2011.07.19 21:12:07 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.07.19 20:50:17 | 000,001,807 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\McAfee Security Scan Plus.lnk
[2011.07.19 20:50:17 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
[2011.07.19 20:47:11 | 000,000,054 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2011.07.19 20:40:15 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011.07.19 20:40:14 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011.07.19 20:40:13 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011.07.19 20:36:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.07.19 20:35:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.07.19 20:34:12 | 000,212,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe
[2011.07.19 20:34:08 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.19 20:33:54 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.07.19 20:33:43 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.19 17:55:51 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F6779CCA-FB89-40E5-8136-935A900EBF38}.job
[2011.07.19 13:13:11 | 000,045,202 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\room_v3.dat
[2011.07.19 12:55:20 | 000,000,979 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\WKSet.ini
[2011.07.18 17:26:36 | 1238,988,987 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\ufo-aftermath-pc-game.rar
[2011.07.16 12:57:28 | 000,230,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.16 12:47:02 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.07.16 11:52:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.07.10 19:15:30 | 000,002,229 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CDBurnerXP.lnk
[2011.07.10 19:11:50 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.07 01:21:33 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Company of Heroes.url
[2011.07.07 01:10:09 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Warhammer 40,000 Dawn of War II.url
[2011.07.04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.07.04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.07.04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.07.04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.07.04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.07.04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.07.04 13:35:09 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.07.04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.07.04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.07.04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.07.02 21:12:32 | 000,000,962 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\QstarzGpsView com7.lnk
[2011.07.01 08:12:46 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\Plocha\~$213123.xps
[2011.06.30 22:32:14 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
[2011.06.30 22:30:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011.06.29 14:09:39 | 004,287,331 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Berkman_Center_Broadband_Final_Report_15Feb2010.pdf
[2011.06.29 14:09:09 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\KMPlayer.lnk
[2011.06.28 17:29:36 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Napoleon Total War.url
[2011.06.27 19:32:29 | 467,157,730 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\the-four-hour-work-week.zip
[2011.06.24 18:59:39 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\The Sims™ 3.lnk
[2011.06.24 16:51:25 | 000,496,642 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.06.24 16:51:25 | 000,491,748 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.06.24 16:51:25 | 000,099,272 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.06.24 16:51:25 | 000,085,126 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.06.24 12:43:10 | 006,554,624 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2011.06.24 12:43:10 | 006,554,624 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2011.06.24 12:43:01 | 005,922,816 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll
[2011.06.24 12:43:00 | 017,989,632 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2011.06.24 12:42:53 | 000,956,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll
[2011.06.24 12:42:52 | 004,059,328 | ---- | M] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2011.06.24 12:42:41 | 000,151,552 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe
[2011.06.24 12:42:40 | 000,503,808 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiok3x2.dll
[2011.06.24 12:42:34 | 000,017,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2011.06.24 12:42:31 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat
[2011.06.24 12:42:29 | 000,212,992 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2011.06.24 12:42:28 | 000,808,736 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011.06.24 12:42:28 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2011.06.24 12:42:28 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2011.06.24 12:42:27 | 000,856,064 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2011.06.24 12:42:27 | 000,166,672 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb
[2011.06.24 12:42:27 | 000,064,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll
[2011.06.24 12:42:27 | 000,064,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll
[2011.06.24 12:42:27 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll
[2011.06.24 12:42:27 | 000,024,064 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2011.06.24 12:42:25 | 003,152,384 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2011.06.24 12:42:25 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2011.06.24 12:42:24 | 000,302,592 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2011.06.24 12:42:22 | 000,311,296 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2011.06.24 12:42:21 | 000,294,912 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIODE.exe
[2011.06.24 12:42:21 | 000,053,248 | ---- | M] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[2011.06.24 12:42:20 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll
[2011.06.24 12:42:19 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat
[2011.06.24 12:42:18 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2011.06.24 12:42:18 | 000,045,056 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIODCLI.exe
[2011.06.24 12:42:17 | 000,651,264 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2011.06.24 12:42:17 | 000,233,765 | ---- | M] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.06.24 12:42:16 | 000,057,344 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll
[2011.06.24 12:42:16 | 000,032,635 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2011.06.24 12:42:15 | 000,188,416 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll
[2011.06.24 12:42:14 | 000,200,704 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll
[2011.06.24 12:42:13 | 000,118,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe
[2011.06.22 19:16:06 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Ventrilo.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.19 21:17:33 | 000,031,132 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\pinfect.zip
[2011.07.19 21:13:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.19 20:50:17 | 000,001,807 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\McAfee Security Scan Plus.lnk
[2011.07.19 20:49:55 | 000,001,801 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
[2011.07.19 20:40:36 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2011.07.19 20:34:12 | 000,212,480 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe
[2011.07.18 16:16:55 | 1238,988,987 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\ufo-aftermath-pc-game.rar
[2011.07.10 19:12:55 | 000,002,229 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CDBurnerXP.lnk
[2011.07.07 01:21:33 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Company of Heroes.url
[2011.07.07 01:10:09 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Warhammer 40,000 Dawn of War II.url
[2011.07.02 21:12:32 | 000,000,962 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\QstarzGpsView com7.lnk
[2011.07.01 08:12:46 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Administrator\Plocha\~$213123.xps
[2011.06.30 23:10:40 | 000,134,608 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.06.30 22:32:14 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
[2011.06.29 14:09:39 | 004,287,331 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Berkman_Center_Broadband_Final_Report_15Feb2010.pdf
[2011.06.28 17:29:36 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Napoleon Total War.url
[2011.06.27 19:06:08 | 467,157,730 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\the-four-hour-work-week.zip
[2011.06.27 18:05:27 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Garena.lnk
[2011.06.24 18:59:39 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\The Sims™ 3.lnk
[2011.06.05 15:55:43 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.01 16:43:58 | 000,045,202 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\room_v3.dat
[2011.05.27 12:05:57 | 000,011,904 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.05.10 11:18:55 | 000,046,658 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\room.dat
[2011.05.08 06:34:42 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.08 06:33:49 | 000,230,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.05.08 05:02:07 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.05.08 04:56:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.08 04:52:54 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.05.08 00:15:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.05.08 00:15:19 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011.05.08 00:15:19 | 000,233,765 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.05.08 00:15:19 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.11.12 14:48:58 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys
[2004.08.17 15:58:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.25 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 13:00:00 | 000,496,642 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 13:00:00 | 000,491,748 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 13:00:00 | 000,099,272 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 13:00:00 | 000,085,126 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011.05.11 17:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
[2011.07.17 19:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AIMP
[2011.05.08 00:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2011.06.01 16:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Audacity
[2011.07.10 19:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canneverbe Limited
[2011.05.15 16:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Darer
[2011.07.19 20:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox
[2011.05.15 01:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\gtk-2.0
[2011.06.06 09:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LibreOffice
[2011.06.05 13:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LucasArts
[2011.06.30 19:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mobile Atlas Creator
[2011.07.10 13:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2011.06.30 22:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2011.05.08 00:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.06.29 10:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\The Creative Assembly
[2011.05.14 15:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TS3Client
[2011.05.08 00:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2011.07.19 20:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2011.05.08 00:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.05.08 00:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.07.10 19:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2011.06.02 08:02:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.05.08 00:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FNET
[2011.07.19 20:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2011.05.21 12:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2011.05.08 00:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.05.08 00:16:15 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.05.08 15:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.07.19 17:55:51 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F6779CCA-FB89-40E5-8136-935A900EBF38}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"uTorrent" = "c:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED -- [2011.07.16 12:58:38 | 000,639,352 | ---- | M] (BitTorrent, Inc.)
"Ckemeo" = C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe -- [2011.07.19 20:34:12 | 000,212,480 | ---- | M] ()

< >


< MD5 for: AGP440.SYS >
[2011.01.21 16:07:33 | 018,786,869 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2011.01.21 16:07:33 | 018,786,869 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2011.01.21 13:00:22 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2011.01.21 13:45:05 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2011.01.21 16:07:33 | 018,786,869 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2010.06.11 02:40:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\cdrom.sys
[2011.01.21 13:47:39 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2011.01.21 13:54:52 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll

[Hajadlo]

druha cast otl
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2011.01.21 13:39:48 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2004.08.17 15:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2011.01.21 13:29:15 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2011.01.21 13:25:50 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: FASTFAT.SYS >
[2011.01.21 13:16:41 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2004.08.03 23:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2011.01.21 16:07:33 | 018,786,869 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2011.01.21 13:52:56 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2011.01.21 16:07:33 | 018,786,869 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2011.01.25 21:04:05 | 023,890,583 | ---- | M] () .cab file -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:isapnp.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2011.05.08 01:35:48 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2011.01.21 13:41:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.01.21 15:53:07 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2011.01.21 13:53:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2011.01.21 14:00:09 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2011.01.21 14:03:17 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: NVGTS.SYS >
[2008.08.18 12:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\system32\drivers\nvgts.sys

< MD5 for: SCECLI.DLL >
[2011.01.21 14:01:05 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2011.01.21 13:41:54 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2004.08.17 15:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SMSS.EXE >
[2011.01.21 13:26:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2011.01.21 15:58:33 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2004.08.17 15:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2011.01.21 13:07:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2011.01.21 13:24:32 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2011.01.21 14:10:51 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2011.01.21 16:10:49 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2011.01.21 13:10:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\Documents and Settings\Administrator\Dokumenty\WINDOWS\system32\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.11.06 06:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8O.DLL
[2006.11.06 06:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8O.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 05:21:36 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 05:21:36 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 05:21:36 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 05:21:36 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 05:21:36 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 05:21:36 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 05:21:36 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2011.06.24 12:42:18 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 05:21:37 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 05:21:37 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 05:21:37 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 05:21:37 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 05:21:37 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 05:21:38 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.17 22:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2001.10.25 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 13:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.03.12 06:14:28 | 000,003,948 | R--- | M] () -- C:\WINDOWS\system32\drivers\nvphy.bin
[2008.04.14 05:21:55 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 05:22:04 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.07.16 12:47:02 | 000,002,552 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.07.19 20:40:13 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\system32\eEmpty.exe
[2011.07.16 12:57:28 | 000,230,392 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.07.16 11:53:11 | 049,089,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2011.07.19 20:40:14 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp80.dll
[2011.07.19 20:40:15 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr80.dll
[2011.07.19 20:36:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2011.05.08 06:33:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.05.08 06:33:04 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.05.08 06:33:04 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c0984626609cb90bf57d61d612c7001f\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c0984626609cb90bf57d61d612c7001f\*.tmp -> ]
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.05.08 06:34:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2009.02.04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2011.04.27 01:59:44 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Data Aplikací\Apple Computer\Installer Cache\iTunes 10.2.2.14\SetupAdmin.exe
[2011.05.08 00:38:51 | 003,444,224 | ---- | M] (FNet Co., Ltd.) -- C:\Documents and Settings\All Users\Data Aplikací\FNET\XFastUsb\Uninstall.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.05.11 17:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\.minecraft
[2011.05.08 10:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2011.07.17 19:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AIMP
[2011.05.08 15:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2011.05.08 00:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2011.05.11 16:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2011.06.01 16:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Audacity
[2011.07.10 19:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canneverbe Limited
[2011.05.15 16:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Darer
[2011.07.19 20:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox
[2011.05.15 00:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\FastStone
[2011.05.15 01:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\gtk-2.0
[2011.05.08 04:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.05.08 00:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
[2011.06.06 09:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LibreOffice
[2011.06.05 13:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LucasArts
[2011.05.08 00:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.07.01 21:16:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2011.06.30 19:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mobile Atlas Creator
[2011.07.10 13:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2011.05.27 12:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2011.06.30 22:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy
[2011.05.08 00:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.07.19 20:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.05.10 17:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.06.29 10:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\The Creative Assembly
[2011.05.14 15:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TS3Client
[2011.05.08 00:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2011.07.19 20:33:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2011.05.10 16:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ventrilo
[2011.05.20 20:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2011.05.10 10:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2011.07.19 20:34:12 | 000,212,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe
[2011.05.08 06:34:17 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini
[2011.05.14 15:22:11 | 000,046,658 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\room.dat
[2011.07.19 13:13:11 | 000,045,202 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\room_v3.dat

< %APPDATA%\*.exe /s >
[2011.07.19 20:34:12 | 000,212,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe
[2011.05.25 22:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe
[2011.05.25 22:07:42 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Uninstall.exe
[2011.05.09 16:20:29 | 002,871,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2011.06.24 19:00:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.06.30 22:32:14 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\LatestDLMgr.exe
[2010.12.18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\SpeedstarterCZ.exe
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\ZrychleniPocitace.exe
[2011.06.30 22:32:33 | 001,842,096 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\ZrychleniPocitace_p2v1.exe

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-16 09:54:47

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 1

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
PENDINGFILERENAMEOPERATIONS REG_MULTI_SZ \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\avxdisk.dll.40408151.mwt\0\0\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bdcore.dll.89567233.mwt\0\0\0

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.07.19 21:21:05 | 000,000,512 | ---- | M] () MD5=5E215083841FB97B40846A33BDFCC814 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Administrator\Plocha\WKSet.ini:SummaryInformation

< End of report >

[Hajadlo]

OTL Extras logfile created on: 19.7.2011 21:20:54 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,13% Memory free
3,85 Gb Paging File | 3,42 Gb Available in Paging File | 88,87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 55,39 Gb Free Space | 18,58% Space Free | Partition Type: NTFS

Computer Name: PRACOVNA | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-602162358-1060284298-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [KMPlayer.Enqueue] -- "C:\Program Files\The KMPlayer\KMPlayer.exe"/ADD "%1"
Directory [KMPlayer.Play] -- "C:\Program Files\The KMPlayer\KMPlayer.exe" "%1" (Pandora.TV)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56364:TCP" = 56364:TCP:*:Enabled:Pando Media Booster
"56364:UDP" = 56364:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"56364:TCP" = 56364:TCP:*:Enabled:Pando Media Booster
"56364:UDP" = 56364:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"31337:TCP" = 31337:TCP:*:Enabled:Port

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Steam\steamapps\common\men of war\mow.exe" = C:\Program Files\Steam\steamapps\common\men of war\mow.exe:*:Enabled:Men of War -- ("Best Way" Corp)
"C:\Program Files\Steam\steamapps\common\men of war\mow_editor.exe" = C:\Program Files\Steam\steamapps\common\men of war\mow_editor.exe:*:Enabled:Men of War -- ("Best Way" Corp)
"C:\Program Files\Steam\steamapps\common\men of war red tide\redtide.exe" = C:\Program Files\Steam\steamapps\common\men of war red tide\redtide.exe:*:Enabled:Men of War: Red Tide -- ("1c" Corp)
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe" = C:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe:*:Enabled:ArmA 2 -- (Bohemia Interactive)
"C:\Program Files\Valve\Portal 2\portal2.exe" = C:\Program Files\Valve\Portal 2\portal2.exe:*:Enabled:portal2 -- ()
"C:\Program Files\Runes of Magic\Client.exe" = C:\Program Files\Runes of Magic\Client.exe:*:Enabled:Runes of Magic -- (Runewaker)
"C:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe" = C:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead -- (Bohemia Interactive)
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" = C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi -- (LogMeIn Inc.)
"C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe" = C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit -- (Advanced Micro Devices, Inc.)
"C:\Documents and Settings\Administrator\Plocha\Terrarium\TerrariaServer.exe" = C:\Documents and Settings\Administrator\Plocha\Terrarium\TerrariaServer.exe:*:Enabled:Terraria -- (Re-Logic)
"C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe" = C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe:*:Enabled:Napoleon: Total War -- (The Creative Assembly Ltd)
"C:\Program Files\Steam\steamapps\common\men of war assault squad\mow_assault_squad.exe" = C:\Program Files\Steam\steamapps\common\men of war assault squad\mow_assault_squad.exe:*:Enabled:Men of War: Assault Squad -- (Digitalmindsoft)
"C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe" = C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe:*:Enabled:Warhammer® 40,000™: Dawn of War® II – Chaos Rising™ -- (THQ Canada Inc.)
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe" = C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe:*:Enabled:Company of Heroes: Opposing Fronts -- (THQ Canada Inc.)
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe" = C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager -- (THQ Canada Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{053BE69E-4EFE-3621-3613-30080CD26070}" = Catalyst Control Center Graphics Previews Common
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series" = Canon iP1800 series
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{12B15C5C-3A7B-2A4E-7848-B9FC3F59F3FF}" = Catalyst Control Center InstallProxy
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}" = ATI Catalyst Install Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5932A5C4-BB44-4CFB-AD66-1B826F4D788B}" = CDBurnerXP
"{5ECA5B22-4073-8A6D-2E7E-8F4C39FC4309}" = Catalyst Control Center InstallProxy
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Luxusní bydlení – Kolekce
"{7234061E-3D70-2682-F47B-75A5D2F83685}" = Catalyst Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Cestovní horečka
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7739941-59D4-F971-A68B-0318CFBE02D6}" = ccc-utility
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Kolekce The Sims™ 3 Na plný plyn
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.3
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"ASRock IES_is1" = ASRock IES v2.0.69
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.24
"avast" = avast! Free Antivirus
"Counter-Strike 1.6" = Counter-Strike 1.6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FastStone Image Viewer" = FastStone Image Viewer 4.5
"Garena" = Garena 2010
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"IrfanView" = IrfanView (remove only)
"LEGO Star Wars III The Clone Wars" = LEGO Star Wars III The Clone Wars
"LogMeIn Hamachi" = LogMeIn Hamachi
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MP3 Cutter_is1" = MP3 Cutter 1.9
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.50.1074" = Opera 11.50
"Postal 2_is1" = Portal 2
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 20570" = Warhammer® 40,000™: Dawn of War® II – Chaos Rising™
"Steam App 3130" = Men of War: Red Tide
"Steam App 34030" = Napoleon: Total War
"Steam App 4560" = Company of Heroes
"Steam App 64000" = Men of War: Assault Squad
"Steam App 7830" = Men of War
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-602162358-1060284298-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.7.2011 13:18:08 | Computer Name = PRACOVNA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace cdbxpp.exe, verze 4.3.8.2568, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.7.2011 12:38:46 | Computer Name = PRACOVNA | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sims3launcher.exe, P2 0.2.0.113, P3 4c4e3279,
P4 sims3launcher, P5 0.2.0.113, P6 4c4e3279, P7 5dd, P8 965, P9 system.entrypointnotfound,
P10 NIL.

Error - 13.7.2011 12:39:48 | Computer Name = PRACOVNA | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sims3launcher.exe, P2 0.2.0.113, P3 4c4e3279,
P4 sims3launcher, P5 0.2.0.113, P6 4c4e3279, P7 5dd, P8 965, P9 system.entrypointnotfound,
P10 NIL.

Error - 13.7.2011 12:39:50 | Computer Name = PRACOVNA | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 sims3launcher.exe, P2 0.2.0.113, P3 4c4e3279,
P4 sims3launcher, P5 0.2.0.113, P6 4c4e3279, P7 5dd, P8 965, P9 system.entrypointnotfound,
P10 NIL.

Error - 13.7.2011 13:12:01 | Computer Name = PRACOVNA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rgcp.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.7.2011 12:11:07 | Computer Name = PRACOVNA | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 80070005 z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 19.7.2011 12:11:07 | Computer Name = PRACOVNA | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

Error - 19.7.2011 12:34:30 | Computer Name = PRACOVNA | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 800706BA z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 19.7.2011 12:34:30 | Computer Name = PRACOVNA | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80040206.

Error - 19.7.2011 14:31:27 | Computer Name = PRACOVNA | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul chrome.dll,
verze 11.0.696.65, adresa chyby 0x005256eb.

[ System Events ]
Error - 17.7.2011 13:58:22 | Computer Name = PRACOVNA | Source = Service Control Manager | ID = 7031
Description = Služba Apple Mobile Device byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 17.7.2011 18:03:04 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače OBSIDIAN-PC,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{5565C209-A8A7-4F.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 18.7.2011 10:46:22 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače OBSIDIAN-PC,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{5565C209-A8A7-4F.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 18.7.2011 11:45:12 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače CABAJ760, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C235089E-FE7E-4424-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 18.7.2011 12:10:17 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače OBSIDIAN-PC,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{5565C209-A8A7-4F.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 18.7.2011 15:22:01 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače OBSIDIAN-PC,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{5565C209-A8A7-4F.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 18.7.2011 16:58:00 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače OBSIDIAN-PC,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{5565C209-A8A7-4F.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 19.7.2011 3:43:18 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PCHOME, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C235089E-FE7E-4424-9C.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 19.7.2011 5:10:49 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače CABAJ760, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C235089E-FE7E-4424-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.

Error - 19.7.2011 11:32:08 | Computer Name = PRACOVNA | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače OBSIDIAN-PC,
který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{5565C209-A8A7-4F.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.


< End of report >

[Caroprd111]

Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na opravit, PC se restartuje, výslednýlog vložte sem.

Kód: Vybrat vše

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

:OTL
[2011.06.30 22:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Zrychleni Pocitace
[2011.05.08 00:16:15 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.05.08 15:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.07.19 17:55:51 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F6779CCA-FB89-40E5-8136-935A900EBF38}.job
[2010.12.17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\ZrychleniPocitace.exe
[2011.06.30 22:32:33 | 001,842,096 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\ZrychleniPocitace_p2v1.exe
[2011.07.19 20:34:12 | 000,212,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe
O4 - HKU\S-1-5-21-602162358-1060284298-839522115-500..\Run: [Ckemeo] C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe ()
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Administrator\Plocha\WKSet.ini:SummaryInformation

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Ckemeo"=-

[Hajadlo]

MILUJU TĚ, UŽ TO JEDE!



All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 2266901383 bytes
->Temporary Internet Files folder emptied: 788595901 bytes
->Java cache emptied: 34970 bytes
->Google Chrome cache emptied: 374384680 bytes
->Opera cache emptied: 16444564 bytes
->Flash cache emptied: 2915106 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 4532168 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 246243 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12995748 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 789648 bytes

Total Files Cleaned = 3 309,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
========== OTL ==========
C:\Program Files\Zrychleni Pocitace\ScanResults folder moved successfully.
C:\Program Files\Zrychleni Pocitace\RestorePoints folder moved successfully.
C:\Program Files\Zrychleni Pocitace folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{F6779CCA-FB89-40E5-8136-935A900EBF38}.job moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\ZrychleniPocitace.exe moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\OpenCandy\OpenCandy_4328C252080844199905001CE5CB69A2\ZrychleniPocitace_p2v1.exe moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-602162358-1060284298-839522115-500\Software\Microsoft\Windows\CurrentVersion\Run\\Ckemeo deleted successfully.
File C:\Documents and Settings\Administrator\Data aplikací\Ckemeo.exe not found.
ADS C:\Documents and Settings\Administrator\Plocha\WKSet.ini:SummaryInformation deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Ckemeo not found.

OTL by OldTimer - Version 3.2.26.1 log created on 07192011_215227

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF11A2.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF11D2.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF12BE.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF12CB.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1349.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1379.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF13D9.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1404.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1482.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF148F.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF14EB.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF151A.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1598.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF15A5.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1623.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF163E.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF16AE.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF16BC.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF173A.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF1747.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF17A3.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF17D2.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF183C.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF184E.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF18BE.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DF18CB.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBAAA.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBAC3.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBD40.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBD4F.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBE37.tmp not found!
File\Folder C:\Documents and Settings\Administrator\Local Settings\Temp\~DFBE54.tmp not found!
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4INVWIVZ\afr[1].htm moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4INVWIVZ\afr[2].htm moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4INVWIVZ\viewforum[1].htm moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4INVWIVZ\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

Registry entries deleted on Reboot...