zasekaný počítač

Zpráva

S.Moninka · #16 Příspěvek od **S.Moninka** » 15 črc 2012 19:36

http://leteckaposta.cz/118604339

#17 Příspěvek od **vyosek** » 15 črc 2012 20:05

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folde::
c:\program files\SweetIM
c:\documents and settings\All Users\Data aplikací\SweetIM
c:\documents and settings\All Users\Ulmqqx20vFCAp
c:\program files\ICQ6Toolbar
c:\program files\ask.com
c:\program files\daemon tools toolbar
c:\documents and settings\all users\6P7YjCZhhA.cpl

Collect::
c:\documents and settings\All Users\Ulmqqx20vFCAp\IwZxd31jMfvC2W7s\NUpJiGMsGc3vxe77\K5n4wD65t8UYSv\B9Am8G.exe

File::
c:\documents and settings\Patrik\Nabídka Start\Programy\Po spuštění\Internet Explorer.lnk
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
c:\windows\Tasks\AppleSoftwareUpdate.job

Driver::
ICQ Service
gupdate
gupdatem

Firefox::
FF - ProfilePath - c:\documents and settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.4.7&q=

DDS::
uDefault_Search_URL = hxxp://search.qip.ru
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: *{855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: Ask Search Assistant BHO: {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - 
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
BHO: Ask Toolbar BHO: {FE063DB1-4EC0-403e-8DD8-394C54984B2C} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} -
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Ask Toolbar: {FE063DB9-4EC0-403E-8DD8-394C54984B2C} -
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: Ask Toolbar: {FE063DB9-4EC0-403e-8DD8-394C54984B2C} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [SUPERAntiSpyware]
uRun: [swg]
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
uRun: [DAEMON Tools Lite]
uRun: [OTjzRu0mR3] c:\documents and settings\all users\ulmqqx20vfcap\iwzxd31jmfvc2w7s\nupjigmsgc3vxe77\k5n4wd65t8uysv\B9Am8G.exe
uRun: [ctfmon.exe]
mRun: [Adobe Photo Downloader] 
mRun: [HP Software Update]
mRun: [UpdatePDRShortCut]
mRun: [NeroFilterCheck]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe ARM]
mRun: [QuickTime Task]
mRun: [SunJavaUpdateSched]
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] c:\program files\sweetim\communicator\SweetPacksUpdateManager.exe
dRun: [CTFMON.EXE]

MBR::

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

S.Moninka · #18 Příspěvek od **S.Moninka** » 16 črc 2012 17:38

při pokusu o dokončení combofix, vždy naškočí modrá obrazovka s upozorněním na chybu. Nevím tedy jak dokončit combofix.

#19 Příspěvek od **vyosek** » 16 črc 2012 18:24

Stahnete SPTD http://www.duplexsecure.com/en/downloads

Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
Ulozte na plochu a spustte
Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe

Ulozte na plochu a spustte
Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte

Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe ale nespoustejte

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
"%userprofile%\plocha\mbr" -t -s
```
Kliknete na OK
Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

S.Moninka · #20 Příspěvek od **S.Moninka** » 20 črc 2012 17:45

SPTD - odkaz mi nefunguje, budu pokračovat dalšíma dvěma

S.Moninka · #21 Příspěvek od **S.Moninka** » 20 črc 2012 17:56

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600

CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys pciide.sys PCIIDEX.SYS
C:\WINDOWS\system32\drivers\sfsync02.sys Protection Technology StarForce Protection System
1 ntkrnlpa!IofCallDriver[0x804EEEB8] -> \Device\Harddisk0\DR0[0x8A8AAAB8]
3 CLASSPNP[0xBA10905B] -> ntkrnlpa!IofCallDriver[0x804EEEB8] -> \Device\00000092[0x8A89E948]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EEEB8] -> \Device\Ide\IdeDeviceP2T0L0-e[0x8A8ACD98]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!

#22 Příspěvek od **vyosek** » 20 črc 2012 20:00

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
"%userprofile%\plocha\mbr" -f
```
Kliknete na OK
Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

Restart PC

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
"%userprofile%\plocha\mbr" -t -s
```
Kliknete na OK
Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

S.Moninka · #23 Příspěvek od **S.Moninka** » 21 črc 2012 10:32

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600

CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!

S.Moninka · #24 Příspěvek od **S.Moninka** » 21 črc 2012 10:41

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600

CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys pciide.sys PCIIDEX.SYS
C:\WINDOWS\system32\drivers\sfsync02.sys Protection Technology StarForce Protection System
1 ntkrnlpa!IofCallDriver[0x804EEEB8] -> \Device\Harddisk0\DR0[0x8A8CCAB8]
3 CLASSPNP[0xBA10905B] -> ntkrnlpa!IofCallDriver[0x804EEEB8] -> \Device\00000092[0x8A8CE9E8]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EEEB8] -> \Device\Ide\IdeDeviceP2T0L0-e[0x8A84BD98]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!

#25 Příspěvek od **vyosek** » 21 črc 2012 19:38

Skript pro ComboFix, postup stejny jako minule

Kód: Vybrat vše

KillAll::

Folde::
c:\program files\SweetIM
c:\documents and settings\All Users\Data aplikací\SweetIM
c:\documents and settings\All Users\Ulmqqx20vFCAp
c:\program files\ICQ6Toolbar
c:\program files\ask.com
c:\program files\daemon tools toolbar
c:\documents and settings\all users\6P7YjCZhhA.cpl

Collect::
c:\documents and settings\All Users\Ulmqqx20vFCAp\IwZxd31jMfvC2W7s\NUpJiGMsGc3vxe77\K5n4wD65t8UYSv\B9Am8G.exe

File::
c:\documents and settings\Patrik\Nabídka Start\Programy\Po spuštění\Internet Explorer.lnk
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
c:\windows\Tasks\AppleSoftwareUpdate.job

Driver::
ICQ Service
gupdate
gupdatem

Firefox::
FF - ProfilePath - c:\documents and settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.4.7&q=

DDS::
uDefault_Search_URL = hxxp://search.qip.ru
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: *{855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: Ask Search Assistant BHO: {9CB65201-89C4-402c-BA80-02D8C59F9B1D} -
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
BHO: Ask Toolbar BHO: {FE063DB1-4EC0-403e-8DD8-394C54984B2C} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} -
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Ask Toolbar: {FE063DB9-4EC0-403E-8DD8-394C54984B2C} -
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: ICQToolBar: {855F3B16-6D32-4fe6-8A56-BBB695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: Ask Toolbar: {FE063DB9-4EC0-403e-8DD8-394C54984B2C} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [SUPERAntiSpyware]
uRun: [swg]
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
uRun: [DAEMON Tools Lite]
uRun: [OTjzRu0mR3] c:\documents and settings\all users\ulmqqx20vfcap\iwzxd31jmfvc2w7s\nupjigmsgc3vxe77\k5n4wd65t8uysv\B9Am8G.exe
uRun: [ctfmon.exe]
mRun: [Adobe Photo Downloader]
mRun: [HP Software Update]
mRun: [UpdatePDRShortCut]
mRun: [NeroFilterCheck]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe ARM]
mRun: [QuickTime Task]
mRun: [SunJavaUpdateSched]
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] c:\program files\sweetim\communicator\SweetPacksUpdateManager.exe
dRun: [CTFMON.EXE]

ClearJavaCache::

Reboot::

S.Moninka · #26 Příspěvek od **S.Moninka** » 22 črc 2012 14:46

ComboFix 12-07-12.02 - Patrik 22.07.2012 14:56:05.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2038.1303 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patrik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Patrik\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Sunbelt Kerio Personal Firewall *Enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk"
"c:\documents and settings\Patrik\Nabídka Start\Programy\Po spuštění\Internet Explorer.lnk"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
.
file zipped: c:\documents and settings\All Users\Ulmqqx20vFCAp\IwZxd31jMfvC2W7s\NUpJiGMsGc3vxe77\K5n4wD65t8UYSv\B9Am8G.exe
.
ADS - drivers: deleted 620 bytes in 1 streams.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-22 do 2012-07-22 )))))))))))))))))))))))))))))))
.
.
2012-07-12 19:05 . 2012-07-22 12:40 12568 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS
2012-07-12 18:59 . 2012-07-12 18:59 -------- d-----w- C:\RK_Quarantine
2012-07-12 17:54 . 2012-07-12 17:55 -------- d-----w- c:\program files\trend micro
2012-07-12 17:54 . 2012-07-12 17:55 -------- d-----w- C:\rsit
2012-07-12 05:36 . 2012-06-05 07:50 44208 ----a-w- c:\windows\system32\drivers\GbpKm.sys
2012-07-12 05:35 . 2012-07-20 16:25 -------- d-----w- c:\program files\GbPlugin
2012-07-12 05:28 . 2012-07-22 13:17 28880 ----a-w- c:\windows\system32\drivers\GbpNdisrd.sys
2012-07-11 18:03 . 2012-07-22 13:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\GbPlugin
2012-07-11 18:03 . 2012-03-31 12:24 117248 ----a-w- c:\windows\system32\libgcc_s_dw2-1.dll
2012-07-11 18:01 . 2012-07-11 18:03 -------- d-----w- C:\ProgramData
2012-07-11 17:57 . 2012-07-11 17:57 -------- d-sh--w- c:\documents and settings\All Users\Ulmqqx20vFCAp
2012-07-03 11:01 . 2012-07-03 11:01 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-02 16:02 . 2012-07-02 16:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PopCap Games
2012-06-27 06:14 . 2012-06-27 06:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PopCapY
2012-06-27 06:13 . 2012-06-27 06:13 -------- d-----w- c:\program files\PopCap Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-13 18:05 . 2012-07-13 18:04 2621440 ----a-w- c:\windows\inf\qdvd.dll
2012-07-03 11:20 . 2011-07-19 07:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-19 10:30 . 2012-06-08 19:41 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-12_20.19.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-22 13:15 . 2012-07-22 13:15 16384 c:\windows\temp\Perflib_Perfdata_55c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2012-02-19 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4C905A23-D8FE-4A25-B9DB-87DF3664178A}]
2012-07-11 18:01 8409600 ----a-w- c:\programdata\Windows\ntfs64.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-21 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-21 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-21 138008]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-17 16132608]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2008-09-17 53248]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-17 102400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"KMCONFIG"="c:\program files\Trust\Trust R-Series Mouse\StartAutorun.exe" [2007-03-06 212992]
"trustGTX14"="c:\program files\Trust\GXT14 Mouse\POINTERGHOST.exe" [2009-06-05 4833792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\Patrik\Nabídka Start\Programy\Po spuštění\
Internet Explorer.lnk - c:\program files\Internet Explorer\IEXPLORE.EXE [2008-9-17 93184]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
NewShortcut1.lnk - c:\program files\USB_video_device\Utility\RemoteTool\BDARemote.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{E37CB5F0-51F5-4395-A808-5FA49E399015}"= "c:\progra~1\GbPlugin\gbiehisg.dll" [2011-10-21 694960]
"{E37CB5F0-51F5-4395-A808-5FA49E399011}"= "c:\progra~1\GbPlugin\gbiehscd.dll" [2012-02-15 695864]
"{E37CB5F0-51F5-4395-A808-5FA49E399008}"= "c:\progra~1\GbPlugin\gbiehuni.dll" [2012-02-01 601592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginAbn]
2012-02-15 06:40 607472 ----a-w- c:\progra~1\GbPlugin\gbiehabn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2012-05-09 07:01 1313864 ----a-w- c:\progra~1\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2012-06-05 07:48 607664 ----a-w- c:\progra~1\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginIsg]
2011-10-21 13:34 694960 ----a-w- c:\progra~1\GbPlugin\gbiehisg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginScd]
2012-02-15 08:06 695864 ----a-w- c:\progra~1\GbPlugin\gbiehscd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginUni]
2012-02-01 08:41 601592 ----a-w- c:\progra~1\GbPlugin\gbiehuni.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-06 07:32 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-28 09:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector\\PDR.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Documents and Settings\\Patrik\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\SweetIM\\Communicator\\SweetPacksUpdateManager.exe"=
.
R0 bhound6;bhound6;c:\windows\system32\drivers\bhound6.sys [21.1.2007 8:14 61032]
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [12.7.2012 7:36 44208]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.9.2008 15:34 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.9.2008 15:34 108552]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [28.5.2008 10:33 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28.5.2008 10:33 66632]
R2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [12.7.2012 7:34 211888]
R2 KmGameMouseServiceV1;Game Mouse Communication And Update Service V1;c:\program files\Trust\GXT14 Mouse\GameMouseServiceApp.exe [4.5.2009 12:22 354816]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Trust\Trust R-Series Mouse\KMWDSrv.exe [9.6.2007 0:23 208896]
R3 KMWDFilterV1;KMWDFilterV1;c:\windows\system32\drivers\RPGMOUSEV1.sys [11.11.2011 21:58 18432]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\GbpNdisrd.sys [12.7.2012 7:28 28880]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe --> c:\progra~1\AVG\AVG8\avgemc.exe [?]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe --> c:\progra~1\AVG\AVG8\avgwdsvc.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.5.2012 8:31 158856]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17.6.2011 19:33 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [8.6.2012 21:41 113120]
S3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\drivers\GbpNdisrd.sys [12.7.2012 7:28 28880]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28.5.2008 10:33 12872]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.11.2008 17:31 717296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-22 15:17
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1480)
c:\progra~1\GbPlugin\gbieh.dll
c:\progra~1\GbPlugin\gbiehscd.dll
c:\progra~1\GbPlugin\gbiehcef.dll
c:\progra~1\GbPlugin\gbiehabn.dll
c:\progra~1\GbPlugin\gbiehuni.dll
c:\progra~1\GbPlugin\gbiehisg.dll
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
- - - - - - - > 'explorer.exe'(4004)
c:\windows\system32\btmmhook.dll
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\windows\system32\wscntfy.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Trust\Trust R-Series Mouse\KMConfig.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\docume~1\Patrik\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\Trust\GXT14 Mouse\StartAutorun.exe
c:\program files\HP\Smart Web Printing\hpswp_clipbook.exe
c:\program files\Trust\GXT14 Mouse\RapooV1Process.exe
c:\program files\Trust\Trust R-Series Mouse\KMProcess.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2012-07-22 15:27:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-22 13:27
ComboFix2.txt 2012-07-12 20:23
ComboFix3.txt 2011-07-21 20:30
ComboFix4.txt 2011-07-21 19:29
ComboFix5.txt 2012-07-15 19:23
.
Před spuštěním: 7 242 428 416
Po spuštění: 7 201 296 384
.
- - End Of File - - 33EDBFE2A8DCEF15C7E5533636E70CC4
Nahr nˇ probŘhlo ŁspŘçnŘ

#27 Příspěvek od **vyosek** » 22 črc 2012 20:20

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

S.Moninka · #28 Příspěvek od **S.Moninka** » 23 črc 2012 19:54

OTL logfile created on: 23.7.2012 20:10:01 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Patrik\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 60,22% Memory free
3,84 Gb Paging File | 3,13 Gb Available in Paging File | 81,48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 6,76 Gb Free Space | 8,65% Space Free | Partition Type: NTFS
Drive D: | 219,95 Gb Total Space | 163,52 Gb Free Space | 74,34% Space Free | Partition Type: NTFS

Computer Name: PATRIK-B795BA8C | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.07.23 20:05:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
PRC - [2012.07.22 15:18:24 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Patrik\Local Settings\Temp\RtkBtMnt.exe
PRC - [2012.06.05 09:50:04 | 000,211,888 | ---- | M] ( ) -- C:\Program Files\GbPlugin\gbpsv.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2009.08.28 11:44:59 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009.06.05 10:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
PRC - [2009.05.19 17:22:14 | 000,361,472 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe
PRC - [2009.05.18 05:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe
PRC - [2008.05.29 20:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe
PRC - [2007.06.09 00:23:50 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
PRC - [2007.06.08 11:19:22 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMCONFIG.exe
PRC - [2007.04.04 11:30:40 | 000,327,680 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
PRC - [2007.04.01 09:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.03.06 14:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
PRC - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
PRC - [2007.02.20 13:34:10 | 001,967,664 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.05.24 17:17:54 | 000,151,552 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\TwebstInjector.dll
MOD - [2012.05.20 13:46:16 | 000,172,032 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\Dbgserv.dll
MOD - [2012.04.04 00:52:52 | 000,421,888 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\Dgbserv.dll
MOD - [2012.03.31 14:24:14 | 000,117,248 | ---- | M] () -- C:\WINDOWS\system32\libgcc_s_dw2-1.dll
MOD - [2009.06.05 10:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
MOD - [2009.03.02 07:45:58 | 000,042,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\MouseHook.dll
MOD - [2007.04.01 09:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007.04.01 08:57:16 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.03.29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Trust\Trust R-Series Mouse\keydll.dll
MOD - [2007.03.29 07:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\keydll.dll
MOD - [2007.02.20 13:34:36 | 000,161,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll
MOD - [2007.02.20 13:34:32 | 000,475,696 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll
MOD - [2007.02.20 13:34:26 | 000,865,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll
MOD - [2007.02.20 13:34:20 | 000,024,112 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll
MOD - [2007.02.20 13:34:18 | 000,833,072 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll
MOD - [2005.05.04 19:12:46 | 000,028,672 | ---- | M] () -- C:\Program Files\Trust\Trust R-Series Mouse\MouseHook.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2012.06.19 12:30:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 09:50:04 | 000,211,888 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.05.18 05:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe -- (KmGameMouseServiceV1)
SRV - [2007.06.09 00:23:50 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (KPF4)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2012.06.05 09:50:36 | 000,044,208 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GbpKm.sys -- (GbpKm)
DRV - [2010.02.19 10:34:32 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010.02.19 10:34:31 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.19 10:34:31 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009.08.28 11:44:58 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.08.28 11:44:58 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.06.10 19:00:54 | 000,018,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RPGMOUSEV1.sys -- (KMWDFilterV1)
DRV - [2009.05.08 08:50:31 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.11.21 17:31:22 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.09.17 16:43:21 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008.09.17 16:43:21 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008.09.17 16:43:21 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008.09.17 16:34:05 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.09.17 16:17:22 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2008.05.14 19:32:42 | 000,535,040 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2008.05.14 19:32:24 | 000,286,208 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007.09.20 21:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007.04.01 04:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.04.01 04:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.29 15:00:16 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2007.03.24 01:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.03.24 01:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.24 01:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.03.24 01:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.02.20 13:34:08 | 000,071,088 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007.02.20 13:34:02 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2007.02.16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.01.21 08:14:18 | 000,061,032 | ---- | M] (Perisoft) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bhound6.sys -- (bhound6)
DRV - [2006.11.07 09:42:30 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200obex.sys -- (w200obex)
DRV - [2006.11.07 09:42:28 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mgmt.sys -- (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.07 09:42:24 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdm.sys -- (w200mdm)
DRV - [2006.11.07 09:42:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdfl.sys -- (w200mdfl)
DRV - [2006.11.07 09:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... earchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: *{855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100013
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.19 12:30:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.08 21:41:22 | 000,000,000 | ---D | M]

[2008.09.17 15:08:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Extensions
[2012.06.17 18:35:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions
[2012.06.10 18:59:30 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.05.24 20:19:09 | 000,000,000 | ---D | M] ("PlayFirst Toolbar") -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\toolbar@ask.com
[2008.11.21 17:33:39 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\daemon-search.xml
[2012.07.09 21:19:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-1.xml
[2009.04.24 09:21:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-10.xml
[2009.04.28 17:54:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-11.xml
[2009.06.14 12:27:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-12.xml
[2009.07.22 16:58:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-13.xml
[2009.08.05 21:36:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-14.xml
[2009.09.10 21:52:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-15.xml
[2009.10.28 20:01:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-16.xml
[2009.12.18 10:45:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-17.xml
[2009.12.18 14:11:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-18.xml
[2010.01.07 12:12:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-19.xml
[2008.09.29 21:10:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-2.xml
[2010.02.19 15:34:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-20.xml
[2010.04.02 10:54:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-21.xml
[2010.07.22 20:44:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-22.xml
[2010.07.27 12:32:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-23.xml
[2010.09.03 17:33:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-24.xml
[2010.09.16 14:30:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-25.xml
[2010.10.22 21:01:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-26.xml
[2010.10.22 21:02:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-27.xml
[2010.10.30 20:24:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-28.xml
[2010.12.11 12:13:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-29.xml
[2008.11.14 21:30:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-3.xml
[2011.03.07 18:42:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-30.xml
[2011.03.24 09:52:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-31.xml
[2011.05.01 10:24:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-32.xml
[2011.06.22 14:26:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-33.xml
[2011.09.02 12:23:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-34.xml
[2011.09.08 07:35:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-35.xml
[2011.09.28 08:49:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-36.xml
[2011.11.17 10:36:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-37.xml
[2011.12.21 21:34:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-38.xml
[2012.02.02 12:24:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-39.xml
[2008.12.19 06:56:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-4.xml
[2012.02.19 18:24:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-40.xml
[2012.03.15 12:32:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-41.xml
[2012.06.08 21:41:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-42.xml
[2012.06.08 21:47:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-43.xml
[2012.06.10 00:38:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-44.xml
[2012.06.12 18:55:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-45.xml
[2012.06.20 13:26:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-46.xml
[2009.02.04 23:00:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-5.xml
[2009.03.05 17:02:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-6.xml
[2009.03.28 18:13:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-7.xml
[2009.04.24 09:18:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-8.xml
[2009.04.24 09:19:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-9.xml
[2009.07.13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin.xml
[2012.06.17 18:35:10 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\sweetim.xml
[2012.06.08 21:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.27 19:17:19 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PATRIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\EU4B2OAX.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PATRIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\EU4B2OAX.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2012.04.09 19:47:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.06.19 12:30:13 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.09 19:47:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2003.01.13 16:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll
[2008.11.14 19:28:55 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files\mozilla firefox\plugins\nppopcaploader.dll
[2012.06.19 12:30:09 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.19 12:30:09 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.07 13:20:24 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.06.19 12:30:09 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.19 12:30:09 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.19 12:30:09 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.07.22 15:17:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Windows Media Sharing Plugin) - {4C905A23-D8FE-4A25-B9DB-87DF3664178A} - C:\ProgramData\Windows\ntfs64.dll ( )
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll File not found
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540015} - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [trustGTX14] C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\NewShortcut1.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://C:\Program Files\Cooking Dash 3 - Thrills & Spills\Images\stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Cooking Dash 3 - Thrills & Spills\Images\armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0ED5DC78-6399-4900-9C69-63029B2610DF}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\PROGRA~1\GbPlugin\gbiehAbn.dll) - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\PROGRA~1\GbPlugin\gbieh.dll) - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\PROGRA~1\GbPlugin\gbiehCef.dll) - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginIsg: DllName - (C:\PROGRA~1\GbPlugin\gbiehIsg.dll) - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O20 - Winlogon\Notify\ GbPluginScd: DllName - (C:\PROGRA~1\GbPlugin\gbiehScd.dll) - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\PROGRA~1\GbPlugin\gbiehUni.dll) - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399015} - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.17 20:00:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.07.01 20:28:22 | 000,000,000 | ---D | M] - D:\autokross 2012 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.g723 - g723.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I263 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 7 Days ==========

[2012.07.23 20:05:15 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2012.07.22 15:13:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.07.22 14:41:41 | 000,000,000 | ---D | C] -- C:\ComboFix

========== Files - Modified Within 7 Days ==========

[2012.07.23 20:05:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2012.07.23 20:02:59 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Internet Explorer.lnk
[2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2012.07.23 18:48:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.23 18:48:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.23 18:48:14 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 16:02:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.22 15:17:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.07.20 18:54:25 | 000,089,088 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\mbr.exe
[2012.07.20 18:47:04 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Patrik\defogger_reenable
[2012.07.20 18:46:09 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\Defogger.exe

========== Files Created - No Company Name ==========

[2012.07.20 18:54:22 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\mbr.exe
[2012.07.20 18:46:53 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Patrik\defogger_reenable
[2012.07.20 18:46:08 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\Defogger.exe
[2012.07.11 20:03:44 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\libgcc_s_dw2-1.dll
[2012.07.11 19:57:47 | 000,000,202 | ---- | C] () -- C:\Documents and Settings\All Users\fb5a62e1c8f1da7b279518f4e272a88f5474dcef
[2012.07.02 23:23:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.09.12 10:08:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\{C29BEA28-6DB6-4B09-BBC0-05DAEBD87184}
[2011.09.12 10:08:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\{20069A17-D74B-495D-B4EB-DBDB9825068C}
[2011.07.21 19:45:21 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.21 19:45:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.07.21 19:45:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.07.21 19:45:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.07.21 19:45:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.04.17 22:12:37 | 002,642,944 | ---- | C] () -- C:\WINDOWS\System32\AppUpWrapper.dll
[2010.07.24 21:55:20 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.11.11 22:18:36 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Patrik\Data aplikací\PnkBstrK.sys
[2009.09.18 14:57:58 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\Patrik\default.pls
[2009.04.20 10:04:09 | 000,003,189 | ---- | C] () -- C:\Documents and Settings\Patrik\.ganttproject
[2009.04.20 10:02:21 | 000,035,674 | ---- | C] () -- C:\Documents and Settings\Patrik\.jpg
[2008.11.21 13:11:04 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Patrik\webct_upload_applet.properties
[2008.09.24 20:18:09 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\fusioncache.dat
[2008.09.21 16:38:43 | 000,166,912 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.17 15:22:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Patrik\PUTTY.RND

========== LOP Check ==========

[2009.09.13 15:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.09.03 14:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2008.09.17 14:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2009.09.13 15:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Floodlight Games
[2012.07.23 18:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GbPlugin
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Green Clover Games
[2009.07.27 19:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2008.11.14 19:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap
[2012.07.02 18:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2012.06.27 08:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCapY
[2012.06.17 18:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.04.08 11:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.01.18 20:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Audacity
[2008.11.21 17:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Floodlight Games
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Green Clover Games
[2011.01.23 20:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2008.09.24 11:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Leadertech
[2008.09.17 15:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mikrotik
[2011.05.01 16:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\MummyPuzzle
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\PlayFirst
[2010.05.20 13:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Playrix Entertainment
[2011.02.05 21:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2008.09.24 10:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Teleca
[2008.12.25 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com
[2012.06.20 13:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\XnView
[2009.11.09 18:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\YoudaGames

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.07.20 11:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Adobe
[2009.01.18 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AdobeAUM
[2009.01.24 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AdobeUM
[2009.09.18 14:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Ahead
[2009.03.26 21:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Apple Computer
[2011.01.18 20:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Audacity
[2009.09.14 07:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\CyberLink
[2008.11.21 17:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Floodlight Games
[2009.10.17 14:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Google
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Green Clover Games
[2008.09.22 22:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH
[2011.06.14 13:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Help
[2008.12.04 21:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\HP
[2009.01.01 12:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\HPAppData
[2011.01.23 20:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2008.09.17 20:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Identities
[2008.09.17 14:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\InstallShield
[2008.09.24 11:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Leadertech
[2008.09.17 15:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia
[2008.10.03 21:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Media Player Classic
[2011.07.20 11:09:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft
[2008.09.17 15:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mikrotik
[2008.09.17 15:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla
[2011.05.01 16:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\MummyPuzzle
[2010.02.02 08:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\OpenOffice.org2
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\PlayFirst
[2010.05.20 13:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Playrix Entertainment
[2012.06.22 23:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Skype
[2012.01.12 18:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\skypePM
[2009.12.15 18:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Corporation
[2008.09.24 10:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Ericsson
[2011.02.05 21:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2008.09.18 07:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sun
[2008.09.18 18:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SUPERAntiSpyware.com
[2008.09.24 10:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Teleca
[2008.12.25 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com
[2008.09.22 21:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\WinRAR
[2012.06.20 13:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\XnView
[2009.11.09 18:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\YoudaGames

< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2012.04.19 18:55:56 | 000,245,760 | ---- | M] (Gretech Corporation) -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2010.02.01 03:45:40 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.18 16:47:02 | 002,832,544 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.12.15 18:07:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
[2010.03.01 22:38:48 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_1DA131122C66AE2AF93D01.exe
[2010.03.01 22:38:48 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_C7135D8DD8E38D24DFF917.exe
[2008.10.02 18:43:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2012.01.16 21:35:58 | 003,884,200 | ---- | M] (Ask) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2002.03.27 15:42:36 | 000,114,688 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com\Core\cabarc.exe
[2002.03.28 09:53:50 | 000,126,976 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com\Core\GLPatcher2.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.06.22 15:52:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.09.17 21:45:55 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.09.17 21:45:55 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.09.17 21:45:55 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys

< %systemroot%\system32\*.* /3 >
[2012.07.23 18:48:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.06.19 12:30:13 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=D3C0837346C49095B8AF9EF54AD7E90A -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2004.08.17 15:49:24 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=63E527C26AC3059EAD766C6C11746D07 -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >
[2011.04.04 16:52:43 | 000,000,318 | ---- | M] () -- \Program Files\Valve\cstrike\crackhouse.wad
[2009.08.27 13:31:06 | 004,345,680 | ---- | M] () -- \Program Files\Valve\cstrike\maps\cs_crackhouse.bsp
[2008.11.19 21:49:25 | 000,067,756 | ---- | M] () -- \Program Files\Valve\cstrike\sound\misc\cracker1.wav

< *keygen* /s >

< *loader* /s >
[2012.04.27 17:14:26 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.04.27 17:14:26 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2009.05.07 19:58:24 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\1000her.cz\loading\load.swf\MiniclipLoaderAd.sol
[2010.01.05 17:55:32 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\1001hry.cz\699bbd6eba34f4b3728a65c02cb87c31\945.swf\MiniclipLoaderAd.sol
[2009.11.11 16:07:38 | 000,000,054 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\media.mtvnservices.com\player\loader\loaderLogging.sol
[2010.01.05 19:16:24 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\miniclip.com\games\china-2008\en\china_2008.dcr\MiniclipLoaderAd.sol
[2009.05.29 12:25:25 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\www.hrajonline.cz\data\bojove-001.swf\MiniclipLoaderAd.sol
[2005.06.06 23:54:14 | 000,348,160 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\PhotoDownloader.dll
[2005.06.06 23:47:26 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\uploader.dll
[2005.06.06 23:02:16 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Shared_Assets\combined_bitmaps\main_window\C_LoadError.png
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2008.04.10 20:36:40 | 002,184,488 | R--- | M] () -- \Program Files\CyberLink\Shared files\Plugin\5.0\CES_3DLoaderFBX.dll
[2009.07.27 18:24:06 | 002,475,304 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\6.0\CES_3DLoaderFBX.dll
[2011.01.23 20:43:47 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.01.23 20:43:47 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2011.01.23 20:43:48 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.01.23 20:43:47 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2009.07.22 10:21:05 | 000,007,697 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\demo\jvmti\hprof\src\hprof_loader.c
[2009.07.22 10:21:05 | 000,002,173 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\demo\jvmti\hprof\src\hprof_loader.h
[2009.07.22 10:20:46 | 000,000,455 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\config\Modules\org-openide-loaders.xml
[2009.07.22 10:20:47 | 001,063,930 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\modules\org-openide-loaders.jar
[2009.07.22 10:20:48 | 000,000,373 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\update_tracking\org-openide-loaders.xml
[2009.05.26 22:56:50 | 000,074,875 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\docs\api\javafx.fxd\javafx.fxd.FXDLoader.html
[2009.05.26 22:49:52 | 000,002,917 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\emulator\toolkit-lib\process\memory-profiler\code\memprof-loader.jar
[2009.05.27 12:36:30 | 000,410,344 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\lib\desktop\fxdloader.jar
[2008.11.14 19:28:55 | 000,000,149 | ---- | M] () -- \Program Files\Mozilla Firefox\components\popcaploader.xpt
[2008.11.14 19:28:55 | 000,151,552 | ---- | M] () -- \Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
[2008.10.20 16:04:22 | 000,006,639 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.pyc
[2007.09.17 07:50:37 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.01.16 16:41:17 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2009.08.14 13:36:18 | 000,070,936 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[2009.04.28 11:48:06 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 620 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:96EE29A3
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0F7085B0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CFF6B3FF
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8140CB50
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9AB338B9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:98DFF516
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:89AC6FAA

< End of report >

S.Moninka · #29 Příspěvek od **S.Moninka** » 23 črc 2012 19:54

OTL logfile created on: 23.7.2012 20:10:01 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Patrik\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 60,22% Memory free
3,84 Gb Paging File | 3,13 Gb Available in Paging File | 81,48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 6,76 Gb Free Space | 8,65% Space Free | Partition Type: NTFS
Drive D: | 219,95 Gb Total Space | 163,52 Gb Free Space | 74,34% Space Free | Partition Type: NTFS

Computer Name: PATRIK-B795BA8C | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.07.23 20:05:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
PRC - [2012.07.22 15:18:24 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Patrik\Local Settings\Temp\RtkBtMnt.exe
PRC - [2012.06.05 09:50:04 | 000,211,888 | ---- | M] ( ) -- C:\Program Files\GbPlugin\gbpsv.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2009.08.28 11:44:59 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009.06.05 10:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
PRC - [2009.05.19 17:22:14 | 000,361,472 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe
PRC - [2009.05.18 05:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe
PRC - [2008.05.29 20:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe
PRC - [2007.06.09 00:23:50 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
PRC - [2007.06.08 11:19:22 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMCONFIG.exe
PRC - [2007.04.04 11:30:40 | 000,327,680 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
PRC - [2007.04.01 09:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.03.06 14:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
PRC - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
PRC - [2007.02.20 13:34:10 | 001,967,664 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.05.24 17:17:54 | 000,151,552 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\TwebstInjector.dll
MOD - [2012.05.20 13:46:16 | 000,172,032 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\Dbgserv.dll
MOD - [2012.04.04 00:52:52 | 000,421,888 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\Dgbserv.dll
MOD - [2012.03.31 14:24:14 | 000,117,248 | ---- | M] () -- C:\WINDOWS\system32\libgcc_s_dw2-1.dll
MOD - [2009.06.05 10:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
MOD - [2009.03.02 07:45:58 | 000,042,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\MouseHook.dll
MOD - [2007.04.01 09:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007.04.01 08:57:16 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.03.29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Trust\Trust R-Series Mouse\keydll.dll
MOD - [2007.03.29 07:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\keydll.dll
MOD - [2007.02.20 13:34:36 | 000,161,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll
MOD - [2007.02.20 13:34:32 | 000,475,696 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll
MOD - [2007.02.20 13:34:26 | 000,865,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll
MOD - [2007.02.20 13:34:20 | 000,024,112 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll
MOD - [2007.02.20 13:34:18 | 000,833,072 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll
MOD - [2005.05.04 19:12:46 | 000,028,672 | ---- | M] () -- C:\Program Files\Trust\Trust R-Series Mouse\MouseHook.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2012.06.19 12:30:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 09:50:04 | 000,211,888 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.05.18 05:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe -- (KmGameMouseServiceV1)
SRV - [2007.06.09 00:23:50 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (KPF4)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2012.06.05 09:50:36 | 000,044,208 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GbpKm.sys -- (GbpKm)
DRV - [2010.02.19 10:34:32 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010.02.19 10:34:31 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.19 10:34:31 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009.08.28 11:44:58 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.08.28 11:44:58 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.06.10 19:00:54 | 000,018,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RPGMOUSEV1.sys -- (KMWDFilterV1)
DRV - [2009.05.08 08:50:31 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.11.21 17:31:22 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.09.17 16:43:21 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008.09.17 16:43:21 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008.09.17 16:43:21 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008.09.17 16:34:05 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.09.17 16:17:22 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2008.05.14 19:32:42 | 000,535,040 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2008.05.14 19:32:24 | 000,286,208 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007.09.20 21:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007.04.01 04:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.04.01 04:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.29 15:00:16 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2007.03.24 01:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.03.24 01:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.24 01:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.03.24 01:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.02.20 13:34:08 | 000,071,088 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007.02.20 13:34:02 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2007.02.16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.01.21 08:14:18 | 000,061,032 | ---- | M] (Perisoft) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bhound6.sys -- (bhound6)
DRV - [2006.11.07 09:42:30 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200obex.sys -- (w200obex)
DRV - [2006.11.07 09:42:28 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mgmt.sys -- (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.07 09:42:24 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdm.sys -- (w200mdm)
DRV - [2006.11.07 09:42:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdfl.sys -- (w200mdfl)
DRV - [2006.11.07 09:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... earchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: *{855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100013
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.19 12:30:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.08 21:41:22 | 000,000,000 | ---D | M]

[2008.09.17 15:08:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Extensions
[2012.06.17 18:35:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions
[2012.06.10 18:59:30 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.05.24 20:19:09 | 000,000,000 | ---D | M] ("PlayFirst Toolbar") -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\toolbar@ask.com
[2008.11.21 17:33:39 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\daemon-search.xml
[2012.07.09 21:19:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-1.xml
[2009.04.24 09:21:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-10.xml
[2009.04.28 17:54:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-11.xml
[2009.06.14 12:27:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-12.xml
[2009.07.22 16:58:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-13.xml
[2009.08.05 21:36:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-14.xml
[2009.09.10 21:52:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-15.xml
[2009.10.28 20:01:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-16.xml
[2009.12.18 10:45:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-17.xml
[2009.12.18 14:11:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-18.xml
[2010.01.07 12:12:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-19.xml
[2008.09.29 21:10:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-2.xml
[2010.02.19 15:34:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-20.xml
[2010.04.02 10:54:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-21.xml
[2010.07.22 20:44:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-22.xml
[2010.07.27 12:32:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-23.xml
[2010.09.03 17:33:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-24.xml
[2010.09.16 14:30:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-25.xml
[2010.10.22 21:01:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-26.xml
[2010.10.22 21:02:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-27.xml
[2010.10.30 20:24:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-28.xml
[2010.12.11 12:13:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-29.xml
[2008.11.14 21:30:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-3.xml
[2011.03.07 18:42:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-30.xml
[2011.03.24 09:52:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-31.xml
[2011.05.01 10:24:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-32.xml
[2011.06.22 14:26:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-33.xml
[2011.09.02 12:23:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-34.xml
[2011.09.08 07:35:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-35.xml
[2011.09.28 08:49:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-36.xml
[2011.11.17 10:36:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-37.xml
[2011.12.21 21:34:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-38.xml
[2012.02.02 12:24:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-39.xml
[2008.12.19 06:56:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-4.xml
[2012.02.19 18:24:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-40.xml
[2012.03.15 12:32:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-41.xml
[2012.06.08 21:41:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-42.xml
[2012.06.08 21:47:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-43.xml
[2012.06.10 00:38:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-44.xml
[2012.06.12 18:55:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-45.xml
[2012.06.20 13:26:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-46.xml
[2009.02.04 23:00:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-5.xml
[2009.03.05 17:02:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-6.xml
[2009.03.28 18:13:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-7.xml
[2009.04.24 09:18:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-8.xml
[2009.04.24 09:19:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-9.xml
[2009.07.13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin.xml
[2012.06.17 18:35:10 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\sweetim.xml
[2012.06.08 21:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.27 19:17:19 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PATRIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\EU4B2OAX.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PATRIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\EU4B2OAX.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2012.04.09 19:47:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.06.19 12:30:13 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.09 19:47:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2003.01.13 16:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll
[2008.11.14 19:28:55 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files\mozilla firefox\plugins\nppopcaploader.dll
[2012.06.19 12:30:09 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.19 12:30:09 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.07 13:20:24 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.06.19 12:30:09 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.19 12:30:09 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.19 12:30:09 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.07.22 15:17:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Windows Media Sharing Plugin) - {4C905A23-D8FE-4A25-B9DB-87DF3664178A} - C:\ProgramData\Windows\ntfs64.dll ( )
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll File not found
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540015} - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [trustGTX14] C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\NewShortcut1.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://C:\Program Files\Cooking Dash 3 - Thrills & Spills\Images\stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Cooking Dash 3 - Thrills & Spills\Images\armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0ED5DC78-6399-4900-9C69-63029B2610DF}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\PROGRA~1\GbPlugin\gbiehAbn.dll) - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\PROGRA~1\GbPlugin\gbieh.dll) - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\PROGRA~1\GbPlugin\gbiehCef.dll) - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginIsg: DllName - (C:\PROGRA~1\GbPlugin\gbiehIsg.dll) - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O20 - Winlogon\Notify\ GbPluginScd: DllName - (C:\PROGRA~1\GbPlugin\gbiehScd.dll) - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\PROGRA~1\GbPlugin\gbiehUni.dll) - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399015} - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.17 20:00:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.07.01 20:28:22 | 000,000,000 | ---D | M] - D:\autokross 2012 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.g723 - g723.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I263 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 7 Days ==========

[2012.07.23 20:05:15 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2012.07.22 15:13:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.07.22 14:41:41 | 000,000,000 | ---D | C] -- C:\ComboFix

========== Files - Modified Within 7 Days ==========

[2012.07.23 20:05:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2012.07.23 20:02:59 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Internet Explorer.lnk
[2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2012.07.23 18:48:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.23 18:48:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.23 18:48:14 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 16:02:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.22 15:17:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.07.20 18:54:25 | 000,089,088 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\mbr.exe
[2012.07.20 18:47:04 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Patrik\defogger_reenable
[2012.07.20 18:46:09 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\Defogger.exe

========== Files Created - No Company Name ==========

[2012.07.20 18:54:22 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\mbr.exe
[2012.07.20 18:46:53 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Patrik\defogger_reenable
[2012.07.20 18:46:08 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\Defogger.exe
[2012.07.11 20:03:44 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\libgcc_s_dw2-1.dll
[2012.07.11 19:57:47 | 000,000,202 | ---- | C] () -- C:\Documents and Settings\All Users\fb5a62e1c8f1da7b279518f4e272a88f5474dcef
[2012.07.02 23:23:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.09.12 10:08:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\{C29BEA28-6DB6-4B09-BBC0-05DAEBD87184}
[2011.09.12 10:08:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\{20069A17-D74B-495D-B4EB-DBDB9825068C}
[2011.07.21 19:45:21 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.21 19:45:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.07.21 19:45:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.07.21 19:45:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.07.21 19:45:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.04.17 22:12:37 | 002,642,944 | ---- | C] () -- C:\WINDOWS\System32\AppUpWrapper.dll
[2010.07.24 21:55:20 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.11.11 22:18:36 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Patrik\Data aplikací\PnkBstrK.sys
[2009.09.18 14:57:58 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\Patrik\default.pls
[2009.04.20 10:04:09 | 000,003,189 | ---- | C] () -- C:\Documents and Settings\Patrik\.ganttproject
[2009.04.20 10:02:21 | 000,035,674 | ---- | C] () -- C:\Documents and Settings\Patrik\.jpg
[2008.11.21 13:11:04 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Patrik\webct_upload_applet.properties
[2008.09.24 20:18:09 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\fusioncache.dat
[2008.09.21 16:38:43 | 000,166,912 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.17 15:22:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Patrik\PUTTY.RND

========== LOP Check ==========

[2009.09.13 15:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.09.03 14:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2008.09.17 14:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2009.09.13 15:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Floodlight Games
[2012.07.23 18:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GbPlugin
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Green Clover Games
[2009.07.27 19:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2008.11.14 19:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap
[2012.07.02 18:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2012.06.27 08:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCapY
[2012.06.17 18:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.04.08 11:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.01.18 20:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Audacity
[2008.11.21 17:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Floodlight Games
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Green Clover Games
[2011.01.23 20:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2008.09.24 11:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Leadertech
[2008.09.17 15:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mikrotik
[2011.05.01 16:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\MummyPuzzle
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\PlayFirst
[2010.05.20 13:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Playrix Entertainment
[2011.02.05 21:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2008.09.24 10:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Teleca
[2008.12.25 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com
[2012.06.20 13:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\XnView
[2009.11.09 18:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\YoudaGames

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.07.20 11:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Adobe
[2009.01.18 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AdobeAUM
[2009.01.24 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AdobeUM
[2009.09.18 14:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Ahead
[2009.03.26 21:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Apple Computer
[2011.01.18 20:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Audacity
[2009.09.14 07:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\CyberLink
[2008.11.21 17:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Floodlight Games
[2009.10.17 14:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Google
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Green Clover Games
[2008.09.22 22:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH
[2011.06.14 13:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Help
[2008.12.04 21:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\HP
[2009.01.01 12:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\HPAppData
[2011.01.23 20:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2008.09.17 20:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Identities
[2008.09.17 14:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\InstallShield
[2008.09.24 11:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Leadertech
[2008.09.17 15:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia
[2008.10.03 21:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Media Player Classic
[2011.07.20 11:09:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft
[2008.09.17 15:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mikrotik
[2008.09.17 15:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla
[2011.05.01 16:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\MummyPuzzle
[2010.02.02 08:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\OpenOffice.org2
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\PlayFirst
[2010.05.20 13:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Playrix Entertainment
[2012.06.22 23:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Skype
[2012.01.12 18:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\skypePM
[2009.12.15 18:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Corporation
[2008.09.24 10:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Ericsson
[2011.02.05 21:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2008.09.18 07:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sun
[2008.09.18 18:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SUPERAntiSpyware.com
[2008.09.24 10:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Teleca
[2008.12.25 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com
[2008.09.22 21:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\WinRAR
[2012.06.20 13:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\XnView
[2009.11.09 18:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\YoudaGames

< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2012.04.19 18:55:56 | 000,245,760 | ---- | M] (Gretech Corporation) -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2010.02.01 03:45:40 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.18 16:47:02 | 002,832,544 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.12.15 18:07:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
[2010.03.01 22:38:48 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_1DA131122C66AE2AF93D01.exe
[2010.03.01 22:38:48 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_C7135D8DD8E38D24DFF917.exe
[2008.10.02 18:43:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2012.01.16 21:35:58 | 003,884,200 | ---- | M] (Ask) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2002.03.27 15:42:36 | 000,114,688 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com\Core\cabarc.exe
[2002.03.28 09:53:50 | 000,126,976 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com\Core\GLPatcher2.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.06.22 15:52:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.09.17 21:45:55 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.09.17 21:45:55 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.09.17 21:45:55 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys

< %systemroot%\system32\*.* /3 >
[2012.07.23 18:48:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.06.19 12:30:13 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=D3C0837346C49095B8AF9EF54AD7E90A -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2004.08.17 15:49:24 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=63E527C26AC3059EAD766C6C11746D07 -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >
[2011.04.04 16:52:43 | 000,000,318 | ---- | M] () -- \Program Files\Valve\cstrike\crackhouse.wad
[2009.08.27 13:31:06 | 004,345,680 | ---- | M] () -- \Program Files\Valve\cstrike\maps\cs_crackhouse.bsp
[2008.11.19 21:49:25 | 000,067,756 | ---- | M] () -- \Program Files\Valve\cstrike\sound\misc\cracker1.wav

< *keygen* /s >

< *loader* /s >
[2012.04.27 17:14:26 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.04.27 17:14:26 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2009.05.07 19:58:24 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\1000her.cz\loading\load.swf\MiniclipLoaderAd.sol
[2010.01.05 17:55:32 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\1001hry.cz\699bbd6eba34f4b3728a65c02cb87c31\945.swf\MiniclipLoaderAd.sol
[2009.11.11 16:07:38 | 000,000,054 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\media.mtvnservices.com\player\loader\loaderLogging.sol
[2010.01.05 19:16:24 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\miniclip.com\games\china-2008\en\china_2008.dcr\MiniclipLoaderAd.sol
[2009.05.29 12:25:25 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\www.hrajonline.cz\data\bojove-001.swf\MiniclipLoaderAd.sol
[2005.06.06 23:54:14 | 000,348,160 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\PhotoDownloader.dll
[2005.06.06 23:47:26 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\uploader.dll
[2005.06.06 23:02:16 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Shared_Assets\combined_bitmaps\main_window\C_LoadError.png
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2008.04.10 20:36:40 | 002,184,488 | R--- | M] () -- \Program Files\CyberLink\Shared files\Plugin\5.0\CES_3DLoaderFBX.dll
[2009.07.27 18:24:06 | 002,475,304 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\6.0\CES_3DLoaderFBX.dll
[2011.01.23 20:43:47 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.01.23 20:43:47 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2011.01.23 20:43:48 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.01.23 20:43:47 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2009.07.22 10:21:05 | 000,007,697 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\demo\jvmti\hprof\src\hprof_loader.c
[2009.07.22 10:21:05 | 000,002,173 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\demo\jvmti\hprof\src\hprof_loader.h
[2009.07.22 10:20:46 | 000,000,455 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\config\Modules\org-openide-loaders.xml
[2009.07.22 10:20:47 | 001,063,930 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\modules\org-openide-loaders.jar
[2009.07.22 10:20:48 | 000,000,373 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\update_tracking\org-openide-loaders.xml
[2009.05.26 22:56:50 | 000,074,875 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\docs\api\javafx.fxd\javafx.fxd.FXDLoader.html
[2009.05.26 22:49:52 | 000,002,917 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\emulator\toolkit-lib\process\memory-profiler\code\memprof-loader.jar
[2009.05.27 12:36:30 | 000,410,344 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\lib\desktop\fxdloader.jar
[2008.11.14 19:28:55 | 000,000,149 | ---- | M] () -- \Program Files\Mozilla Firefox\components\popcaploader.xpt
[2008.11.14 19:28:55 | 000,151,552 | ---- | M] () -- \Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
[2008.10.20 16:04:22 | 000,006,639 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.pyc
[2007.09.17 07:50:37 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.01.16 16:41:17 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2009.08.14 13:36:18 | 000,070,936 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[2009.04.28 11:48:06 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 620 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:96EE29A3
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0F7085B0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CFF6B3FF
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8140CB50
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9AB338B9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:98DFF516
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:89AC6FAA

< End of report >

S.Moninka · #30 Příspěvek od **S.Moninka** » 23 črc 2012 19:54

OTL logfile created on: 23.7.2012 20:10:01 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Patrik\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 60,22% Memory free
3,84 Gb Paging File | 3,13 Gb Available in Paging File | 81,48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 6,76 Gb Free Space | 8,65% Space Free | Partition Type: NTFS
Drive D: | 219,95 Gb Total Space | 163,52 Gb Free Space | 74,34% Space Free | Partition Type: NTFS

Computer Name: PATRIK-B795BA8C | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.07.23 20:05:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
PRC - [2012.07.22 15:18:24 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Patrik\Local Settings\Temp\RtkBtMnt.exe
PRC - [2012.06.05 09:50:04 | 000,211,888 | ---- | M] ( ) -- C:\Program Files\GbPlugin\gbpsv.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2009.08.28 11:44:59 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009.06.05 10:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
PRC - [2009.05.19 17:22:14 | 000,361,472 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe
PRC - [2009.05.18 05:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe
PRC - [2008.05.29 20:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe
PRC - [2007.06.09 00:23:50 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
PRC - [2007.06.08 11:19:22 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMCONFIG.exe
PRC - [2007.04.04 11:30:40 | 000,327,680 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
PRC - [2007.04.01 09:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.03.06 14:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
PRC - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
PRC - [2007.02.20 13:34:10 | 001,967,664 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.05.24 17:17:54 | 000,151,552 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\TwebstInjector.dll
MOD - [2012.05.20 13:46:16 | 000,172,032 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\Dbgserv.dll
MOD - [2012.04.04 00:52:52 | 000,421,888 | ---- | M] () -- C:\ProgramData\Codecentrix\Twebst\Dgbserv.dll
MOD - [2012.03.31 14:24:14 | 000,117,248 | ---- | M] () -- C:\WINDOWS\system32\libgcc_s_dw2-1.dll
MOD - [2009.06.05 10:28:49 | 004,833,792 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
MOD - [2009.03.02 07:45:58 | 000,042,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\MouseHook.dll
MOD - [2007.04.01 09:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007.04.01 08:57:16 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.03.29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Trust\Trust R-Series Mouse\keydll.dll
MOD - [2007.03.29 07:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Trust\GXT14 Mouse\keydll.dll
MOD - [2007.02.20 13:34:36 | 000,161,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\ssleay32.dll
MOD - [2007.02.20 13:34:32 | 000,475,696 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoXML.dll
MOD - [2007.02.20 13:34:26 | 000,865,328 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoFoundation.dll
MOD - [2007.02.20 13:34:20 | 000,024,112 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\PocoExt.dll
MOD - [2007.02.20 13:34:18 | 000,833,072 | ---- | M] () -- C:\Program Files\Sunbelt Software\Personal Firewall\libeay32.dll
MOD - [2005.05.04 19:12:46 | 000,028,672 | ---- | M] () -- C:\Program Files\Trust\Trust R-Series Mouse\MouseHook.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2012.06.19 12:30:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 09:50:04 | 000,211,888 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.05.18 05:37:12 | 000,354,816 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Trust\GXT14 Mouse\GameMouseServiceApp.exe -- (KmGameMouseServiceV1)
SRV - [2007.06.09 00:23:50 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (KPF4)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2012.06.05 09:50:36 | 000,044,208 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GbpKm.sys -- (GbpKm)
DRV - [2010.02.19 10:34:32 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010.02.19 10:34:31 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.19 10:34:31 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009.08.28 11:44:58 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.08.28 11:44:58 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.06.10 19:00:54 | 000,018,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RPGMOUSEV1.sys -- (KMWDFilterV1)
DRV - [2009.05.08 08:50:31 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.11.21 17:31:22 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.09.17 16:43:21 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008.09.17 16:43:21 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008.09.17 16:43:21 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008.09.17 16:34:05 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.09.17 16:17:22 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2008.05.14 19:32:42 | 000,535,040 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2008.05.14 19:32:24 | 000,286,208 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007.09.20 21:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007.04.01 04:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.04.01 04:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.29 15:00:16 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2007.03.24 01:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.03.24 01:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.24 01:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.03.24 01:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.02.20 13:34:08 | 000,071,088 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007.02.20 13:34:02 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2007.02.16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.01.21 08:14:18 | 000,061,032 | ---- | M] (Perisoft) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bhound6.sys -- (bhound6)
DRV - [2006.11.07 09:42:30 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200obex.sys -- (w200obex)
DRV - [2006.11.07 09:42:28 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mgmt.sys -- (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.07 09:42:24 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdm.sys -- (w200mdm)
DRV - [2006.11.07 09:42:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdfl.sys -- (w200mdfl)
DRV - [2006.11.07 09:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... earchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: *{855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-220523388-602162358-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100013
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.19 12:30:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.08 21:41:22 | 000,000,000 | ---D | M]

[2008.09.17 15:08:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Extensions
[2012.06.17 18:35:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions
[2012.06.10 18:59:30 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.05.24 20:19:09 | 000,000,000 | ---D | M] ("PlayFirst Toolbar") -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\toolbar@ask.com
[2008.11.21 17:33:39 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\daemon-search.xml
[2012.07.09 21:19:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-1.xml
[2009.04.24 09:21:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-10.xml
[2009.04.28 17:54:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-11.xml
[2009.06.14 12:27:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-12.xml
[2009.07.22 16:58:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-13.xml
[2009.08.05 21:36:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-14.xml
[2009.09.10 21:52:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-15.xml
[2009.10.28 20:01:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-16.xml
[2009.12.18 10:45:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-17.xml
[2009.12.18 14:11:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-18.xml
[2010.01.07 12:12:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-19.xml
[2008.09.29 21:10:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-2.xml
[2010.02.19 15:34:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-20.xml
[2010.04.02 10:54:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-21.xml
[2010.07.22 20:44:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-22.xml
[2010.07.27 12:32:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-23.xml
[2010.09.03 17:33:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-24.xml
[2010.09.16 14:30:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-25.xml
[2010.10.22 21:01:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-26.xml
[2010.10.22 21:02:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-27.xml
[2010.10.30 20:24:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-28.xml
[2010.12.11 12:13:15 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-29.xml
[2008.11.14 21:30:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-3.xml
[2011.03.07 18:42:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-30.xml
[2011.03.24 09:52:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-31.xml
[2011.05.01 10:24:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-32.xml
[2011.06.22 14:26:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-33.xml
[2011.09.02 12:23:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-34.xml
[2011.09.08 07:35:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-35.xml
[2011.09.28 08:49:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-36.xml
[2011.11.17 10:36:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-37.xml
[2011.12.21 21:34:22 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-38.xml
[2012.02.02 12:24:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-39.xml
[2008.12.19 06:56:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-4.xml
[2012.02.19 18:24:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-40.xml
[2012.03.15 12:32:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-41.xml
[2012.06.08 21:41:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-42.xml
[2012.06.08 21:47:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-43.xml
[2012.06.10 00:38:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-44.xml
[2012.06.12 18:55:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-45.xml
[2012.06.20 13:26:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-46.xml
[2009.02.04 23:00:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-5.xml
[2009.03.05 17:02:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-6.xml
[2009.03.28 18:13:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-7.xml
[2009.04.24 09:18:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-8.xml
[2009.04.24 09:19:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin-9.xml
[2009.07.13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\icqplugin.xml
[2012.06.17 18:35:10 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\searchplugins\sweetim.xml
[2012.06.08 21:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.27 19:17:19 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PATRIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\EU4B2OAX.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PATRIK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\EU4B2OAX.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2012.04.09 19:47:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.06.19 12:30:13 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.09 19:47:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2003.01.13 16:08:06 | 000,499,712 | ---- | M] (Morgan Multimedia) -- C:\Program Files\mozilla firefox\plugins\npjp2.dll
[2008.11.14 19:28:55 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files\mozilla firefox\plugins\nppopcaploader.dll
[2012.06.19 12:30:09 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.19 12:30:09 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.07 13:20:24 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.06.19 12:30:09 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.19 12:30:09 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.19 12:30:09 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.07.22 15:17:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Windows Media Sharing Plugin) - {4C905A23-D8FE-4A25-B9DB-87DF3664178A} - C:\ProgramData\Windows\ntfs64.dll ( )
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll File not found
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540015} - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-220523388-602162358-682003330-1003\..\Toolbar\ShellBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [trustGTX14] C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\NewShortcut1.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://C:\Program Files\Cooking Dash 3 - Thrills & Spills\Images\stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Cooking Dash 3 - Thrills & Spills\Images\armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0ED5DC78-6399-4900-9C69-63029B2610DF}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\PROGRA~1\GbPlugin\gbiehAbn.dll) - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\PROGRA~1\GbPlugin\gbieh.dll) - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\PROGRA~1\GbPlugin\gbiehCef.dll) - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginIsg: DllName - (C:\PROGRA~1\GbPlugin\gbiehIsg.dll) - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O20 - Winlogon\Notify\ GbPluginScd: DllName - (C:\PROGRA~1\GbPlugin\gbiehScd.dll) - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\PROGRA~1\GbPlugin\gbiehUni.dll) - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files\GbPlugin\gbiehscd.dll (Sicredi)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399015} - C:\Program Files\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.17 20:00:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.07.01 20:28:22 | 000,000,000 | ---D | M] - D:\autokross 2012 -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.g723 - g723.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I263 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 7 Days ==========

[2012.07.23 20:05:15 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2012.07.22 15:13:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.07.22 14:41:41 | 000,000,000 | ---D | C] -- C:\ComboFix

========== Files - Modified Within 7 Days ==========

[2012.07.23 20:05:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2012.07.23 20:02:59 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Internet Explorer.lnk
[2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2012.07.23 18:48:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.23 18:48:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.23 18:48:14 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 16:02:55 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.22 15:17:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.07.20 18:54:25 | 000,089,088 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\mbr.exe
[2012.07.20 18:47:04 | 000,000,020 | ---- | M] () -- C:\Documents and Settings\Patrik\defogger_reenable
[2012.07.20 18:46:09 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\Defogger.exe

========== Files Created - No Company Name ==========

[2012.07.20 18:54:22 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\mbr.exe
[2012.07.20 18:46:53 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\Patrik\defogger_reenable
[2012.07.20 18:46:08 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\Defogger.exe
[2012.07.11 20:03:44 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\libgcc_s_dw2-1.dll
[2012.07.11 19:57:47 | 000,000,202 | ---- | C] () -- C:\Documents and Settings\All Users\fb5a62e1c8f1da7b279518f4e272a88f5474dcef
[2012.07.02 23:23:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.09.12 10:08:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\{C29BEA28-6DB6-4B09-BBC0-05DAEBD87184}
[2011.09.12 10:08:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\{20069A17-D74B-495D-B4EB-DBDB9825068C}
[2011.07.21 19:45:21 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.21 19:45:21 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.07.21 19:45:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.07.21 19:45:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.07.21 19:45:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.04.17 22:12:37 | 002,642,944 | ---- | C] () -- C:\WINDOWS\System32\AppUpWrapper.dll
[2010.07.24 21:55:20 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.11.11 22:18:36 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Patrik\Data aplikací\PnkBstrK.sys
[2009.09.18 14:57:58 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\Patrik\default.pls
[2009.04.20 10:04:09 | 000,003,189 | ---- | C] () -- C:\Documents and Settings\Patrik\.ganttproject
[2009.04.20 10:02:21 | 000,035,674 | ---- | C] () -- C:\Documents and Settings\Patrik\.jpg
[2008.11.21 13:11:04 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Patrik\webct_upload_applet.properties
[2008.09.24 20:18:09 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\fusioncache.dat
[2008.09.21 16:38:43 | 000,166,912 | ---- | C] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.17 15:22:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Patrik\PUTTY.RND

========== LOP Check ==========

[2009.09.13 15:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.09.03 14:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2008.09.17 14:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2009.09.13 15:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Floodlight Games
[2012.07.23 18:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GbPlugin
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Green Clover Games
[2009.07.27 19:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2008.11.14 19:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap
[2012.07.02 18:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2012.06.27 08:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCapY
[2012.06.17 18:35:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2012.04.08 11:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.01.18 20:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Audacity
[2008.11.21 17:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Floodlight Games
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Green Clover Games
[2011.01.23 20:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2008.09.24 11:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Leadertech
[2008.09.17 15:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mikrotik
[2011.05.01 16:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\MummyPuzzle
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\PlayFirst
[2010.05.20 13:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Playrix Entertainment
[2011.02.05 21:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2008.09.24 10:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Teleca
[2008.12.25 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com
[2012.06.20 13:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\XnView
[2009.11.09 18:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\YoudaGames

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\cache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.07.20 11:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Adobe
[2009.01.18 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AdobeAUM
[2009.01.24 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AdobeUM
[2009.09.18 14:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Ahead
[2009.03.26 21:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Apple Computer
[2011.01.18 20:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Audacity
[2009.09.14 07:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\CyberLink
[2008.11.21 17:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools
[2011.07.02 11:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Floodlight Games
[2009.10.17 14:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Google
[2011.08.27 22:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Green Clover Games
[2008.09.22 22:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH
[2011.06.14 13:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Help
[2008.12.04 21:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\HP
[2009.01.01 12:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\HPAppData
[2011.01.23 20:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2008.09.17 20:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Identities
[2008.09.17 14:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\InstallShield
[2008.09.24 11:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Leadertech
[2008.09.17 15:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia
[2008.10.03 21:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Media Player Classic
[2011.07.20 11:09:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft
[2008.09.17 15:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mikrotik
[2008.09.17 15:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla
[2011.05.01 16:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\MummyPuzzle
[2010.02.02 08:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\OpenOffice.org2
[2011.02.05 21:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\PlayFirst
[2010.05.20 13:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Playrix Entertainment
[2012.06.22 23:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Skype
[2012.01.12 18:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\skypePM
[2009.12.15 18:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Corporation
[2008.09.24 10:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Ericsson
[2011.02.05 21:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2008.09.18 07:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sun
[2008.09.18 18:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SUPERAntiSpyware.com
[2008.09.24 10:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Teleca
[2008.12.25 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com
[2008.09.22 21:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\WinRAR
[2012.06.20 13:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\XnView
[2009.11.09 18:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\YoudaGames

< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2012.04.19 18:55:56 | 000,245,760 | ---- | M] (Gretech Corporation) -- C:\Documents and Settings\Patrik\Data aplikací\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2010.02.01 03:45:40 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.18 16:47:02 | 002,832,544 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.12.15 18:07:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
[2010.03.01 22:38:48 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_1DA131122C66AE2AF93D01.exe
[2010.03.01 22:38:48 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{6C472DFC-6D44-4947-9E1A-F79A2469D953}\_C7135D8DD8E38D24DFF917.exe
[2008.10.02 18:43:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2012.01.16 21:35:58 | 003,884,200 | ---- | M] (Ask) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\eu4b2oax.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
[2002.03.27 15:42:36 | 000,114,688 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com\Core\cabarc.exe
[2002.03.28 09:53:50 | 000,126,976 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\ubi.com\Core\GLPatcher2.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.06.22 15:52:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.09.17 21:45:55 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.09.17 21:45:55 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.09.17 21:45:55 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2012.07.23 18:48:41 | 000,028,880 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys

< %systemroot%\system32\*.* /3 >
[2012.07.23 18:48:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.06.19 12:30:13 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=D3C0837346C49095B8AF9EF54AD7E90A -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2004.08.17 15:49:24 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=63E527C26AC3059EAD766C6C11746D07 -- C:\Program Files\Internet Explorer\IEXPLORE.EXE

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >
[2011.04.04 16:52:43 | 000,000,318 | ---- | M] () -- \Program Files\Valve\cstrike\crackhouse.wad
[2009.08.27 13:31:06 | 004,345,680 | ---- | M] () -- \Program Files\Valve\cstrike\maps\cs_crackhouse.bsp
[2008.11.19 21:49:25 | 000,067,756 | ---- | M] () -- \Program Files\Valve\cstrike\sound\misc\cracker1.wav

< *keygen* /s >

< *loader* /s >
[2012.04.27 17:14:26 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.04.27 17:14:26 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2009.05.07 19:58:24 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\1000her.cz\loading\load.swf\MiniclipLoaderAd.sol
[2010.01.05 17:55:32 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\1001hry.cz\699bbd6eba34f4b3728a65c02cb87c31\945.swf\MiniclipLoaderAd.sol
[2009.11.11 16:07:38 | 000,000,054 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\media.mtvnservices.com\player\loader\loaderLogging.sol
[2010.01.05 19:16:24 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\miniclip.com\games\china-2008\en\china_2008.dcr\MiniclipLoaderAd.sol
[2009.05.29 12:25:25 | 000,000,060 | ---- | M] () -- \Documents and Settings\Patrik\Data aplikací\Macromedia\Flash Player\#SharedObjects\3VUY6W42\www.hrajonline.cz\data\bojove-001.swf\MiniclipLoaderAd.sol
[2005.06.06 23:54:14 | 000,348,160 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\PhotoDownloader.dll
[2005.06.06 23:47:26 | 000,163,840 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\uploader.dll
[2005.06.06 23:02:16 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Photoshop Album Starter Edition\3.0\Shared_Assets\combined_bitmaps\main_window\C_LoadError.png
[2007.06.27 19:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2008.04.10 20:36:40 | 002,184,488 | R--- | M] () -- \Program Files\CyberLink\Shared files\Plugin\5.0\CES_3DLoaderFBX.dll
[2009.07.27 18:24:06 | 002,475,304 | ---- | M] () -- \Program Files\CyberLink\Shared files\Plugin\6.0\CES_3DLoaderFBX.dll
[2011.01.23 20:43:47 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.01.23 20:43:47 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2011.01.23 20:43:48 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.01.23 20:43:47 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2009.07.22 10:21:05 | 000,007,697 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\demo\jvmti\hprof\src\hprof_loader.c
[2009.07.22 10:21:05 | 000,002,173 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\demo\jvmti\hprof\src\hprof_loader.h
[2009.07.22 10:20:46 | 000,000,455 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\config\Modules\org-openide-loaders.xml
[2009.07.22 10:20:47 | 001,063,930 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\modules\org-openide-loaders.jar
[2009.07.22 10:20:48 | 000,000,373 | ---- | M] () -- \Program Files\Java\jdk1.6.0_14\lib\visualvm\platform9\update_tracking\org-openide-loaders.xml
[2009.05.26 22:56:50 | 000,074,875 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\docs\api\javafx.fxd\javafx.fxd.FXDLoader.html
[2009.05.26 22:49:52 | 000,002,917 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\emulator\toolkit-lib\process\memory-profiler\code\memprof-loader.jar
[2009.05.27 12:36:30 | 000,410,344 | ---- | M] () -- \Program Files\JavaFX\javafx-sdk1.2\lib\desktop\fxdloader.jar
[2008.11.14 19:28:55 | 000,000,149 | ---- | M] () -- \Program Files\Mozilla Firefox\components\popcaploader.xpt
[2008.11.14 19:28:55 | 000,151,552 | ---- | M] () -- \Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
[2008.10.20 16:04:22 | 000,006,639 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.pyc
[2007.09.17 07:50:37 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.01.16 16:41:17 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2009.08.14 13:36:18 | 000,070,936 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[2009.04.28 11:48:06 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 620 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:96EE29A3
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0F7085B0
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CFF6B3FF
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8140CB50
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9AB338B9
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:98DFF516
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:89AC6FAA

< End of report >

VIRY.CZ

zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač

Re: zasekaný počítač