Prosím o preventívní kotrolu

[Gary545]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Gregora at 2011-09-05 16:28:58
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (15%) free of 76 GB
Total RAM: 1535 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:29:24, on 5.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Gregora\Plocha\RSIT.exe
C:\Program Files\trend micro\Gregora.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Burn4Free DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} - http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab
O18 - Protocol: bw+0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 22676 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll [2011-06-24 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-10-14 1252200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2010-03-29 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-29 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-09-23 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-09-23 262144]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-10-14 1252200]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Burn4Free DB Toolbar - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll [2010-02-16 2495488]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll [2011-06-24 734048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]
"LogitechCameraAssistant"=C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-12-07 489472]
"LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe [2005-12-07 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2003-05-30 585728]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-10-21 2183680]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-05-25 1951112]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-06-24 534880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-10-21 3037696]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-01-10 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe"="C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe:*:Enabled:ANNO 1404"
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe"="C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Enabled:ANNO 1404 Web"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"D:\WD Discovery Software\WD Discovery.exe"="D:\WD Discovery Software\WD Discovery.exe:*:Enabled:WD Discovery Application"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\Boiling Point - Cesta do pekel\XENUS.EXE"="C:\Program Files\Boiling Point - Cesta do pekel\XENUS.EXE:*:Disabled:XENUS"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Riot Games\League of Legends\air\LolClient.exe"="C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Riot Games\League of Legends\game\League of Legends.exe"="C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Disabled:FIFA 11"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:MISSING: 'GUI:Command&ConquerGenerals'"
"C:\Documents and Settings\Gregora\Plocha\Far Cry\Bin32\FarCry.exe"="C:\Documents and Settings\Gregora\Plocha\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

======List of files/folders created in the last 1 months======

2011-08-27 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-08-20 00:30:29 ----D---- C:\Program Files\Microsoft Private Folder 1.0
2011-08-11 22:20:21 ----D---- C:\Documents and Settings\Gregora\Data aplikací\VDownloader
2011-08-11 22:19:58 ----A---- C:\Program Files\Common Files\AskToolbarInstaller.exe
2011-08-11 22:19:51 ----D---- C:\Program Files\VDownloader
2011-08-11 10:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-11 10:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-11 10:27:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-11 10:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2559049$
2011-08-11 10:18:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-11 10:18:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$

======List of files/folders modified in the last 1 months======

2011-09-05 16:29:12 ----D---- C:\WINDOWS\Prefetch
2011-09-05 16:29:02 ----D---- C:\Program Files\trend micro
2011-09-05 16:23:15 ----D---- C:\Documents and Settings\Gregora\Data aplikací\.purple
2011-09-05 15:28:19 ----D---- C:\WINDOWS\Temp
2011-09-05 13:22:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-09-05 12:46:26 ----D---- C:\Documents and Settings\Gregora\Data aplikací\Spyware Terminator
2011-09-05 12:46:23 ----D---- C:\Program Files\Spyware Terminator
2011-09-05 12:45:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-09-05 12:45:53 ----D---- C:\WINDOWS\system32\drivers
2011-09-05 12:18:37 ----D---- C:\Documents and Settings\Gregora\Data aplikací\Skype
2011-09-05 08:02:22 ----D---- C:\Documents and Settings\Gregora\Data aplikací\skypePM
2011-09-05 07:22:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-09-04 23:22:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-03 09:08:34 ----D---- C:\Program Files\Opera
2011-08-28 10:40:12 ----D---- C:\WINDOWS
2011-08-28 01:15:14 ----D---- C:\WINDOWS\Debug
2011-08-27 20:00:56 ----HD---- C:\WINDOWS\inf
2011-08-27 20:00:40 ----D---- C:\WINDOWS\system32
2011-08-27 20:00:27 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-20 00:30:47 ----SHD---- C:\WINDOWS\Installer
2011-08-20 00:30:29 ----RD---- C:\Program Files
2011-08-19 23:46:03 ----D---- C:\Documents and Settings\Gregora\Data aplikací\Dealio
2011-08-14 18:44:16 ----D---- C:\Program Files\Electronic Arts
2011-08-12 09:11:20 ----D---- C:\WINDOWS\system32\Macromed
2011-08-11 22:47:09 ----RSD---- C:\WINDOWS\assembly
2011-08-11 22:46:08 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-11 22:19:59 ----D---- C:\Program Files\Common Files
2011-08-11 10:34:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-11 10:33:42 ----D---- C:\WINDOWS\WinSxS
2011-08-11 10:28:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-11 10:27:46 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-11 10:19:51 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-15 431672]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2003-05-09 33248]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-28 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-28 25888]
R2 Prvflder;Prvflder; C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 70912]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-14 100224]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-01-10 2846720]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 SMBios;Intel (R) System Managment BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2003-06-18 35012]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-14 44384]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 agv3j5kg;agv3j5kg; C:\WINDOWS\system32\drivers\agv3j5kg.sys []
S3 av0hip67;av0hip67; C:\WINDOWS\system32\drivers\av0hip67.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Gregora\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ivusb;Initio Driver for USB Default Controller; C:\WINDOWS\system32\DRIVERS\ivusb.sys []
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2005-12-06 39424]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-12-06 287360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys [2005-09-07 60768]
S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys [2005-09-07 9264]
S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys [2005-09-07 96224]
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys [2005-09-07 87792]
S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w800obex.sys [2005-09-07 85664]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-14 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-14 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-14 5600]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-06-24 393112]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-01-10 512000]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-29 153376]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-06-18 189784]
R2 prfldsvc;Private Folder Service; C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe [2006-04-21 69632]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-10-21 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-05 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-01-09 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-09-23 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Děkuji

[Mc_Murphy]

Zdravím.

Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.

• Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
• Zaškrtni okénko Pro všechny uživatele.
• Zaškrtni okénko Kontrola na havěť "LOP".
• Zaškrtni okénko Kontrola na havěť "Purity".
• Stáři souborů změň z 30 dnů na 7 dnů.
• Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

• Klikni na tlačítko Prohledat.
• Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.

[Gary545]

OTL
OTL logfile created on: 6.9.2011 17:24:07 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Gregora\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 51,74% Memory free
2,11 Gb Paging File | 1,41 Gb Available in Paging File | 67,11% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 10,56 Gb Free Space | 14,17% Space Free | Partition Type: NTFS
Drive F: | 3,91 Gb Total Space | 2,48 Gb Free Space | 63,47% Space Free | Partition Type: FAT32
Drive X: | 928,30 Gb Total Space | 546,88 Gb Free Space | 58,91% Space Free | Partition Type: NTFS
Drive Y: | 928,30 Gb Total Space | 546,88 Gb Free Space | 58,91% Space Free | Partition Type: NTFS

Computer Name: DAVID | User Name: Gregora | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.09.06 17:22:12 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gregora\Plocha\OTL.exe
PRC - [2011.09.03 09:08:12 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.06.24 18:22:40 | 000,534,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011.06.24 17:30:48 | 000,393,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.10.21 12:50:17 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.10.21 12:50:16 | 002,183,680 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010.10.21 12:50:16 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.06.28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.11.05 09:46:10 | 009,116,480 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2009.11.05 09:46:10 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2009.11.05 09:44:16 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.06.16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () -- C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
PRC - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2005.12.09 15:32:18 | 000,225,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005.12.07 10:26:30 | 000,489,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
PRC - [2004.11.01 17:22:22 | 000,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\ElkCtrl.exe
PRC - [2003.05.29 16:28:32 | 000,790,528 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2011.09.06 10:51:19 | 001,384,960 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090600\algo.dll
MOD - [2011.09.05 11:08:25 | 001,384,960 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090500\algo.dll
MOD - [2011.09.05 10:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090600\aswRep.dll
MOD - [2011.09.05 10:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090500\aswRep.dll
MOD - [2011.08.11 19:51:05 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011.08.11 19:50:35 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011.08.11 19:50:11 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MOD - [2011.08.11 19:47:46 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
MOD - [2011.08.11 19:43:53 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011.08.11 10:44:05 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011.08.11 10:43:30 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011.08.11 10:42:06 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011.08.11 10:41:03 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
MOD - [2011.08.11 10:36:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011.08.11 10:34:01 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011.08.11 10:33:44 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.06.15 20:22:34 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2010.10.21 12:55:45 | 001,629,186 | ---- | M] () -- C:\Program Files\Spyware Terminator\TorentDll.dll
MOD - [2010.06.28 22:58:58 | 000,123,296 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll
MOD - [2009.08.19 16:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009.07.29 16:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
MOD - [2009.02.03 04:15:28 | 003,771,296 | ---- | M] () -- C:\Program Files\Opera\program\plugins\NPSWF32.dll
MOD - [2008.04.14 05:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () -- C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.06.24 17:30:48 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.10.21 12:50:16 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.11.05 09:44:16 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe -- (prfldsvc)
SRV - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2011.03.15 20:33:33 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.21 12:50:16 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.10.28 16:40:50 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.10.28 16:40:50 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.05.02 11:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.01.10 07:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.04.21 08:22:24 | 000,070,912 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\prvflder.sys -- (Prvflder)
DRV - [2005.12.09 15:37:42 | 002,400,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv)
DRV - [2005.12.09 15:37:42 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon)
DRV - [2005.12.09 15:35:54 | 002,174,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap)
DRV - [2005.12.06 05:27:29 | 000,287,360 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005.12.06 05:26:16 | 000,039,424 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005.09.07 16:42:50 | 000,087,792 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005.09.07 16:42:50 | 000,085,664 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005.09.07 16:42:48 | 000,096,224 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005.09.07 16:42:46 | 000,009,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005.09.07 16:42:44 | 000,060,768 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.05.14 00:54:34 | 000,014,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2004.05.14 00:54:32 | 000,021,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2004.05.14 00:54:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2004.05.14 00:54:26 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2004.05.14 00:54:24 | 000,044,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2003.06.18 00:38:56 | 000,035,012 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel (R)
DRV - [2003.05.09 06:00:56 | 000,033,248 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2002.09.20 19:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.startup.homepage: "http://cs.www.mozilla.com/cs/firefox/community/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Data aplikací\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010.10.21 12:51:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.21 17:01:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.05 15:44:48 | 000,000,000 | ---D | M]

[2008.09.24 18:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Extensions
[2011.03.25 19:11:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions
[2009.10.10 15:00:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 19:11:29 | 000,000,000 | ---D | M] (Burn4Free DB Toolbar) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2010.10.19 22:24:31 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\vshare@toolbar
[2011.07.14 13:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GREGORA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\00QN9T9J.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GREGORA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\00QN9T9J.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
[2011.07.14 13:17:02 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2010.10.21 12:51:22 | 000,000,000 | ---D | M] (Crawler Toolbar) -- C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX
[2011.07.14 13:17:03 | 000,000,000 | ---D | M] (Dealio Toolbar) -- C:\PROGRAM FILES\DEALIO TOOLBAR\FF
[2010.03.29 22:27:08 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2009.02.18 18:54:28 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.02.18 18:54:28 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.02.18 18:54:28 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.02.18 18:54:28 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.02.18 18:54:28 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.10.17 22:52:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Spy Blocker BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKU\S-1-5-21-746137067-1957994488-682003330-1004..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-746137067-1957994488-682003330-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-746137067-1957994488-682003330-1004..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BDFC9F7-9CFF-4A01-B092-F03DB9964885}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bw+0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\offline-8876480 {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Gregora\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gregora\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.23 18:13:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.09.06 17:22:07 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gregora\Plocha\OTL.exe
[2011.09.05 07:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gregora\Plocha\R.S.G. - Ružomberská Stratená Generácia [DEMO 2011]
[2011.09.04 21:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gregora\Plocha\mama fotky
[2011.08.11 22:19:58 | 002,131,336 | ---- | C] (Ask.com ) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

========== Files - Modified Within 7 Days ==========

[2011.09.06 17:29:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.09.06 17:22:12 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gregora\Plocha\OTL.exe
[2011.09.06 16:59:55 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.06 16:59:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.06 16:59:42 | 1609,293,824 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.05 22:27:50 | 184,395,776 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E02.Adam.a.Leela.DVDRip.Xvid.cz-iNG.avi
[2011.09.05 17:38:03 | 000,178,379 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\322676_2136191801852_1157794388_32149850_473702_o.jpg
[2011.09.05 12:45:54 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.09.05 07:32:58 | 000,007,385 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\SharePodSettings.xml
[2011.09.04 20:57:02 | 000,083,677 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\14907.jpg
[2011.09.03 23:25:46 | 000,160,768 | ---- | M] () -- C:\Documents and Settings\Gregora\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.03 23:08:37 | 183,996,416 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S07E01.Znovuzrozeni.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:01:14 | 242,888,704 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E12.Benderova.hra.4z4.DVBT.XviD.CZ-ODY_591.avi
[2011.09.03 23:01:11 | 243,795,968 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E14.Fialovy.trpaslik.2z4.DVBT.XviD.CZ-ODY_591.avi
[2011.09.03 23:00:50 | 240,316,416 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E05.Milion.a.jedno.chapadlo.1z4.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:00:43 | 236,443,648 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E01.Benderovo.paradni.terno.1z4.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:00:11 | 182,466,560 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama 7x03 Kruta.aplikace.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:00:09 | 183,269,376 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama 7x08 Černý Diblík bílý kocour (cz).avi
[2011.09.03 22:59:12 | 183,441,408 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama - S05E15 - Bendera.by.meli.v.televizi.zakazat.DVDRip.cz-iNG.avi
[2011.09.03 22:59:10 | 184,229,888 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E13.Svatecni spektakl.by kobra.CZ.avi
[2011.09.02 15:17:29 | 184,723,456 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Simpsonovi 22x17 Mnoho tvari lasky.avi
*
Díky

[Gary545]

OTL
OTL logfile created on: 6.9.2011 17:24:07 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Gregora\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 51,74% Memory free
2,11 Gb Paging File | 1,41 Gb Available in Paging File | 67,11% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 10,56 Gb Free Space | 14,17% Space Free | Partition Type: NTFS
Drive F: | 3,91 Gb Total Space | 2,48 Gb Free Space | 63,47% Space Free | Partition Type: FAT32
Drive X: | 928,30 Gb Total Space | 546,88 Gb Free Space | 58,91% Space Free | Partition Type: NTFS
Drive Y: | 928,30 Gb Total Space | 546,88 Gb Free Space | 58,91% Space Free | Partition Type: NTFS

Computer Name: DAVID | User Name: Gregora | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.09.06 17:22:12 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gregora\Plocha\OTL.exe
PRC - [2011.09.03 09:08:12 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.06.24 18:22:40 | 000,534,880 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011.06.24 17:30:48 | 000,393,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.10.21 12:50:17 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.10.21 12:50:16 | 002,183,680 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010.10.21 12:50:16 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.06.28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.11.05 09:46:10 | 009,116,480 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2009.11.05 09:46:10 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2009.11.05 09:44:16 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.06.16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () -- C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
PRC - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2005.12.09 15:32:18 | 000,225,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005.12.07 10:26:30 | 000,489,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
PRC - [2004.11.01 17:22:22 | 000,262,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\ElkCtrl.exe
PRC - [2003.05.29 16:28:32 | 000,790,528 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2011.09.06 10:51:19 | 001,384,960 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090600\algo.dll
MOD - [2011.09.05 11:08:25 | 001,384,960 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090500\algo.dll
MOD - [2011.09.05 10:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090600\aswRep.dll
MOD - [2011.09.05 10:17:50 | 000,208,544 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11090500\aswRep.dll
MOD - [2011.08.11 19:51:05 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011.08.11 19:50:35 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011.08.11 19:50:11 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MOD - [2011.08.11 19:47:46 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
MOD - [2011.08.11 19:43:53 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011.08.11 10:44:05 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011.08.11 10:43:30 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011.08.11 10:42:06 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011.08.11 10:41:03 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
MOD - [2011.08.11 10:36:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011.08.11 10:34:01 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011.08.11 10:33:44 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.06.15 20:22:34 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2010.10.21 12:55:45 | 001,629,186 | ---- | M] () -- C:\Program Files\Spyware Terminator\TorentDll.dll
MOD - [2010.06.28 22:58:58 | 000,123,296 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll
MOD - [2009.08.19 16:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009.07.29 16:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
MOD - [2009.02.03 04:15:28 | 003,771,296 | ---- | M] () -- C:\Program Files\Opera\program\plugins\NPSWF32.dll
MOD - [2008.04.14 05:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () -- C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.06.24 17:30:48 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.10.21 12:50:16 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.11.05 09:44:16 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe -- (prfldsvc)
SRV - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2011.03.15 20:33:33 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.21 12:50:16 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.10.28 16:40:50 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.10.28 16:40:50 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.05.02 11:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.01.10 07:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.04.21 08:22:24 | 000,070,912 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\prvflder.sys -- (Prvflder)
DRV - [2005.12.09 15:37:42 | 002,400,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv)
DRV - [2005.12.09 15:37:42 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon)
DRV - [2005.12.09 15:35:54 | 002,174,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap)
DRV - [2005.12.06 05:27:29 | 000,287,360 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005.12.06 05:26:16 | 000,039,424 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005.09.07 16:42:50 | 000,087,792 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005.09.07 16:42:50 | 000,085,664 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005.09.07 16:42:48 | 000,096,224 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005.09.07 16:42:46 | 000,009,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005.09.07 16:42:44 | 000,060,768 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.05.14 00:54:34 | 000,014,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2004.05.14 00:54:32 | 000,021,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2004.05.14 00:54:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2004.05.14 00:54:26 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2004.05.14 00:54:24 | 000,044,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2003.06.18 00:38:56 | 000,035,012 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel (R)
DRV - [2003.05.09 06:00:56 | 000,033,248 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2002.09.20 19:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.startup.homepage: "http://cs.www.mozilla.com/cs/firefox/community/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =867034&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Data aplikací\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010.10.21 12:51:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.21 17:01:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.05 15:44:48 | 000,000,000 | ---D | M]

[2008.09.24 18:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Extensions
[2011.03.25 19:11:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions
[2009.10.10 15:00:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 19:11:29 | 000,000,000 | ---D | M] (Burn4Free DB Toolbar) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2010.10.19 22:24:31 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\vshare@toolbar
[2011.07.14 13:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GREGORA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\00QN9T9J.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GREGORA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\00QN9T9J.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
[2011.07.14 13:17:02 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2010.10.21 12:51:22 | 000,000,000 | ---D | M] (Crawler Toolbar) -- C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX
[2011.07.14 13:17:03 | 000,000,000 | ---D | M] (Dealio Toolbar) -- C:\PROGRAM FILES\DEALIO TOOLBAR\FF
[2010.03.29 22:27:08 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2009.02.18 18:54:28 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.02.18 18:54:28 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.02.18 18:54:28 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.02.18 18:54:28 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.02.18 18:54:28 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.10.17 22:52:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Spy Blocker BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKU\S-1-5-21-746137067-1957994488-682003330-1004..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-746137067-1957994488-682003330-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-746137067-1957994488-682003330-1004..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} http://xtraz.icq.com/xtraz/products/pho ... vilImg.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BDFC9F7-9CFF-4A01-B092-F03DB9964885}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bw+0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {4dcd37a5-82d3-4851-a897-b69a6e6e67ae} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\offline-8876480 {4DCD37A5-82D3-4851-A897-B69A6E6E67AE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Gregora\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gregora\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.23 18:13:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !)
Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2011.09.06 17:22:07 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gregora\Plocha\OTL.exe
[2011.09.05 07:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gregora\Plocha\R.S.G. - Ružomberská Stratená Generácia [DEMO 2011]
[2011.09.04 21:56:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gregora\Plocha\mama fotky
[2011.08.11 22:19:58 | 002,131,336 | ---- | C] (Ask.com ) -- C:\Program Files\Common Files\AskToolbarInstaller.exe

========== Files - Modified Within 7 Days ==========

[2011.09.06 17:29:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.09.06 17:22:12 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gregora\Plocha\OTL.exe
[2011.09.06 16:59:55 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.06 16:59:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.06 16:59:42 | 1609,293,824 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.05 22:27:50 | 184,395,776 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E02.Adam.a.Leela.DVDRip.Xvid.cz-iNG.avi
[2011.09.05 17:38:03 | 000,178,379 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\322676_2136191801852_1157794388_32149850_473702_o.jpg
[2011.09.05 12:45:54 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.09.05 07:32:58 | 000,007,385 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\SharePodSettings.xml
[2011.09.04 20:57:02 | 000,083,677 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\14907.jpg
[2011.09.03 23:25:46 | 000,160,768 | ---- | M] () -- C:\Documents and Settings\Gregora\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.03 23:08:37 | 183,996,416 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S07E01.Znovuzrozeni.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:01:14 | 242,888,704 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E12.Benderova.hra.4z4.DVBT.XviD.CZ-ODY_591.avi
[2011.09.03 23:01:11 | 243,795,968 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E14.Fialovy.trpaslik.2z4.DVBT.XviD.CZ-ODY_591.avi
[2011.09.03 23:00:50 | 240,316,416 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E05.Milion.a.jedno.chapadlo.1z4.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:00:43 | 236,443,648 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E01.Benderovo.paradni.terno.1z4.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:00:11 | 182,466,560 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama 7x03 Kruta.aplikace.DVBT.XviD.CZ-ODY.avi
[2011.09.03 23:00:09 | 183,269,376 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama 7x08 Černý Diblík bílý kocour (cz).avi
[2011.09.03 22:59:12 | 183,441,408 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama - S05E15 - Bendera.by.meli.v.televizi.zakazat.DVDRip.cz-iNG.avi
[2011.09.03 22:59:10 | 184,229,888 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E13.Svatecni spektakl.by kobra.CZ.avi
[2011.09.02 15:17:29 | 184,723,456 | ---- | M] () -- C:\Documents and Settings\Gregora\Plocha\Simpsonovi 22x17 Mnoho tvari lasky.avi
*
Díky

[Gary545]

* Pokračování OTL
========== Files Created - No Company Name ==========

[2011.09.06 17:29:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.09.05 22:26:15 | 184,395,776 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E02.Adam.a.Leela.DVDRip.Xvid.cz-iNG.avi
[2011.09.05 17:38:02 | 000,178,379 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\322676_2136191801852_1157794388_32149850_473702_o.jpg
[2011.09.04 20:57:02 | 000,083,677 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\14907.jpg
[2011.09.03 23:05:32 | 183,996,416 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S07E01.Znovuzrozeni.DVBT.XviD.CZ-ODY.avi
[2011.09.03 22:49:42 | 182,466,560 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama 7x03 Kruta.aplikace.DVBT.XviD.CZ-ODY.avi
[2011.09.03 22:49:31 | 183,269,376 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama 7x08 Černý Diblík bílý kocour (cz).avi
[2011.09.03 22:49:18 | 242,888,704 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E12.Benderova.hra.4z4.DVBT.XviD.CZ-ODY_591.avi
[2011.09.03 22:48:56 | 243,795,968 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E14.Fialovy.trpaslik.2z4.DVBT.XviD.CZ-ODY_591.avi
[2011.09.03 22:48:44 | 183,441,408 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama - S05E15 - Bendera.by.meli.v.televizi.zakazat.DVDRip.cz-iNG.avi
[2011.09.03 22:48:30 | 184,229,888 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E13.Svatecni spektakl.by kobra.CZ.avi
[2011.09.03 22:48:16 | 236,443,648 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E01.Benderovo.paradni.terno.1z4.DVBT.XviD.CZ-ODY.avi
[2011.09.03 22:48:10 | 240,316,416 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Futurama.S06E05.Milion.a.jedno.chapadlo.1z4.DVBT.XviD.CZ-ODY.avi
[2011.09.02 15:14:45 | 184,723,456 | ---- | C] () -- C:\Documents and Settings\Gregora\Plocha\Simpsonovi 22x17 Mnoho tvari lasky.avi
[2011.08.12 00:01:23 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.02.11 18:50:35 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Easy Video to DVD.INI
[2011.01.05 22:36:08 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.10.21 12:50:16 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.10.17 13:53:56 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.10.17 13:53:56 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.10.17 13:53:56 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.10.17 13:53:56 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.10.17 13:53:56 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.07.20 02:04:00 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2010.07.19 20:57:05 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010.04.26 21:56:24 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.03.28 20:19:06 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010.03.13 23:22:09 | 000,000,052 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.10.28 16:40:50 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.10.28 16:40:50 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.06.18 22:20:16 | 000,138,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.18 22:18:36 | 000,189,784 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009.06.18 22:17:49 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.06.16 17:39:31 | 000,000,250 | ---- | C] () -- C:\WINDOWS\XIIIHooligans.ini
[2009.04.07 21:13:45 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.04.06 18:37:25 | 000,013,126 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.04.06 18:02:38 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2009.04.06 18:00:40 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
[2009.03.26 17:55:05 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Gregora\Data aplikací\PnkBstrK.sys
[2009.03.24 19:26:44 | 000,000,909 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009.02.13 13:12:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ar.INI
[2009.01.06 12:53:46 | 000,000,109 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008.12.20 11:25:12 | 000,000,068 | ---- | C] () -- C:\WINDOWS\MyProg.ini
[2008.12.20 00:38:59 | 000,081,332 | ---- | C] () -- C:\WINDOWS\System32\BASS.DLL
[2008.11.26 19:06:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008.11.26 18:49:25 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.11.26 18:44:39 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008.11.26 18:44:31 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008.11.26 18:44:30 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.11.26 18:44:29 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008.11.26 18:44:28 | 000,165,782 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.11.26 18:29:38 | 000,000,050 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.11 19:54:33 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008.09.24 18:58:49 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.09.24 18:36:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.09.24 17:59:57 | 000,160,768 | ---- | C] () -- C:\Documents and Settings\Gregora\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.23 20:36:10 | 000,001,566 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.23 20:16:26 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.09.23 20:03:05 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008.09.23 19:46:25 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2008.09.23 19:44:38 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gregora\Local Settings\Data aplikací\fusioncache.dat
[2008.09.23 19:40:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.09.23 19:39:43 | 000,230,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.09.23 18:15:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.09.23 18:10:46 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.08.22 00:51:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2007.08.21 22:36:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2006.03.02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 14:00:00 | 000,441,682 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 14:00:00 | 000,438,254 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 14:00:00 | 000,082,974 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 14:00:00 | 000,071,618 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.12.09 15:37:42 | 002,400,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2005.12.09 15:37:42 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005.12.09 15:35:54 | 002,174,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[1999.01.27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2008.09.23 21:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2009.04.22 12:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Age of Empires 3
[2010.08.16 18:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.04.09 20:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BioWare
[2011.03.15 20:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.03.15 20:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
[2011.09.06 17:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2008.10.12 11:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2008.12.20 00:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HighAndes
[2009.06.18 15:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\id Software
[2010.12.17 01:15:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Keronsoft
[2011.07.20 17:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MAGIX
[2008.09.23 20:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2008.12.20 00:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pianosoft
[2011.01.17 12:33:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[2010.09.20 22:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2011.09.06 17:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2008.10.01 17:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.09.07 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.25 00:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Western Digital
[2009.12.24 23:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011.09.05 21:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\.purple
[2008.09.23 21:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\ACD Systems
[2011.01.16 21:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\cld3-lookup
[2008.09.28 12:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\DAEMON Tools
[2011.03.15 20:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\DAEMON Tools Lite
[2011.03.15 20:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\DAEMON Tools Pro
[2011.08.19 23:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Dealio
[2011.01.24 18:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\EssentialGrammarInUse
[2011.05.28 12:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\go
[2011.07.17 18:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\gtk-2.0
[2008.12.20 11:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Hide IP NG
[2008.12.20 00:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\HighAndes
[2011.06.21 15:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\ICQ
[2009.06.18 15:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\id Software
[2010.12.02 20:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\InImages
[2009.02.20 19:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Leadertech
[2011.01.17 13:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\LolClient
[2010.07.19 21:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\MAGIX
[2011.07.20 17:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\My Battle for Middle-earth(tm) II Files
[2010.12.28 02:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Opera
[2011.05.17 19:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Rovio
[2011.07.14 13:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Search Settings
[2009.12.25 22:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\SharePod
[2011.09.05 12:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Spyware Terminator
[2010.04.25 19:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\TeamViewer
[2008.10.01 18:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Teleca
[2011.03.25 19:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Toolbar4
[2009.10.28 18:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Ubisoft
[2011.01.03 23:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\uTorrent
[2011.08.11 22:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\VDownloader
[2009.12.25 00:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Western Digital

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.03.09 10:02:14 | 026,100,520 | R--- | M] (Skype Technologies S.A.)
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.10.21 12:50:17 | 003,037,696 | ---- | M] (Crawler.com)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"AlcoholAutomount" = "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2010.08.20 13:03:08 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)


< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.11.15 12:53:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.11.15 12:53:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.11.15 12:53:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.11.15 12:53:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CSRSS.EXE >
[2006.03.02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NTFS.SYS >
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2006.03.02 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2006.03.02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2006.03.02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\ERDNT\cache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2003.06.19 01:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 05:21:36 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 05:21:36 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 05:21:36 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 05:21:36 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 05:21:36 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 05:21:36 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 05:21:36 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008.01.10 04:17:54 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2erec.dll
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 05:21:37 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 05:21:37 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 05:21:37 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 05:21:37 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 05:21:37 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 05:21:38 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.17 22:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2005.12.23 11:29:38 | 000,000,441 | R--- | M] () -- C:\WINDOWS\system32\drivers\DriverLanguageMap.xml
[2006.03.02 14:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2006.03.02 14:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2005.06.03 14:14:38 | 000,009,845 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600bus.cat
[2005.06.03 13:46:30 | 000,006,791 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600bus.inf
[2005.06.03 13:46:34 | 000,023,898 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600comm.vxd
[2005.06.03 14:14:40 | 000,013,215 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdm.cat
[2005.06.03 13:46:38 | 000,013,143 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdm2.inf
[2005.06.03 13:46:38 | 000,018,753 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdmv.inf
[2005.06.03 13:46:40 | 000,005,008 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mdmw.inf
[2005.06.03 14:14:40 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600mgmt.cat
[2005.06.03 14:14:40 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obex.cat
[2005.06.03 13:46:42 | 000,004,643 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obx2.inf
[2005.06.03 13:46:42 | 000,010,915 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obxv.inf
[2005.06.03 13:46:44 | 000,004,597 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600obxw.inf
[2005.06.03 13:46:44 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600sdm2.inf
[2005.06.03 13:46:46 | 000,010,929 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600sdmv.inf
[2005.06.03 13:46:46 | 000,004,662 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600sdmw.inf
[2005.06.03 13:46:48 | 000,013,263 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600vcd.vxd
[2005.06.03 13:46:48 | 000,030,617 | R--- | M] () -- C:\WINDOWS\system32\drivers\k600vcr.vxd
[2005.06.03 13:46:52 | 000,009,845 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750bus.cat
[2005.06.03 13:46:52 | 000,006,785 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750bus.inf
[2005.06.03 13:46:56 | 000,023,894 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750comm.vxd
[2005.06.03 13:46:58 | 000,013,215 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdm.cat
[2005.06.03 13:47:00 | 000,013,133 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdm2.inf
[2005.06.03 13:47:02 | 000,018,748 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdmv.inf
[2005.06.03 13:47:02 | 000,004,987 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mdmw.inf
[2005.06.03 13:47:04 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750mgmt.cat
[2005.06.03 13:47:04 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obex.cat
[2005.06.03 13:47:06 | 000,004,636 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obx2.inf
[2005.06.03 13:47:08 | 000,010,911 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obxv.inf
[2005.06.03 13:47:08 | 000,004,577 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750obxw.inf
[2005.06.03 13:47:10 | 000,004,709 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750sdm2.inf
[2005.06.03 13:47:10 | 000,010,925 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750sdmv.inf
[2005.06.03 13:47:12 | 000,004,642 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750sdmw.inf
[2005.06.03 13:47:12 | 000,013,259 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750vcd.vxd
[2005.06.03 13:47:14 | 000,030,613 | R--- | M] () -- C:\WINDOWS\system32\drivers\k750vcr.vxd
[2005.12.09 15:37:42 | 000,114,272 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVFaL000.cfg
[2005.12.09 15:37:42 | 000,226,938 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVFeL000.cfg
[2005.12.09 15:37:42 | 000,146,494 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVFeL001.cfg
[2005.12.09 15:37:42 | 000,085,152 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVFeL002.cfg
[2010.01.18 22:02:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2010.01.18 22:02:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 05:21:55 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2005.06.03 13:47:16 | 000,009,712 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800bus.cat
[2005.06.03 13:47:16 | 000,007,178 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800bus.inf
[2005.06.03 13:47:20 | 000,023,915 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800comm.vxd
[2005.06.03 13:47:22 | 000,013,082 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdm.cat
[2005.06.03 13:47:24 | 000,013,592 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdm2.inf
[2005.06.03 13:47:26 | 000,018,787 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdmv.inf
[2005.06.03 13:47:26 | 000,004,992 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mdmw.inf
[2005.06.03 13:47:28 | 000,012,657 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800mgmt.cat
[2005.06.03 13:47:28 | 000,012,657 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obex.cat
[2005.06.03 13:47:30 | 000,004,869 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obx2.inf
[2005.06.03 13:47:32 | 000,011,074 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obxv.inf
[2005.06.03 13:47:32 | 000,004,805 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800obxw.inf
[2005.06.03 13:47:34 | 000,004,970 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800sdm2.inf
[2005.06.03 13:47:34 | 000,011,088 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800sdmv.inf
[2005.06.03 13:47:36 | 000,004,870 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800sdmw.inf
[2005.06.03 13:47:36 | 000,013,280 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800vcd.vxd
[2005.06.03 13:47:38 | 000,030,634 | R--- | M] () -- C:\WINDOWS\system32\drivers\v800vcr.vxd
[2008.04.14 05:22:04 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
[2005.07.22 01:30:38 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550bus.cat
[2005.08.01 13:46:40 | 000,006,793 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550bus.inf
[2005.08.01 13:46:42 | 000,023,898 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550comm.vxd
[2005.07.22 01:30:40 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdm.cat
[2005.08.01 13:46:44 | 000,013,195 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdm2.inf
[2005.08.01 13:46:44 | 000,018,773 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdmv.inf
[2005.08.01 13:46:44 | 000,005,020 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mdmw.inf
[2005.08.01 14:59:00 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550mgmt.cat
[2005.08.01 14:59:32 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obex.cat
[2005.08.01 13:46:46 | 000,004,645 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obx2.inf
[2005.08.01 13:46:46 | 000,010,935 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obxv.inf
[2005.08.01 13:46:46 | 000,004,496 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550obxw.inf
[2005.08.01 13:46:48 | 000,004,718 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550sdm2.inf
[2005.08.01 13:46:48 | 000,010,949 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550sdmv.inf
[2005.08.01 13:46:48 | 000,004,561 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550sdmw.inf
[2005.08.01 13:46:50 | 000,013,255 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550vcd.vxd
[2005.08.01 13:46:50 | 000,030,609 | R--- | M] () -- C:\WINDOWS\system32\drivers\w550vcr.vxd
[2005.08.15 15:04:56 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600bus.cat
[2005.08.15 15:04:54 | 000,006,793 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600bus.inf
[2005.08.15 15:04:52 | 000,023,902 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600comm.vxd
[2005.08.15 15:04:50 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdm.cat
[2005.08.15 15:04:48 | 000,013,195 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdm2.inf
[2005.08.15 15:04:46 | 000,018,773 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdmv.inf
[2005.08.15 15:04:46 | 000,005,020 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mdmw.inf
[2005.08.15 15:04:46 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600mgmt.cat
[2005.08.15 15:04:44 | 000,010,695 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obex.cat
[2005.08.15 15:04:42 | 000,004,645 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obx2.inf
[2005.08.15 15:04:40 | 000,010,935 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obxv.inf
[2005.08.15 15:04:40 | 000,004,496 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600obxw.inf
[2005.08.15 15:04:40 | 000,004,718 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600sdm2.inf
[2005.08.15 15:04:38 | 000,010,949 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600sdmv.inf
[2005.08.15 15:04:36 | 000,004,561 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600sdmw.inf
[2005.08.15 15:04:36 | 000,013,259 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600vcd.vxd
[2005.08.15 15:04:36 | 000,030,613 | R--- | M] () -- C:\WINDOWS\system32\drivers\w600vcr.vxd
[2005.09.07 16:38:28 | 000,009,851 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800bus.cat
[2005.09.07 16:42:44 | 000,006,899 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800bus.inf
[2005.09.07 16:42:46 | 000,023,886 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800comm.vxd
[2005.09.07 16:38:30 | 000,013,221 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdm.cat
[2005.09.07 16:42:48 | 000,013,303 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdm2.inf
[2005.09.07 16:42:48 | 000,018,813 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdmv.inf
[2005.09.07 16:42:50 | 000,005,096 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mdmw.inf
[2005.09.07 16:38:30 | 000,012,796 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800mgmt.cat
[2005.09.07 16:38:30 | 000,012,796 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obex.cat
[2005.09.07 16:42:50 | 000,004,711 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obx2.inf
[2005.09.07 16:42:52 | 000,010,969 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obxv.inf
[2005.09.07 16:42:52 | 000,004,651 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800obxw.inf
[2005.09.07 16:42:52 | 000,004,784 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800sdm2.inf
[2005.09.07 16:42:54 | 000,010,983 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800sdmv.inf
[2005.09.07 16:42:54 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800sdmw.inf
[2005.09.07 16:42:54 | 000,013,251 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800vcd.vxd
[2005.09.07 16:42:54 | 000,030,605 | R--- | M] () -- C:\WINDOWS\system32\drivers\w800vcr.vxd
[2006.02.20 17:59:26 | 000,009,720 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810bus.cat
[2006.02.20 17:59:52 | 000,006,927 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810bus.inf
[2006.02.20 17:59:30 | 000,023,896 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810comm.vxd
[2006.02.20 17:59:32 | 000,013,090 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdm.cat
[2006.02.20 17:59:50 | 000,013,297 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdm2.inf
[2006.02.20 17:59:50 | 000,018,655 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdmv.inf
[2006.02.20 17:59:48 | 000,004,769 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mdmw.inf
[2006.02.20 17:59:36 | 000,012,665 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810mgmt.cat
[2006.02.20 17:59:38 | 000,012,665 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obex.cat
[2006.02.20 17:59:48 | 000,004,746 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obx2.inf
[2006.02.20 17:59:46 | 000,010,959 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obxv.inf
[2006.02.20 17:59:46 | 000,004,723 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810obxw.inf
[2006.02.20 17:59:44 | 000,004,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810sdm2.inf
[2006.02.20 17:59:44 | 000,010,965 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810sdmv.inf
[2006.02.20 17:59:42 | 000,004,692 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810sdmw.inf
[2006.02.20 17:59:38 | 000,013,249 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810vcd.vxd
[2006.02.20 17:59:40 | 000,030,587 | R--- | M] () -- C:\WINDOWS\system32\drivers\w810vcr.vxd
[2005.09.27 10:34:08 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900bus.cat
[2005.09.27 10:34:10 | 000,006,899 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900bus.inf
[2005.09.27 10:34:14 | 000,023,898 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900comm.vxd
[2005.09.27 10:34:16 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdm.cat
[2005.09.27 10:34:18 | 000,013,186 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdm2.inf
[2005.09.27 10:34:20 | 000,018,746 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdmv.inf
[2005.09.27 10:34:20 | 000,005,096 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mdmw.inf
[2005.09.27 10:34:22 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900mgmt.cat
[2005.09.27 10:34:24 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obex.cat
[2005.09.27 10:34:26 | 000,004,661 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obx2.inf
[2005.09.27 10:34:28 | 000,010,969 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obxv.inf
[2005.09.27 10:34:28 | 000,004,651 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900obxw.inf
[2005.09.27 10:34:30 | 000,004,734 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900sdm2.inf
[2005.09.27 10:34:30 | 000,010,983 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900sdmv.inf
[2005.09.27 10:34:32 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900sdmw.inf
[2005.09.27 10:34:32 | 000,013,263 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900vcd.vxd
[2005.09.27 10:34:34 | 000,030,617 | R--- | M] () -- C:\WINDOWS\system32\drivers\w900vcr.vxd
[2005.06.03 13:47:40 | 000,006,973 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2bus.inf
[2005.06.03 13:47:44 | 000,023,878 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2comm.vxd
[2005.06.03 13:47:48 | 000,013,447 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2mdm2.inf
[2005.06.03 13:47:48 | 000,018,906 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2mdmv.inf
[2005.06.03 13:47:50 | 000,004,824 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2mdmw.inf
[2005.06.03 13:47:52 | 000,004,614 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2obx2.inf
[2005.06.03 13:47:52 | 000,010,986 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2obxv.inf
[2005.06.03 13:47:54 | 000,004,679 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2obxw.inf
[2005.06.03 13:47:54 | 000,004,715 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2sdm2.inf
[2005.06.03 13:47:56 | 000,010,992 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2sdmv.inf
[2005.06.03 13:47:56 | 000,004,739 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2sdmw.inf
[2005.06.03 13:47:58 | 000,013,255 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2vcd.vxd
[2005.06.03 13:47:58 | 000,030,097 | R--- | M] () -- C:\WINDOWS\system32\drivers\z3f2vcr.vxd
[2005.09.07 16:40:34 | 000,009,853 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520bus.cat
[2005.09.07 16:42:56 | 000,006,866 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520bus.inf
[2005.09.07 16:42:58 | 000,023,895 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520comm.vxd
[2005.09.07 16:40:36 | 000,013,223 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdm.cat
[2005.09.07 16:43:00 | 000,013,202 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdm2.inf
[2005.09.07 16:43:00 | 000,018,734 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdmv.inf
[2005.09.07 16:43:02 | 000,005,069 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mdmw.inf
[2005.09.07 16:40:36 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520mgmt.cat
[2005.09.07 16:40:38 | 000,012,798 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obex.cat
[2005.09.07 16:43:02 | 000,004,687 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obx2.inf
[2005.09.07 16:43:04 | 000,010,956 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obxv.inf
[2005.09.07 16:43:04 | 000,004,633 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520obxw.inf
[2005.09.07 16:43:04 | 000,004,760 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520sdm2.inf
[2005.09.07 16:43:06 | 000,010,970 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520sdmv.inf
[2005.09.07 16:43:06 | 000,004,698 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520sdmw.inf
[2005.09.07 16:43:06 | 000,013,260 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520vcd.vxd
[2005.09.07 16:43:08 | 000,030,614 | R--- | M] () -- C:\WINDOWS\system32\drivers\z520vcr.vxd
[2005.11.18 13:26:30 | 000,009,845 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800bus.cat
[2005.11.18 13:26:30 | 000,006,791 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800bus.inf
[2005.11.18 13:26:26 | 000,023,892 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800comm.vxd
[2005.11.18 13:26:22 | 000,013,215 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdm.cat
[2005.11.18 13:26:18 | 000,013,143 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdm2.inf
[2005.11.18 13:26:16 | 000,018,753 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdmv.inf
[2005.11.18 13:26:14 | 000,004,988 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mdmw.inf
[2005.11.18 13:26:12 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800mgmt.cat
[2005.11.18 13:26:10 | 000,012,790 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obex.cat
[2005.11.18 13:26:08 | 000,004,643 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obx2.inf
[2005.11.18 13:26:06 | 000,010,915 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obxv.inf
[2005.11.18 13:26:06 | 000,004,583 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800obxw.inf
[2005.11.18 13:26:04 | 000,004,716 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800sdm2.inf
[2005.11.18 13:26:02 | 000,010,929 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800sdmv.inf
[2005.11.18 13:26:02 | 000,004,649 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800sdmw.inf
[2005.11.18 13:26:00 | 000,013,257 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800vcd.vxd
[2005.11.18 13:26:00 | 000,030,611 | R--- | M] () -- C:\WINDOWS\system32\drivers\z800vcr.vxd

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.03.15 20:33:33 | 000,431,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.09.06 16:59:55 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >
[2008.09.23 19:38:55 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.09.23 19:38:55 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.09.23 19:38:55 | 000,454,656 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[17 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2008.09.23 19:40:21 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2009.04.06 18:22:34 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Installer.log

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.05.28 12:20:58 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\EasyBitsGO.exe
[2011.05.28 12:20:58 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\ezShell64Run.exe
[2011.05.28 12:21:00 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\Svc\GOUpdate.exe
[2008.06.20 16:26:30 | 002,246,144 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\id Software\QuakeLive\pbsvc.exe
[2011.07.15 16:23:27 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Data Aplikací\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2010.12.20 22:49:51 | 009,843,864 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\CT4SKypePlugIn20_Multi_Media.exe
[2010.12.20 22:49:51 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Skype\Plugins\Plugins\95F12167483D466CABC98CAFE4B4FD93\RLLauncher.exe
[2010.10.21 12:50:16 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Spyware Terminator\sp_rsdel.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.09.05 21:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\.purple
[2008.09.23 21:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\ACD Systems
[2011.04.03 18:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Adobe
[2008.11.02 11:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\AdobeUM
[2008.09.23 19:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\ATI
[2011.01.16 21:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\cld3-lookup
[2008.09.24 18:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\CyberLink
[2008.09.28 12:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\DAEMON Tools
[2011.03.15 20:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\DAEMON Tools Lite
[2011.03.15 20:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\DAEMON Tools Pro
[2011.08.19 23:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Dealio
[2008.11.23 00:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\DivX
[2011.01.24 18:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\EssentialGrammarInUse
[2011.05.28 12:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\go
[2009.05.24 23:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\GRETECH
[2011.07.17 18:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\gtk-2.0
[2008.12.20 11:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Hide IP NG
[2008.12.20 00:47:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\HighAndes
[2011.06.21 15:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\ICQ
[2009.06.18 15:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\id Software
[2008.09.23 18:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Identities
[2010.12.02 20:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\InImages
[2010.12.20 23:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\InstallShield
[2009.02.20 19:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Leadertech
[2011.01.17 13:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\LolClient
[2010.11.10 17:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Macromedia
[2010.07.19 21:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\MAGIX
[2010.09.20 22:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Malwarebytes
[2011.05.10 18:19:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft
[2008.09.24 18:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla
[2011.07.20 17:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\My Battle for Middle-earth(tm) II Files
[2010.12.28 02:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Opera
[2010.12.20 23:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Reallusion
[2011.05.17 19:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Rovio
[2011.07.14 13:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Search Settings
[2010.11.27 23:47:24 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Gregora\Data aplikací\SecuROM
[2009.12.25 22:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\SharePod
[2011.09.06 18:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Skype
[2011.09.06 17:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\skypePM
[2011.09.05 12:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Spyware Terminator
[2009.09.22 18:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Sun
[2009.01.28 18:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\teamspeak2
[2010.04.25 19:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\TeamViewer
[2008.10.01 18:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Teleca
[2011.03.25 19:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Toolbar4
[2009.06.24 21:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\U3
[2009.10.28 18:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Ubisoft
[2011.01.03 23:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\uTorrent
[2011.08.11 22:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\VDownloader
[2009.12.25 00:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Western Digital
[2008.10.12 15:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\Winamp
[2011.03.18 18:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gregora\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2008.09.23 19:40:21 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\desktop.ini
[2009.06.18 22:20:15 | 000,139,152 | ---- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\PnkBstrK.sys

< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2011.05.27 10:47:45 | 001,013,760 | ---- | M] (Gretech Corporation) -- C:\Documents and Settings\Gregora\Data aplikací\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2008.12.20 00:18:43 | 000,858,089 | ---- | M] (HIDE IP SOFTWARE ) -- C:\Documents and Settings\Gregora\Data aplikací\Hide IP NG\hideipng-update.exe
[2011.01.16 22:20:38 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}\ARPPRODUCTICON.exe
[2011.01.16 22:20:38 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}\NewShortcut1_253C884B3E624FA388AF4861F1A1BCC3.exe
[2011.01.16 22:20:38 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}\NewShortcut2_253C884B3E624FA388AF4861F1A1BCC3.exe
[2008.11.26 18:50:35 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2010.11.13 15:52:46 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2008.12.20 01:00:07 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{E89B484C-B913-49A0-959B-89E836001658}\ARPPRODUCTICON.exe
[2009.01.23 23:18:27 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\ARPPRODUCTICON.exe
[2009.01.23 23:18:27 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2009.01.23 23:18:27 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2009.01.23 23:18:27 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\Uninstall_GameShadow_F7C1C17E70E3475FBD52EA554391F15D.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Gregora\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Gregora\Data aplikací\U3\temp\Launchpad Removal.exe

< %SYSTEMDRIVE%\*.exe >

< *crack* /s >
[2003.06.17 11:21:48 | 000,470,684 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\MAGIX\MusicMaker16Premium_Download_Version\Synth\Data\DrumnBass\Crackle.wav
[2003.10.09 04:02:32 | 000,079,360 | ---- | M] () -- \Documents and Settings\Gregora\Plocha\moje veci\Alcohol 120\crack.exe
[2004.10.31 12:53:36 | 000,000,786 | ---- | M] () -- \Program Files\Alcohol Soft\Alcohol 120\Crack.bat
[2008.09.08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files\Image-Line\Hardcore\Presets\I cracked my Tube!.hdprg
[2009.03.03 13:28:38 | 000,000,461 | ---- | M] () -- \Program Files\Image-Line\Sawer\Presets\Ambient\MC Cracked.sawer

< *keygen* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-27 18:06:01

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.09.06 17:29:28 | 000,000,512 | ---- | M] () MD5=401A539161CF998932BABB07873E28C8 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 500 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C

< End of report >

[Gary545]

OTL Extras logfile created on: 6.9.2011 17:24:08 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Gregora\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 51,74% Memory free
2,11 Gb Paging File | 1,41 Gb Available in Paging File | 67,11% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 10,56 Gb Free Space | 14,17% Space Free | Partition Type: NTFS
Drive F: | 3,91 Gb Total Space | 2,48 Gb Free Space | 63,47% Space Free | Partition Type: FAT32
Drive X: | 928,30 Gb Total Space | 546,88 Gb Free Space | 58,91% Space Free | Partition Type: NTFS
Drive Y: | 928,30 Gb Total Space | 546,88 Gb Free Space | 58,91% Space Free | Partition Type: NTFS

Computer Name: DAVID | User Name: Gregora | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-746137067-1957994488-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\7.0\ACDSee7.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57477:TCP" = 57477:TCP:*:Enabled:Pando Media Booster
"57477:UDP" = 57477:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57477:TCP" = 57477:TCP:*:Enabled:Pando Media Booster
"57477:UDP" = 57477:UDP:*:Enabled:Pando Media Booster
"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher
"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger -- (Logitech)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe" = C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe:*:Enabled:ANNO 1404 -- (Related Designs)
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe" = C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Enabled:ANNO 1404 Web -- ()
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator -- (Crawler.com)
"D:\WD Discovery Software\WD Discovery.exe" = D:\WD Discovery Software\WD Discovery.exe:*:Enabled:WD Discovery Application
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe" = C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe" = C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"C:\Program Files\Boiling Point - Cesta do pekel\XENUS.EXE" = C:\Program Files\Boiling Point - Cesta do pekel\XENUS.EXE:*:Disabled:XENUS
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby
"C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client
"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe" = C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Disabled:FIFA 11
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat" = C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:MISSING: 'GUI:Command&ConquerGenerals'
"C:\Documents and Settings\Gregora\Plocha\Far Cry\Bin32\FarCry.exe" = C:\Documents and Settings\Gregora\Plocha\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry
"C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe" = C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry -- (Crytek)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{053EC7D7-25D6-87DE-FB3C-21EDA3AC1B3D}" = CCC Help Japanese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3}" = Anno 1404
"{09E03881-E349-18A2-2AFC-CADE51DF080E}" = CCC Help Thai
"{12C11D57-0E6B-64F2-B99E-E40E785AEB56}" = CCC Help Hungarian
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{152441C1-D4DA-EE78-7E4A-514DD0361256}" = CCC Help Dutch
"{16C291EE-B2F5-1636-D382-FEB776F677BE}" = CCC Help Italian
"{18941178-396B-0CC4-2168-17112315EBB8}" = ccc-utility
"{1B3D70BF-F1E5-1548-C1ED-22F0D47BDDD1}" = CCC Help Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22CCA04F-DFE0-5337-770C-3CFD2CDCF2D9}" = ccc-core-static
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{253C884B-3E62-4FA3-88AF-4861F1A1BCC3}" = Essential Grammar in Use
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2DDBE461-3A0D-A6C2-6944-92D694AFB12A}" = Catalyst Control Center Localization French
"{3373AFA7-672F-407C-68F0-955FB5930A47}" = Catalyst Control Center Localization Turkish
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB8AFB-0376-9D4F-24E5-1EEC1CEE1A4B}" = CCC Help Chinese Standard
"{36417A39-B6A6-BE0F-0AD0-6D9B116985D1}" = CCC Help Swedish
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{3FAFEF64-911D-8013-18B5-E0BDF223A5C0}" = CCC Help Korean
"{40E4166C-460E-65F8-F84B-88A2F9EA69F4}" = CCC Help Polish
"{421D1CB2-0C0B-AC1D-06E5-14B0974376B5}" = Catalyst Control Center Localization Korean
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{451CEE76-0FFE-802D-1F5E-615D69BC7007}" = Catalyst Control Center Localization Greek
"{4609F28C-0BDB-F2B2-9DC7-B35A28478312}" = Catalyst Control Center Localization Czech
"{46E1C9E1-9CC6-D432-F2BB-7CFC27B32EC9}" = Catalyst Control Center Localization Russian
"{519118EE-ACFD-16B7-7FEA-6B47D529B50C}" = Catalyst Control Center Core Implementation
"{5325AF31-8FEF-EEA6-084E-6784F834B5C0}" = Catalyst Control Center Graphics Full Existing
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57105084-049B-008E-165A-92AF92B0C60F}" = ccc-core-preinstall
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5DE136A9-DCAE-69D0-08CB-02F07CFC9398}" = CCC Help Spanish
"{5E7AD152-771A-52C9-8394-E2F3BA629E06}" = CCC Help Greek
"{644EA08F-87D2-48C0-AE94-B327D1C85A97}" = Microsoft Private Folder 1.0
"{648F9C94-EC44-487B-9DA4-44ED72A082CC}" = Logitech Gaming Software
"{6782B259-804B-301D-0DE9-13000375C2D2}" = Catalyst Control Center Localization Japanese
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D58E839-9E34-3979-7BFD-145BD5E9401C}" = CCC Help Norwegian
"{6FA439F8-EBD8-FF4D-8EE5-A52FE69A4248}" = Catalyst Control Center Localization Finnish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{793E79A5-B52D-E287-37F2-398F530D74C7}" = Catalyst Control Center Localization Polish
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{7F2FF077-4A0C-0F26-717C-617DED010B33}" = CCC Help English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8BF103B8-8C8E-2246-8C0D-C6C256E5E428}" = CCC Help French
"{8E9BA9AF-6A06-C7AC-5863-4A40CF29CE05}" = Catalyst Control Center Localization German
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90E5D6A9-C373-357B-6659-8BF019E3C1D4}" = Catalyst Control Center Localization Dutch
"{9366C5C6-9434-C4C9-9804-FB4D7142874D}" = Catalyst Control Center Localization Portuguese
"{942DD738-A9F7-BBFA-3960-4558CB0EE272}" = Catalyst Control Center Localization Chinese Standard
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0857F54-AE2D-F453-4069-C7D65AE36426}" = Catalyst Control Center Localization Chinese Traditional
"{A2FA61E6-B46A-3489-BD5A-2991144A5BC4}" = CCC Help Portuguese
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 2.9.443
"{AA75AFFC-C5F3-2497-FE56-48AA163EFE2B}" = CCC Help Russian
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1" = Free MP3 Recorder 1.0
"{B0625F16-B742-4F75-9FD8-20B47ACC7DE2}" = ACDSee 7.0 PowerPack
"{B5C68E1B-A651-33AA-21A6-7CC2D69EEFA2}" = CCC Help Czech
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE2686A1-ECF2-FF0E-9DF5-EC7A806AEED8}" = Catalyst Control Center Localization Thai
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C191BE7C-8542-4A61-973A-714EF76C5995}" = Logitech QuickCam Software
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2B8406-F144-3B99-F66E-8D1703C9A9C5}" = Catalyst Control Center Graphics Previews Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4F3A4D4-84B1-3A40-14AA-422DE60EF96A}" = Skins
"{D51D9840-FABE-390B-24D2-D052332B311A}" = Catalyst Control Center Localization Spanish
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D9E96902-5743-D105-BCB7-FBD3C0DF3989}" = Catalyst Control Center Localization Swedish
"{DA64E459-FBF3-4A9C-A3E8-FD0240C4E611}" = Dealio Toolbar v4.5
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DCE27619-6822-0D22-1405-9D2899DC1896}" = Catalyst Control Center Localization Norwegian
"{DF80DB18-7179-EB18-5818-E7F761DA59AE}" = CCC Help Danish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E698F77C-216C-8409-F4DC-E4AAECF5DEFF}" = Catalyst Control Center Localization Italian
"{E7391464-6939-413C-B427-32F33FE13484}" = GameSpy Comrade
"{E7DAAF26-A0B0-1D77-0794-20D1314297F1}" = Catalyst Control Center Graphics Light
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA23971F-2CEE-48FC-B64D-7F74A6EF90F0}" = XMLinst
"{EABF2170-CA2F-4C48-9921-3D5050F30EBA}" = Hooligans - Storm over Europe
"{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16A317A-6128-39E2-9607-20B5C70132E6}" = Catalyst Control Center Localization Hungarian
"{F2B34A83-5345-910F-EC0F-0D92A00D6E3B}" = CCC Help Turkish
"{F2BDC47D-18FA-5B10-58C0-9FFBDBE0B031}" = Catalyst Control Center Graphics Full New
"{F3D677C8-612D-F5A8-A22F-2EF74F44000B}" = CCC Help Chinese Traditional
"{F5C521B6-1AF2-432C-A061-E79E2141A32F}" = Quake Live Mozilla Plugin
"{F7C1C17E-70E3-475F-BD52-EA554391F15D}" = GameShadow
"{F9AB0D25-0085-8345-3F1A-5E5C714092B9}" = Catalyst Control Center Localization Danish
"{FEFE846E-DF0E-0AC6-0EA0-F85CE63CA275}" = CCC Help German
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"Autoplay Repair" = Autoplay Repair 2.2.2
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Bender's 250 0.3.2 (X-Moto Addon)" = Bender's 250 0.3.2 (X-Moto Addon)
"Burn4Free CD & DVD_is1" = Burn4Free CD & DVD 5.4.0.0
"Burn4Free DB Toolbar" = Burn4Free DB Toolbar
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FL Studio 9" = FL Studio 9
"Fraps" = Fraps
"GameSpy Arcade" = GameSpy Arcade
"GOM Player" = GOM Player
"Governor of Poker1.0" = Governor of Poker
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IL Download Manager" = IL Download Manager
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Music Maker 16 Premium Download Version UK" = MAGIX Music Maker 16 Premium Download Version
"MAGIX Screenshare UK" = MAGIX Screenshare
"MAGIX Speed burnR UK" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Marbles_is1" = Marbles 1.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.9)" = Mozilla Firefox (3.0.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Opera 11.51.1087" = Opera 11.51
"Pidgin" = Pidgin
"PokerStars" = PokerStars
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"QcDrv" = ##CAMERADRIVERNAME##
"Sawer" = Sawer
"Scorpions WinCheater 2.07 (s databází 102)_is1" = Scorpions WinCheater
"Spyware Terminator_is1" = Spyware Terminator
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 5" = TeamViewer 5
"Tennis Critters" = Tennis Critters
"TiMoC1.2" = TiMoC
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZAV_DOMA_is1" = ZAV 4.48
"ZAV1_is1" = ZAV 4.48 (32bit)
"ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-1957994488-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Analog Clock" = Analog Clock
"Basketball" = Basketball
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Google Translator" = Google Translator
"touchtheSky for Opera 10.50+" = touchtheSky for Opera 10.50+
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.11.2010 12:25:19 | Computer Name = DAVID | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 13.11.2010 15:59:07 | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x151ed554.

Error - 16.11.2010 20:04:50 | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Chybující aplikace srt2smi.exe, verze 0.0.0.0, chybující modul srt2smi.exe,
verze 0.0.0.0, adresa chyby 0x00002558.

Error - 20.11.2010 12:30:03 | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Chybující aplikace srt2smi.exe, verze 0.0.0.0, chybující modul srt2smi.exe,
verze 0.0.0.0, adresa chyby 0x00002558.

Error - 5.12.2010 18:01:58 | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Chybující aplikace icq.exe, verze 6.5.0.2026, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00000000.

Error - 7.12.2010 17:48:38 | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Chybující aplikace srt2smi.exe, verze 0.0.0.0, chybující modul srt2smi.exe,
verze 0.0.0.0, adresa chyby 0x00002558.

Error - 8.12.2010 11:34:37 | Computer Name = DAVID | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace PoolStars.exe, verze 1.39.770.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.12.2010 8:13:00 | Computer Name = DAVID | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.5.4.2165, chybující modul ml_bookmarks.dll,
verze 0.0.0.0, adresa chyby 0x0000125d.

Error - 23.1.2011 12:36:47 | Computer Name = DAVID | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.3.2011 20:48:13 | Computer Name = DAVID | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace FIFA09.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 27.8.2011 12:50:14 | Computer Name = DAVID | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 29.8.2011 10:51:03 | Computer Name = DAVID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.102 pro síťovou kartu se síťovou
adresou 001320106939 byla ukončena.

Error - 29.8.2011 10:51:10 | Computer Name = DAVID | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby WZCSVC.

Error - 29.8.2011 12:26:28 | Computer Name = DAVID | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby WZCSVC.

Error - 30.8.2011 6:15:45 | Computer Name = DAVID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.102 pro síťovou kartu se síťovou
adresou 001320106939 byla ukončena.

Error - 30.8.2011 7:39:16 | Computer Name = DAVID | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby WZCSVC.

Error - 30.8.2011 10:41:26 | Computer Name = DAVID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.102 pro síťovou kartu se síťovou
adresou 001320106939 byla ukončena.

Error - 30.8.2011 12:42:20 | Computer Name = DAVID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.102 pro síťovou kartu se síťovou
adresou 001320106939 byla ukončena.

Error - 1.9.2011 12:18:19 | Computer Name = DAVID | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.102 pro síťovou kartu se síťovou
adresou 001320106939 byla ukončena.

Error - 1.9.2011 12:18:26 | Computer Name = DAVID | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby WZCSVC.


< End of report >
Děkuji

[Mc_Murphy]

Inu, máš tam nějaký ten bordýlek, tak na to mrkneme:

Stáhni OTL z tohoto odkazu a ulož jej na Plochu.

• Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
• Do spodního okénka Vlastní skenování/opravy vlož tento skript:

Kód: Vybrat vše

:Commands
[emptytemp]
[resethosts]
[purity]
[clearallrestorepoints]

:OTL
SRV - [2011.06.24 17:30:48 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
IE - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010.10.21 12:51:22 | 000,000,000 | ---D | M]
[2011.03.25 19:11:29 | 000,000,000 | ---D | M] (Burn4Free DB Toolbar) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2010.10.19 22:24:31 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\vshare@toolbar
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GREGORA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\00QN9T9J.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GREGORA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\00QN9T9J.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
[2011.07.14 13:17:02 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2010.10.21 12:51:22 | 000,000,000 | ---D | M] (Crawler Toolbar) -- C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX
[2011.07.14 13:17:03 | 000,000,000 | ---D | M] (Dealio Toolbar) -- C:\PROGRAM FILES\DEALIO TOOLBAR\FF
[2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2008.09.08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files\Image-Line\Hardcore\Presets\I cracked my Tube!.hdprg
[2009.03.03 13:28:38 | 000,000,461 | ---- | M] () -- \Program Files\Image-Line\Sawer\Presets\Ambient\MC Cracked.sawer
[2003.10.09 04:02:32 | 000,079,360 | ---- | M] () -- \Documents and Settings\Gregora\Plocha\moje veci\Alcohol 120\crack.exe
[2004.10.31 12:53:36 | 000,000,786 | ---- | M] () -- \Program Files\Alcohol Soft\Alcohol 120\Crack.bat
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-746137067-1957994488-682003330-1004\..\Toolbar\WebBrowser: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\S-1-5-21-746137067-1957994488-682003330-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogitechCameraAssistant"=-
"LogitechCameraService(E)"=-
"LogitechVideo[inspector]"=-
""=-

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Program Files\Common Files\Spigot
C:\Program Files\Application Updater
C:\Program Files\Dealio Toolbar
C:\Program Files\Crawler\Toolbar
C:\Program Files\Common Files\AskToolbarInstaller.exe

• Klikni na tlačítko [Opravit].
• Po dokončení skenu se objeví log, ten mi sem vlož.
• Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí nebo mi jej uploadni třeba na http://leteckaposta.cz/

[Gary545]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Gregora
->Temp folder emptied: 1218920 bytes
->Temporary Internet Files folder emptied: 395649 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 11459922 bytes
->Google Chrome cache emptied: 122699823 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 9088 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 51667100 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 5737915737 bytes

Total Files Cleaned = 5 651,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully.
File C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll not found.
Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems
Prefs.js: dealio@mybrowserbar.com:4.1 removed from extensions.enabledItems
Prefs.js: wtxpcom@mybrowserbar.com:4.1 removed from extensions.enabledItems
Prefs.js: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ deleted successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ not found.
C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}\chrome\content\somoto folder moved successfully.
C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}\chrome\content folder moved successfully.
C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}\chrome folder moved successfully.
C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} folder moved successfully.
C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\vshare@toolbar\META-INF folder moved successfully.
C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\vshare@toolbar\chrome folder moved successfully.
C:\Documents and Settings\Gregora\Data aplikací\Mozilla\Firefox\Profiles\00qn9t9j.default\extensions\vshare@toolbar folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\components folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM folder moved successfully.
C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX\components folder moved successfully.
C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX\chrome folder moved successfully.
C:\PROGRAM FILES\CRAWLER\TOOLBAR\FIREFOX folder moved successfully.
C:\PROGRAM FILES\DEALIO TOOLBAR\FF\chrome\skin folder moved successfully.
C:\PROGRAM FILES\DEALIO TOOLBAR\FF\chrome\locale\EN-US folder moved successfully.
C:\PROGRAM FILES\DEALIO TOOLBAR\FF\chrome\locale folder moved successfully.
C:\PROGRAM FILES\DEALIO TOOLBAR\FF\chrome\content folder moved successfully.
C:\PROGRAM FILES\DEALIO TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\DEALIO TOOLBAR\FF folder moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml moved successfully.
\Program Files\Image-Line\Hardcore\Presets\I cracked my Tube!.hdprg moved successfully.
\Program Files\Image-Line\Sawer\Presets\Ambient\MC Cracked.sawer moved successfully.
\Documents and Settings\Gregora\Plocha\moje veci\Alcohol 120\crack.exe moved successfully.
\Program Files\Alcohol Soft\Alcohol 120\Crack.bat moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.
File C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
C:\Program Files\Crawler\Toolbar\ctbr.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\ not found.
File C:\Program Files\Dealio Toolbar\IE\4.5\dealioToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ deleted successfully.
File C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_USERS\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
File C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll not found.
Registry value HKEY_USERS\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-746137067-1957994488-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
C:\Program Files\DAEMON Tools Lite\DTLite.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LogitechCameraAssistant deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LogitechCameraService(E) deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LogitechVideo[inspector] deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP141.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP172.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP222.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP253.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP282.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP294.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP37.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCE.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD3.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI101.tmp moved successfully.
C:\WINDOWS\Installer\MSI16B.tmp moved successfully.
C:\WINDOWS\Installer\MSI255.tmp moved successfully.
C:\WINDOWS\Installer\MSI270.tmp moved successfully.
C:\WINDOWS\Installer\MSI34.tmp moved successfully.
C:\WINDOWS\Installer\MSI3E.tmp moved successfully.
C:\WINDOWS\Installer\MSI3E6.tmp moved successfully.
C:\WINDOWS\Installer\MSI3EE.tmp moved successfully.
C:\WINDOWS\Installer\MSI43.tmp moved successfully.
C:\WINDOWS\Installer\MSI55F.tmp moved successfully.
C:\WINDOWS\Installer\MSI58B.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt21D.tmp moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Dealio Toolbar\Res folder moved successfully.
C:\Program Files\Dealio Toolbar\IE\4.6 folder moved successfully.
C:\Program Files\Dealio Toolbar\IE folder moved successfully.
C:\Program Files\Dealio Toolbar folder moved successfully.
C:\Program Files\Crawler\Toolbar\WSGData\domains folder moved successfully.
C:\Program Files\Crawler\Toolbar\WSGData folder moved successfully.
C:\Program Files\Crawler\Toolbar\Update folder moved successfully.
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct folder moved successfully.
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct folder moved successfully.
C:\Program Files\Crawler\Toolbar\Languages folder moved successfully.
C:\Program Files\Crawler\Toolbar folder moved successfully.
C:\Program Files\Common Files\AskToolbarInstaller.exe moved successfully.

OTL by OldTimer - Version 3.2.27.0 log created on 09142011_221639

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

Děkuji

[Mc_Murphy]

OTL provedlo, co mělo. Pustíme tam pro jistotu ještě MBAM.

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

• Proveď aktualizaci virové databáze.
• V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
• Předem nic nemaž!!
• MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

[Gary545]

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

2.10.2011 22:08:20
mbam-log-2011-10-02 (22-08-12).txt

Typ: Úplná kontrola (C:\|F:\|)
Kontrolované objekty: 305805
Uplynulý čas: 1 hodin, 57 minut, 19 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\_OTL\movedfiles\09142011_221639\c_program files\common files\SPIGOT\WTXPCOM\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.
c:\_OTL\movedfiles\09142011_221639\c_program files\common files\SPIGOT\WTXPCOM\components\widgitoolbarff.dll.5 (Adware.WidgiToolbar) -> No action taken.
c:\_OTL\movedfiles\09142011_221639\c_program files\common files\SPIGOT\WTXPCOM\components\widgitoolbarff.dll.6 (Adware.WidgiToolbar) -> No action taken.

Děkuji

[Mc_Murphy]

OK, nálezy dej klidně smazat, ale zbavili bychom se jich později - jsou to jen zálohy po čištění v OTL.

Jak je na tom počítač?

[Gary545]

Vcelku dobře, akorát mám problém s hraním her, nevím čím to může být, ale pokaždé se mi sekají. Po chvíli hraní, když se chci třeba přesunout dopředu, tak se to kousne a rozjede se to až třeba po 3 minutách, a to hraji hry které jsou odpovědné procesoru i grafické kartě.
Děkuji za pomoc

[Mc_Murphy]

Tak to nevím, čím by to mohlo být. Může jít o špatný ovladač ke grafické kartě, její špatné nastavení ve Vlastnostech, či příliš mnoho běžících procesů na pozadí systému.
Zkus přeinstalovat ovladač ke grafické kartě, zkontrolovat její nastavení, zkontrolovat verzi a nastavení DirectX a mrkni na procesy, které by se mohly povypínat, aby neběžely se startem systému případně ani při tom, když hraješ.

Taky bys mohl zkusit defragmentaci disku/disků. Na to bych doporučoval tento skvělý freeware prográmek Defraggler. Je od stejné firmy, jako je i námi doporučovaný CCleaner.

A my tu ještě dočistíme.

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a restartuje PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a restartuje PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

A pokud nejsou žádné dotazy, bylo by to z mé strany vše.

[Gary545]

Děkuji moc za pomoc

[Mc_Murphy]

Není vůbec zač a rádo se stalo. Přeji pěkný den.