Poprosím o kontrolu logu

[Bruce]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal at 2011-02-27 19:31:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (33%) free of 76 GB
Total RAM: 2047 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:32:19, on 27.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\HellShare.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
G:\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file:///C:/Program%20Files/AutoCAD%202002%20Cz/AcPreview.ocx
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8709 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-06-28 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-04-12 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-02 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-06-28 1615256]
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVPro]
C:\Program Files\Gigabyte\ET5Pro\ETcall.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency]
C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-06-15 3037696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TV Card Remote Control Device Monitor]
C:\WINDOWS\713xRMTMon.exe [2005-03-25 352256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ScheduleTV.lnk]
C:\PROGRA~1\HONEST~1\HONEST~1\SCHEDU~1.EXE [2004-04-08 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Michal^Nabídka Start^Programy^Po spuštění^FreeRapid 0.85.lnk]
C:\PROGRA~1\FREERA~1.85-\frd.exe [2010-11-16 35840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"TomTomHOMEService"=2
"sp_rssrv"=2
"osppsvc"=3
"ose"=3
"Microsoft SharePoint Workspace Audit Service"=3
"JavaQuickStarterService"=2
"idsvc"=3
"afcdpsrv"=2
"AcrSch2Svc"=2
"ABBYY.Licensing.FineReader.Professional.10.0"=2
"lxcg_device"=3
"FLEXnet Licensing Service"=3
"NBService"=3
"Ati HotKey Poller"=2
"TuneUp.UtilitiesSvc"=2
"IDriverT"=3
"CCALib8"=2
"C-DillaSrv"=2
"Autodesk Licensing Service"=3
"TUWinStylerThemeSvc"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-15 114688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Stažené soubory\utorrent.exe"="D:\Stažené soubory\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Utorrent\utorrent.exe"="C:\Program Files\Utorrent\utorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Hry\Sports Interactive\Football Manager 2010\fm.exe"="C:\Hry\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010"
"C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011-100.exe"="C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011-100.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\Hry\Gaijin\Wings of Prey\aces.exe"="C:\Hry\Gaijin\Wings of Prey\aces.exe:*:Enabled:Wings of Prey"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - C:\WINDOWS\NOTEPAD.EXE "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-02-27 19:31:59 ----D---- C:\rsit
2011-02-27 10:48:01 ----D---- C:\WINDOWS\LastGood
2011-02-26 12:59:13 ----D---- C:\Documents and Settings\Michal\Data aplikací\facemoods.com
2011-02-26 10:43:31 ----D---- C:\Program Files\Solid Edge ST2
2011-02-20 11:25:27 ----D---- C:\Documents and Settings\Michal\Data aplikací\DVDVideoSoft
2011-02-20 11:25:24 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-02-19 08:46:08 ----A---- C:\WINDOWS\system32\javaws.exe
2011-02-19 08:46:08 ----A---- C:\WINDOWS\system32\javaw.exe
2011-02-19 08:46:08 ----A---- C:\WINDOWS\system32\java.exe
2011-02-19 08:28:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2011-02-15 17:30:22 ----D---- C:\Documents and Settings\Michal\Data aplikací\Ace
2011-02-15 17:26:02 ----D---- C:\Documents and Settings\Michal\Data aplikací\InstallShield
2011-02-13 12:55:27 ----D---- C:\Documents and Settings\Michal\Data aplikací\HD Tune Pro
2011-02-13 12:54:26 ----D---- C:\Program Files\HD Tune Pro
2011-02-10 08:41:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-10 08:41:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-10 08:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-10 08:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-10 08:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-10 08:32:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-10 08:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-09 13:55:21 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-02-08 14:11:04 ----D---- C:\Program Files\DAEMON Tools Lite
2011-02-06 14:00:07 ----D---- C:\Program Files\CCleaner
2011-02-06 13:46:33 ----A---- C:\WINDOWS\ATICIM.INI
2011-02-06 12:55:52 ----A---- C:\WINDOWS\system32\drivers\GVTDrv.sys
2011-02-03 09:42:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\WOP
2011-01-31 21:32:23 ----D---- C:\Program Files\TuneUp Utilities 2006
2011-01-31 21:15:04 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-30 12:59:27 ----A---- C:\WINDOWS\ModemLog_Sériový kabel mezi dvěma počítači.txt

======List of files/folders modified in the last 1 months======

2011-02-27 19:32:09 ----D---- C:\Program Files\trend micro
2011-02-27 19:27:37 ----D---- C:\Program Files\FreeRapid-0.85-build555
2011-02-27 19:11:17 ----D---- C:\WINDOWS\Temp
2011-02-27 19:08:33 ----D---- C:\Documents and Settings\Michal\Data aplikací\Winamp
2011-02-27 18:59:09 ----D---- C:\Documents and Settings\Michal\Data aplikací\esmska
2011-02-27 13:27:57 ----D---- C:\Documents and Settings\Michal\Data aplikací\vlc
2011-02-27 10:57:22 ----RD---- C:\Program Files
2011-02-27 10:50:22 ----D---- C:\WINDOWS
2011-02-27 10:48:34 ----D---- C:\WINDOWS\system32\DirectX
2011-02-27 10:48:30 ----RSD---- C:\WINDOWS\assembly
2011-02-27 10:21:56 ----D---- C:\WINDOWS\system32
2011-02-27 10:21:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-27 10:21:16 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-26 14:50:39 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-02-26 12:55:52 ----D---- C:\WINDOWS\Prefetch
2011-02-26 12:50:01 ----D---- C:\Program Files\Mozilla Firefox
2011-02-26 10:58:08 ----SHD---- C:\WINDOWS\Installer
2011-02-26 10:57:48 ----SHD---- C:\Config.Msi
2011-02-26 10:50:51 ----RSD---- C:\WINDOWS\Fonts
2011-02-26 10:45:02 ----D---- C:\WINDOWS\WinSxS
2011-02-25 12:14:03 ----A---- C:\WINDOWS\wincmd.ini
2011-02-25 12:08:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-02-25 12:08:23 ----D---- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
2011-02-24 20:25:47 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-24 19:01:22 ----D---- C:\Program Files\Mozilla Thunderbird
2011-02-24 09:14:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-02-20 12:08:18 ----D---- C:\Program Files\Utorrent
2011-02-20 12:06:12 ----SD---- C:\Documents and Settings\Michal\Data aplikací\Microsoft
2011-02-20 12:06:11 ----D---- C:\Documents and Settings\Michal\Data aplikací\Adobe
2011-02-20 11:25:24 ----D---- C:\Program Files\Common Files
2011-02-19 08:52:38 ----D---- C:\Program Files\Common Files\Java
2011-02-19 08:46:02 ----D---- C:\Program Files\Java
2011-02-19 08:39:10 ----D---- C:\Program Files\Common Files\Adobe
2011-02-19 08:38:50 ----D---- C:\Program Files\Adobe
2011-02-17 16:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-02-17 16:52:29 ----D---- C:\WINDOWS\system32\drivers
2011-02-15 20:40:33 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-02-15 17:28:25 ----HD---- C:\WINDOWS\inf
2011-02-15 17:26:37 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-10 09:32:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2011-02-10 09:24:13 ----A---- C:\WINDOWS\win.ini
2011-02-10 09:20:05 ----D---- C:\WINDOWS\Debug
2011-02-10 08:43:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-02-10 08:42:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-10 08:34:36 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-10 08:33:58 ----D---- C:\Program Files\Internet Explorer
2011-02-10 08:33:43 ----D---- C:\WINDOWS\ie8updates
2011-02-10 08:33:08 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-08 19:05:34 ----D---- C:\Hry
2011-02-08 11:09:36 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-02-06 12:51:20 ----D---- C:\WINDOWS\Minidump
2011-02-05 19:15:39 ----SH---- C:\boot.ini
2011-02-05 19:15:39 ----A---- C:\WINDOWS\system.ini
2011-02-03 19:27:34 ----D---- C:\WINDOWS\system32\config
2011-02-02 21:40:23 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-02-02 21:30:16 ----D---- C:\Program Files\Spyware Terminator
2011-02-02 19:09:49 ----D---- C:\Program Files\AutoCAD 2002 Cz
2011-02-01 14:22:29 ----D---- C:\Documents and Settings\Michal\Data aplikací\dvdcss
2011-01-31 21:33:06 ----SD---- C:\WINDOWS\Tasks
2011-01-31 21:32:23 ----D---- C:\Documents and Settings\Michal\Data aplikací\TuneUp Software
2011-01-31 21:15:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-01-30 16:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2011-01-30 13:00:12 ----D---- C:\WINDOWS\system32\ias

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-02-08 431672]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2005-02-25 60800]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-09 218688]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 WDMTVTuner;Universal WDM TV Tuner; C:\WINDOWS\system32\drivers\WDMTuner.sys [2005-03-30 23680]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-15 1986560]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-11-11 41984]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\WINDOWS\system32\drivers\AVerFx2hbtv.sys [2008-01-15 257024]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CA561;ICatch (VI) PC Camera; C:\WINDOWS\System32\Drivers\SPCA561.SYS [2002-10-01 119798]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 krdpdre;krdpdre; \??\C:\DOCUME~1\Michal\LOCALS~1\Temp\krdpdre.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-15 450560]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-15 488960]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-03-22 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-22 814344]
S4 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe []
S4 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
S4 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2010-10-12 46080]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-12 1045256]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-05-07 92008]
S4 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-10 118272]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]

-----------------EOF-----------------


Děkuji

[vyosek]

Zdravim a pekny vecer preji

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  netsvcs
  drivers32
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  c:\windows\*.* /U
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  /md5start
  adp3132.sys
  AGP440.sys
  ahcix86.sys
  ahcix86s.sys
  atapi.sys
  autochk.exe
  cdrom.sys
  cngaudit.dll
  cryptsvc.dll
  eNetHook.dll
  eventlog.dll
  explorer.exe
  hal.dll
  Changer.sys
  iaStor.sys
  iastorv.sys
  IdeChnDr.sys
  isapnp.sys
  JakNDis.sys
  KR10N.sys
  logevent.dll
  lsass.exe
  mv61xx.sys
  ndis.sys
  netlogon.dll
  ntelogon.dll
  nvata.sys
  nvatabus.sys
  nvgts.sys
  nvraid.sys
  nvrd32.sys
  nvstor.sys
  nvstor32.sys
  scecli.dll
  sceclt.dll
  smss.exe
  svchost.exe
  symmpi.sys
  tcpip.sys
  userinit.exe
  vaxscsi.sys
  viamraid.sys
  viasraid.sys
  ViPrt.sys
  winlogon.exe
  ws2_32.dll
  /md5stop
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  CREATERESTOREPOINT

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[Bruce]

Takže přikládám:

Extras.Txt

OTL Extras logfile created on: 27.2.2011 20:07:53 - Run 1
OTL by OldTimer - Version 3.2.22.1 Folder = G:\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 24,42 Gb Free Space | 32,77% Space Free | Partition Type: NTFS
Drive G: | 111,79 Gb Total Space | 30,72 Gb Free Space | 27,48% Space Free | Partition Type: NTFS

Computer Name: MIKE-XP | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1040:TCP" = 1040:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Stažené soubory\utorrent.exe" = D:\Stažené soubory\utorrent.exe:*:Enabled:µTorrent
"C:\Program Files\Utorrent\utorrent.exe" = C:\Program Files\Utorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Hry\Sports Interactive\Football Manager 2010\fm.exe" = C:\Hry\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010 -- (Sports Interactive)
"C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe" = C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) -- ()
"C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe" = C:\Hry\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) -- ()
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe" = C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011-100.exe" = C:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011-100.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"C:\Hry\Gaijin\Wings of Prey\aces.exe" = C:\Hry\Gaijin\Wings of Prey\aces.exe:*:Enabled:Wings of Prey


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06629042-F4AF-0513-198B-528E70FC895D}" = CCC Help Turkish
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B00E9FA-94E8-0220-E957-1CD1FAC7B69E}" = Catalyst Control Center Localization Czech
"{0BCA9802-A2E2-5C30-E67D-1E3972E39C7D}" = CCC Help Korean
"{0E2558CC-4BF5-DB77-1B77-1C96154B63FD}" = Catalyst Control Center Localization Portuguese
"{0FBED6A5-0832-72E8-74E8-CB7157EA4E2C}" = Catalyst Control Center Localization Korean
"{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{124834B9-88AD-CDE2-F270-079534069EC8}" = Catalyst Control Center Localization Finnish
"{16E0653C-C6E5-176D-6C4F-5BCC3A3659F4}" = CCC Help Spanish
"{1810F63A-7EE6-B163-E1CD-C8D96613A0CF}" = Catalyst Control Center Localization Chinese Traditional
"{189AA991-3941-1809-3E25-69FACD511E65}" = Catalyst Control Center Localization Chinese Standard
"{1AA580B2-3F31-5493-5834-41D6CB0A624C}" = Catalyst Control Center Localization French
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1CE299CE-7BA0-C03B-D7D3-38BCF4D05D68}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F65D898-0D1E-A35A-1B1C-17E2BF86CBF6}" = Catalyst Control Center Localization Russian
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{25C1831B-6A18-1B5C-F2B3-5D07AFCAA815}" = CCC Help Thai
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2790F70C-77EA-ED55-F004-7A4B86C4EB5F}" = Catalyst Control Center Localization Hungarian
"{333BECA0-DED8-4139-A516-8D9E44E22669}" = Kerio Personal Firewall
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4442F730-CAA1-EE3D-9784-DA0CE20D55A9}" = Catalyst Control Center Localization Thai
"{44DC4CD5-D498-716B-43A0-7C38857C6EF1}" = CCC Help Italian
"{466E12F0-798F-F239-F45D-440BEF4C3A0B}" = CCC Help Dutch
"{4780F600-0001-0409-0000-114715ACF216}" = Autodesk Inventor Plug-In 8.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53CC9A76-23CA-A2AB-80D5-50665633A1B7}" = Catalyst Control Center Graphics Full Existing
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{55414A2E-6859-EC1D-AA21-2A7007D7501D}" = CCC Help Czech
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56D7F8DB-1D04-0084-1D82-F6084097248A}" = CCC Help Greek
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-0101-0405-0002-0060B0CE6BBA}" = AutoCAD 2002 česká verze
"{5783F2D7-0221-0405-0000-0060B0CE6BBA}" = DWG TrueConvert™
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{61641FBD-9F1B-F7C6-639C-D0CBE1F30C35}" = Catalyst Control Center Localization Danish
"{642217AA-B847-62DD-42F2-124DB4E89F98}" = CCC Help Norwegian
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69B63039-A286-9A52-2C79-382035A631CC}" = Skins
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EF329B9-C15C-4329-A6B3-E03071AAAECA}" = DraftSight
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70B27F15-630C-DF12-1ADE-C1B5D99370D1}" = Catalyst Control Center Graphics Full New
"{7148F0A8-6813-11D6-A77B-00B0D0142040}" = Java 2 Runtime Environment, SE v1.4.2_04
"{71FA7FEB-C3FA-C109-92FC-D01D321B0CF1}" = Catalyst Control Center Localization Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74C559F3-3241-7ADC-3654-E2D55B10D9AD}" = CCC Help Finnish
"{74FE2B30-2102-4587-7D99-98D81263B5C8}" = Catalyst Control Center Localization German
"{758AF648-0B6C-4593-BDF1-9BF4CB50A359}" = IL-2 Sturmovik 1946
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8652D365-2286-B354-38AC-22F8C76FB329}" = CCC Help Hungarian
"{868D7896-99D4-4513-BC62-2B3AD3E24926}" = TuneUp Utilities 2006
"{8812EE0C-51BA-03B6-F7DD-5EE7F5D461D3}" = CCC Help German
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90659141-A53F-EDDE-CABE-FDAA778984FB}" = CCC Help Japanese
"{90FB18DC-39CD-80D4-E0B3-7A992E44F433}" = Catalyst Control Center Localization Japanese
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{951009B2-B6B7-BEE9-5567-4877BBB6E068}" = Catalyst Control Center Core Implementation
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9B94BE6F-7CA3-4C40-A266-62667FF746CC}" = Ovladače ATI
"{9FCD74A5-A740-4292-DB34-D0130E729257}" = Catalyst Control Center Graphics Light
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A32FD1BB-2E7A-D801-65E6-DFC8030739ED}" = CCC Help Russian
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AB4A925E-AF76-4AD4-BEEC-6013E5484A66}" = Commandos
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X - Czech
"{AD001350-7A0A-C654-59ED-DA9952EA2546}" = CCC Help French
"{AF4BDBD6-F14B-C0AB-086E-4B106784A048}" = Catalyst Control Center Localization Swedish
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B19BB67B-B298-DFA2-6587-CB24C9B35BBC}" = ccc-utility
"{B45FD272-837E-4795-CF82-E10300DBC4C4}" = Catalyst Control Center Localization Italian
"{B5D9C46B-D473-1F35-3EAF-716BD8DDE262}" = CCC Help Portuguese
"{B6D57D9F-258A-F878-C519-7F2E3573BAC4}" = CCC Help Chinese Standard
"{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar Ratatouille
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BB8ACBB7-E9D5-1B4C-7CA3-ACD2F275111C}" = Catalyst Control Center Localization Polish
"{BE27845A-6438-4DCF-AE3D-44EC96CB31CA}" = honestech TVR
"{BEDBB836-3698-4569-6B8C-56A776296FCB}" = ccc-core-preinstall
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4C7E29D-EBFC-E6C5-20DE-CAA54E6E30A8}" = CCC Help Chinese Traditional
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC185D10-5C0E-40C3-91F2-63314BB365AF}" = Solid Edge ST2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D76F826F-4CBF-E94F-C341-3D42844B6EF5}" = Catalyst Control Center Localization Greek
"{DBFF1920-F179-0FAE-A7E1-0ADF6F8F168B}" = Catalyst Control Center Graphics Previews Common
"{DC43856E-F17E-4475-CDA9-630AAF6A920C}" = CCC Help English
"{DD19698F-AE52-024C-87E0-38A7BC9B757C}" = CCC Help Swedish
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E03C5BE5-AB89-5131-0CEC-8380E8A9DA12}" = CCC Help Danish
"{E3831CA9-BE59-740B-296D-7D8DC094CD76}" = Catalyst Control Center Localization Turkish
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF258689-C39C-50C1-631D-7DB83D49872C}" = Catalyst Control Center Localization Norwegian
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition
"{FA78C2E2-B5DC-4BFA-1581-985F9513595E}" = Catalyst Control Center Localization Dutch
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{FE9C291C-6D9B-BD1C-DA1F-95A53AA5FA8E}" = CCC Help Polish
"A5F5C05F-717B-73C4-3160-2ABA7041614D" = Esmska
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"BusinessCardsMX3_is1" = BusinessCardsMX 3.99
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"C-Media Audio Driver" = C-Media WDM Audio Driver
"Cool's_Codec_pack_4.12" = Codec Pack - VobSub 5.0.4.7
"CountDown ShutDown PC_is1" = CountDown ShutDown PC
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]
"Football Manager 2010" = Football Manager 2010
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HD Tune Pro_is1" = HD Tune Pro 4.60
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Full)
"LMS" = C-Dilla Licence Management System
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PhotoStitch" = Canon Utilities PhotoStitch
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"SopCast" = SopCast 3.2.9
"Spyware Terminator_is1" = Spyware Terminator
"TomTom HOME" = TomTom HOME 2.7.4.1962
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"75c0e0ceac8ef0d4" = CZShare Manager
"QIP 2005" = QIP 2005 8095

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11.2.2011 9:08:05 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
pes2011-100.exe, verze 1.0.0.0, adresa chyby 0x006843e6.

Error - 11.2.2011 9:12:38 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
pes2011-100.exe, verze 1.0.0.0, adresa chyby 0x006843d3.

Error - 11.2.2011 9:14:27 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
pes2011-100.exe, verze 1.0.0.0, adresa chyby 0x0068460b.

Error - 11.2.2011 10:05:16 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
, verze 0.0.0.0, adresa chyby 0x00000000.

Error - 13.2.2011 8:21:17 | Computer Name = MIKE-XP | Source = .NET Runtime | ID = 0
Description =

Error - 17.2.2011 7:47:35 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
wmvcore.dll, verze 11.0.5721.5275, adresa chyby 0x000d3d79.

Error - 26.2.2011 5:48:29 | Computer Name = MIKE-XP | Source = MsiInstaller | ID = 10005
Description = Product: Solid Edge ST2 -- Internal Error 25259. DirectX -9: An internal
error occurred.

Error - 26.2.2011 7:55:48 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace jdownloadersetup.exe, verze 1.0.0.0, chybující
modul nsdialogs.dll, verze 0.0.0.0, adresa chyby 0x00001a1d.

[ Application Events ]
Error - 11.2.2011 9:08:05 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
pes2011-100.exe, verze 1.0.0.0, adresa chyby 0x006843e6.

Error - 11.2.2011 9:12:38 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
pes2011-100.exe, verze 1.0.0.0, adresa chyby 0x006843d3.

Error - 11.2.2011 9:14:27 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
pes2011-100.exe, verze 1.0.0.0, adresa chyby 0x0068460b.

Error - 11.2.2011 10:05:16 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2011-100.exe, verze 1.0.0.0, chybující modul
, verze 0.0.0.0, adresa chyby 0x00000000.

Error - 13.2.2011 8:21:17 | Computer Name = MIKE-XP | Source = .NET Runtime | ID = 0
Description =

Error - 17.2.2011 7:47:35 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
wmvcore.dll, verze 11.0.5721.5275, adresa chyby 0x000d3d79.

Error - 26.2.2011 5:48:29 | Computer Name = MIKE-XP | Source = MsiInstaller | ID = 10005
Description = Product: Solid Edge ST2 -- Internal Error 25259. DirectX -9: An internal
error occurred.

Error - 26.2.2011 7:55:48 | Computer Name = MIKE-XP | Source = Application Error | ID = 1000
Description = Chybující aplikace jdownloadersetup.exe, verze 1.0.0.0, chybující
modul nsdialogs.dll, verze 0.0.0.0, adresa chyby 0x00001a1d.

[ System Events ]
Error - 25.2.2011 13:22:22 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 10:08:56 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 14:39:17 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 14:41:16 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 14:41:41 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 14:53:24 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 14:58:40 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 15:11:36 | Computer Name = MIKE-XP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 27.2.2011 15:12:32 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.

Error - 27.2.2011 15:35:10 | Computer Name = MIKE-XP | Source = viamraid | ID = 262153
Description = Zařízení \Device\Scsi\viamraid1 neodpovídá v periodě časového limitu.


< End of report >

[Bruce]

A ještě


OTL.Txt

OTL logfile created on: 27.2.2011 20:07:52 - Run 1
OTL by OldTimer - Version 3.2.22.1 Folder = G:\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 24,42 Gb Free Space | 32,77% Space Free | Partition Type: NTFS
Drive G: | 111,79 Gb Total Space | 30,72 Gb Free Space | 27,48% Space Free | Partition Type: NTFS

Computer Name: MIKE-XP | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.02.27 20:06:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- G:\Stažené soubory\OTL.exe
PRC - [2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\launch4j-tmp\esmska.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.01.05 11:04:02 | 001,841,152 | ---- | M] () -- C:\Program Files\HellShare.exe
PRC - [2010.12.10 22:04:21 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.07.12 17:33:54 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe
PRC - [2010.06.15 12:52:28 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.06.07 12:51:24 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.10.27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.04.14 04:22:31 | 001,415,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 04:22:18 | 000,105,472 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\system32\dfrgntfs.exe
PRC - [2005.10.10 08:58:14 | 001,617,920 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
PRC - [2005.10.10 08:56:46 | 002,887,680 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe


========== Modules (SafeList) ==========

MOD - [2011.02.27 20:06:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- G:\Stažené soubory\OTL.exe
MOD - [2011.01.13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2005.10.10 08:50:46 | 000,058,368 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall 4\gkh.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Disabled | Stopped] -- -- (AcrSch2Svc)
SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.10.12 18:44:01 | 001,045,256 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.10.12 15:35:00 | 000,046,080 | ---- | M] (C-Dilla Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)
SRV - [2010.06.15 12:52:28 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.05.07 13:36:10 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.03.25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.12.22 00:08:39 | 000,814,344 | ---- | M] (ABBYY) [Disabled | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0)
SRV - [2007.01.31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Disabled | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005.10.10 08:58:14 | 001,617,920 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe -- (KPF4)
SRV - [2005.08.10 23:17:28 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [Disabled | Stopped] -- C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)


========== Driver Services (SafeList) ==========

DRV - [2011.02.09 13:55:21 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.02.08 14:11:47 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.01.13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.01.13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.10.12 15:35:00 | 000,058,160 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)
DRV - [2010.06.15 12:52:28 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.01.15 08:12:56 | 000,257,024 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerFx2hbtv.sys -- (AVerFx2hbtv)
DRV - [2007.03.15 02:57:14 | 001,986,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.09.26 10:05:06 | 000,286,720 | ---- | M] (Kerio Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2005.09.26 10:05:06 | 000,081,920 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2005.03.30 05:00:00 | 000,023,680 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WDMTuner.sys -- (WDMTVTuner)
DRV - [2005.03.15 05:00:00 | 000,277,504 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SAA713x.sys -- (713xTVCard)
DRV - [2004.08.18 15:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.18 15:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002.10.01 07:43:32 | 000,119,798 | R--- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561) ICatch (VI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.07.04 09:54:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.01 19:14:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.19 08:39:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.20 19:23:41 | 000,000,000 | ---D | M]

[2010.06.18 12:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions
[2010.06.13 13:45:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.06.18 12:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2011.02.27 09:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions
[2010.06.13 13:42:41 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{1650a312-02bc-40ee-977e-83f158701739}
[2010.06.13 13:42:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.13 13:42:42 | 000,000,000 | ---D | M] (Linkification) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.10.14 18:34:14 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.06.13 13:42:42 | 000,000,000 | ---D | M] (BBCode) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{AE37D527-6604-461c-8102-975CF8053A2F}
[2010.06.13 13:42:43 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}(2)
[2011.01.12 20:48:59 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008.06.10 15:09:46 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\cztorrent.xml.txt
[2011.01.06 22:29:03 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\sfd.xml
[2010.08.04 17:58:23 | 000,013,305 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\slovnikczen.xml
[2006.11.17 17:57:00 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\stahujcz.xml
[2007.02.21 15:27:14 | 000,001,078 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\wikipedie-esky.xml
[2011.02.27 09:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.06.22 07:22:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.21 08:46:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.12.07 17:39:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.19 08:46:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHAL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\F861DC2F.DEFAULT\EXTENSIONS\{35106BCA-6C78-48C7-AC28-56DF30B51D2A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHAL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\F861DC2F.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHAL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\F861DC2F.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}
[2010.06.22 07:21:44 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2011.02.26 12:54:07 | 000,002,046 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
[2010.07.23 01:28:35 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.23 01:28:35 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.23 01:28:35 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.23 01:28:35 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.23 01:28:35 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.31 09:24:42 | 000,000,848 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-1417001333-796845957-682003330-1004..\Run: [] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/AutoCAD%202002%20Cz/AcPreview.ocx (Prvek AcPreview)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.13 11:39:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2cb76bc0-3385-11e0-b2b3-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{2cb76bc0-3385-11e0-b2b3-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{aee1d183-7abf-11df-9d9c-000b6a9e09ae}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe
O33 - MountPoints2\{e07d7b35-76e5-11df-b1c1-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{e07d7b35-76e5-11df-b1c1-806d6172696f}\Shell\AutoRun\command - "" = I:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56590081070202880)

========== Files/Folders - Created Within 7 Days ==========

[2011.02.27 19:31:59 | 000,000,000 | ---D | C] -- C:\rsit
[2011.02.27 19:08:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michal\Recent
[2011.02.27 10:48:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.02.27 10:22:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Plocha\201102
[2011.02.26 12:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\facemoods.com
[2011.02.26 10:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Solid Edge ST2
[2011.02.26 10:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\Solid Edge ST2
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.02.27 10:21:56 | 000,502,026 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.02.27 10:21:56 | 000,496,766 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.02.27 10:21:56 | 000,102,632 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.02.27 10:21:56 | 000,087,932 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.02.27 09:19:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.02.27 09:19:30 | 000,403,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.26 10:53:59 | 000,001,856 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Solid Edge ST2.lnk
[2011.02.25 17:40:28 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2011.02.25 12:14:03 | 000,003,134 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.02.24 20:25:47 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.02.24 11:12:18 | 000,168,960 | ---- | M] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.23 19:02:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.02.26 10:53:59 | 000,001,856 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Solid Edge ST2.lnk
[2011.02.15 20:28:35 | 000,000,990 | -HS- | C] () -- C:\Documents and Settings\Michal\Data aplikací\systemfl.$dk
[2011.02.06 13:46:33 | 000,001,144 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2011.02.06 12:55:52 | 000,024,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2011.01.05 11:03:58 | 001,841,152 | ---- | C] () -- C:\Program Files\HellShare.exe
[2010.12.26 16:17:25 | 000,459,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.12.03 10:25:24 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.01 07:08:30 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.03 20:30:30 | 000,401,408 | R--- | C] () -- C:\WINDOWS\713xRMT.exe
[2010.11.03 20:30:29 | 000,352,256 | R--- | C] () -- C:\WINDOWS\713xRMTMon.exe
[2010.10.31 10:59:46 | 000,000,141 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010.10.16 09:48:55 | 000,000,028 | ---- | C] () -- C:\WINDOWS\VOLOV EReg.ini
[2010.10.10 09:52:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.09.28 13:41:15 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2010.09.22 06:32:31 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\fusioncache.dat
[2010.09.15 19:03:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.08.07 07:19:47 | 000,003,134 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2010.08.07 06:58:04 | 000,082,692 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.07.09 20:02:24 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.06.15 12:52:28 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.14 18:12:23 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.06.14 18:12:15 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.06.14 18:12:15 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.06.14 18:12:14 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.06.13 13:51:07 | 000,168,960 | ---- | C] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.13 13:45:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.13 13:30:50 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.06.13 13:28:02 | 000,403,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.13 13:21:20 | 000,003,257 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.06.13 13:21:17 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.06.13 13:11:21 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2010.06.13 13:11:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2010.06.13 13:11:17 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2010.06.13 13:11:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2010.06.13 13:11:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010.06.13 13:11:15 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2010.06.13 13:11:15 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2010.06.13 13:11:15 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2010.06.13 13:09:26 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.06.13 12:27:28 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.06.13 12:20:27 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2010.06.13 12:20:24 | 000,143,676 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.06.13 11:41:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.06.13 11:36:36 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.10.14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.09.26 10:05:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\khips.sys
[2004.09.30 08:17:31 | 000,001,578 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.08.18 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 15:00:00 | 000,502,026 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 15:00:00 | 000,496,766 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 15:00:00 | 000,102,632 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 15:00:00 | 000,087,932 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 15:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 15:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003.09.30 11:47:39 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2003.09.30 11:47:39 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.09.30 11:47:39 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003.09.30 11:47:39 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2003.09.30 11:47:39 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.04.02 21:03:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002.04.02 21:02:34 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.06.09 10:07:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\mtstack.exe
[2000.09.19 00:50:28 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[Bruce]

A zbytek:

========== LOP Check ==========

[2010.12.27 09:02:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.02.10 09:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.09.24 12:39:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.09.24 12:54:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2010.09.24 13:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2010.09.24 12:54:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2010.09.24 12:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2010.09.24 19:53:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2010.09.24 12:54:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2010.09.24 12:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2010.06.13 12:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.01.04 13:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
[2010.12.13 12:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Dassault Systemes
[2010.08.20 18:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Guitar Pro 6
[2010.07.04 09:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.09.30 10:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KONAMI
[2010.06.19 07:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.06.23 16:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sports Interactive
[2011.02.25 12:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.06.18 12:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TomTom
[2011.01.31 21:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.02.03 09:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WOP
[2011.01.12 20:18:22 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.01.13 20:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2011.02.15 17:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ace
[2010.12.03 16:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Acoustica
[2010.06.14 08:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Acronis
[2010.12.14 12:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Autodesk
[2010.09.24 19:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Canon
[2010.09.24 12:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Canon Easy-WebPrint EX
[2010.11.04 11:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CD-LabelPrint
[2010.10.10 09:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\com.thumbplay.thumbplaymusic.5761B231E6D57E03ED1458FC63804F45A9FCE021.1
[2010.06.13 13:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Lite
[2011.01.04 13:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Pro
[2011.01.06 16:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Desktop Sidebar
[2010.12.13 12:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DraftSight
[2011.02.20 11:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DVDVideoSoft
[2011.02.27 20:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\esmska
[2011.02.26 12:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\facemoods.com
[2010.11.13 17:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Guitar Pro 6
[2011.02.23 17:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\HD Tune Pro
[2010.09.29 07:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Leadertech
[2010.06.17 18:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\mojosoft
[2010.07.04 10:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Nokia
[2010.06.19 07:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\PC Suite
[2010.06.23 16:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Sports Interactive
[2011.02.25 12:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
[2010.12.07 14:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Thinstall
[2010.06.13 13:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Thunderbird
[2010.06.18 12:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\TomTom
[2011.01.31 21:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\TuneUp Software
[2010.10.24 14:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Unigraphics Solutions
[2010.09.25 18:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\uTorrent
[2010.10.16 08:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\VitySoft
[2010.09.21 09:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Windows Search
[2011.02.25 17:40:28 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.09.06 11:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\ABBYY
[2011.02.15 17:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ace
[2010.12.03 16:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Acoustica
[2010.06.14 08:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Acronis
[2011.02.20 12:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Adobe
[2010.12.03 10:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ahead
[2010.12.23 17:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Apple Computer
[2010.06.13 12:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\ATI
[2010.12.14 12:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Autodesk
[2010.09.24 19:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Canon
[2010.09.24 12:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Canon Easy-WebPrint EX
[2010.12.26 10:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CANON INC
[2010.11.04 11:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\CD-LabelPrint
[2010.10.10 09:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\com.thumbplay.thumbplaymusic.5761B231E6D57E03ED1458FC63804F45A9FCE021.1
[2010.06.13 13:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Lite
[2011.01.04 13:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Pro
[2011.01.06 16:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Desktop Sidebar
[2010.12.13 12:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DraftSight
[2011.02.01 14:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\dvdcss
[2011.02.20 11:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DVDVideoSoft
[2011.02.27 20:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\esmska
[2011.02.26 12:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\facemoods.com
[2010.11.13 17:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Guitar Pro 6
[2011.02.23 17:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\HD Tune Pro
[2010.07.04 09:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Help
[2010.06.13 11:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Identities
[2011.02.15 17:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\InstallShield
[2010.09.29 07:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Leadertech
[2010.06.13 14:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Macromedia
[2010.06.22 11:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Malwarebytes
[2010.12.25 12:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Media Player Classic
[2011.02.20 12:06:12 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Michal\Data aplikací\Microsoft
[2010.06.17 18:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\mojosoft
[2010.06.13 13:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Mozilla
[2010.07.04 10:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Nokia
[2010.06.19 07:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\PC Suite
[2010.10.01 15:50:34 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Michal\Data aplikací\SecuROM
[2010.07.10 08:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Skype
[2010.07.10 08:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\skypePM
[2010.06.23 16:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Sports Interactive
[2011.02.25 12:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
[2010.06.22 07:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Sun
[2010.12.07 14:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Thinstall
[2010.06.13 13:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Thunderbird
[2010.06.18 12:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\TomTom
[2011.01.31 21:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\TuneUp Software
[2010.10.24 14:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Unigraphics Solutions
[2010.09.25 18:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\uTorrent
[2010.10.16 08:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\VitySoft
[2011.02.27 13:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\vlc
[2011.02.27 20:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Winamp
[2010.09.21 09:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Windows Search
[2010.06.13 13:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\WinRAR
[2011.01.23 09:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2010.10.10 09:20:20 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Michal\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.06.13 12:33:27 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{06629042-F4AF-0513-198B-528E70FC895D}\ARPPRODUCTICON.exe
[2010.06.13 12:33:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{0BCA9802-A2E2-5C30-E67D-1E3972E39C7D}\ARPPRODUCTICON.exe
[2010.06.13 12:32:51 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{0E2558CC-4BF5-DB77-1B77-1C96154B63FD}\ARPPRODUCTICON.exe
[2010.06.13 12:32:43 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{0FBED6A5-0832-72E8-74E8-CB7157EA4E2C}\ARPPRODUCTICON.exe
[2010.06.13 12:32:33 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{124834B9-88AD-CDE2-F270-079534069EC8}\ARPPRODUCTICON.exe
[2010.06.13 12:33:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{16E0653C-C6E5-176D-6C4F-5BCC3A3659F4}\ARPPRODUCTICON.exe
[2010.06.13 12:33:03 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{1810F63A-7EE6-B163-E1CD-C8D96613A0CF}\ARPPRODUCTICON.exe
[2010.06.13 12:33:01 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{189AA991-3941-1809-3E25-69FACD511E65}\ARPPRODUCTICON.exe
[2010.06.13 12:32:35 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{1AA580B2-3F31-5493-5834-41D6CB0A624C}\ARPPRODUCTICON.exe
[2010.06.13 12:32:53 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{1F65D898-0D1E-A35A-1B1C-17E2BF86CBF6}\ARPPRODUCTICON.exe
[2010.06.13 12:33:26 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{25C1831B-6A18-1B5C-F2B3-5D07AFCAA815}\ARPPRODUCTICON.exe
[2010.06.13 12:32:37 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{2790F70C-77EA-ED55-F004-7A4B86C4EB5F}\ARPPRODUCTICON.exe
[2010.06.13 12:39:04 | 000,018,718 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\ARPPRODUCTICON.exe
[2010.06.13 12:39:04 | 000,018,718 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
[2010.06.13 12:39:04 | 000,018,718 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{333BECA0-DED8-4139-A516-8D9E44E22669}\NewShortcut3_8315396A5EA1419DBEC4978284BDF556.exe
[2010.06.13 12:32:57 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{4442F730-CAA1-EE3D-9784-DA0CE20D55A9}\ARPPRODUCTICON.exe
[2010.06.13 12:33:15 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{44DC4CD5-D498-716B-43A0-7C38857C6EF1}\ARPPRODUCTICON.exe
[2010.06.13 12:33:19 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{466E12F0-798F-F239-F45D-440BEF4C3A0B}\ARPPRODUCTICON.exe
[2010.06.13 12:33:04 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{55414A2E-6859-EC1D-AA21-2A7007D7501D}\ARPPRODUCTICON.exe
[2010.06.13 12:33:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{56D7F8DB-1D04-0084-1D82-F6084097248A}\ARPPRODUCTICON.exe
[2010.06.13 12:33:20 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{642217AA-B847-62DD-42F2-124DB4E89F98}\ARPPRODUCTICON.exe
[2010.06.13 12:32:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{71FA7FEB-C3FA-C109-92FC-D01D321B0CF1}\ARPPRODUCTICON.exe
[2010.06.13 12:33:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{74C559F3-3241-7ADC-3654-E2D55B10D9AD}\ARPPRODUCTICON.exe
[2010.06.13 12:32:27 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{74FE2B30-2102-4587-7D99-98D81263B5C8}\ARPPRODUCTICON.exe
[2010.06.13 12:33:14 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{8652D365-2286-B354-38AC-22F8C76FB329}\ARPPRODUCTICON.exe
[2010.06.13 12:33:07 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{8812EE0C-51BA-03B6-F7DD-5EE7F5D461D3}\ARPPRODUCTICON.exe
[2010.06.13 12:33:16 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{90659141-A53F-EDDE-CABE-FDAA778984FB}\ARPPRODUCTICON.exe
[2010.06.13 12:32:41 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{90FB18DC-39CD-80D4-E0B3-7A992E44F433}\ARPPRODUCTICON.exe
[2010.06.13 12:33:23 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{A32FD1BB-2E7A-D801-65E6-DFC8030739ED}\ARPPRODUCTICON.exe
[2010.06.13 12:33:13 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{AD001350-7A0A-C654-59ED-DA9952EA2546}\ARPPRODUCTICON.exe
[2010.06.13 12:32:55 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{AF4BDBD6-F14B-C0AB-086E-4B106784A048}\ARPPRODUCTICON.exe
[2010.06.13 12:32:39 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{B45FD272-837E-4795-CF82-E10300DBC4C4}\ARPPRODUCTICON.exe
[2010.06.13 12:33:22 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{B5D9C46B-D473-1F35-3EAF-716BD8DDE262}\ARPPRODUCTICON.exe
[2010.06.13 12:33:28 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{B6D57D9F-258A-F878-C519-7F2E3573BAC4}\ARPPRODUCTICON.exe
[2010.06.13 12:32:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{BB8ACBB7-E9D5-1B4C-7CA3-ACD2F275111C}\ARPPRODUCTICON.exe
[2010.06.13 12:32:09 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{BEDBB836-3698-4569-6B8C-56A776296FCB}\ARPPRODUCTICON.exe
[2010.06.13 12:33:30 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{C4C7E29D-EBFC-E6C5-20DE-CAA54E6E30A8}\ARPPRODUCTICON.exe
[2010.06.13 12:31:23 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe
[2010.06.13 12:32:29 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{D76F826F-4CBF-E94F-C341-3D42844B6EF5}\ARPPRODUCTICON.exe
[2010.06.13 12:32:20 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{DBFF1920-F179-0FAE-A7E1-0ADF6F8F168B}\ARPPRODUCTICON.exe
[2010.06.13 12:33:10 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{DC43856E-F17E-4475-CDA9-630AAF6A920C}\ARPPRODUCTICON.exe
[2010.06.13 12:33:25 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{DD19698F-AE52-024C-87E0-38A7BC9B757C}\ARPPRODUCTICON.exe
[2010.06.13 12:33:06 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{E03C5BE5-AB89-5131-0CEC-8380E8A9DA12}\ARPPRODUCTICON.exe
[2010.06.13 12:32:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{E3831CA9-BE59-740B-296D-7D8DC094CD76}\ARPPRODUCTICON.exe
[2010.06.13 12:32:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{EF258689-C39C-50C1-631D-7DB83D49872C}\ARPPRODUCTICON.exe
[2010.06.13 12:32:45 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{FA78C2E2-B5DC-4BFA-1581-985F9513595E}\ARPPRODUCTICON.exe
[2010.06.13 12:33:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Michal\Data aplikací\Microsoft\Installer\{FE9C291C-6D9B-BD1C-DA1F-95A53AA5FA8E}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 15:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 15:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 15:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 15:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.06.17 18:19:18 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 15:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 15:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 15:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 15:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 15:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 15:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 15:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2005.02.25 07:26:14 | 000,060,800 | ---- | M] (VIA Technologies inc,.ltd) MD5=6AAA39DD79A8341CE0EF9249F21D6B89 -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.18 15:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 15:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 04:21:39 | 000,124,416 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\dfrgui.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.02.08 14:11:47 | 000,431,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2010.06.13 13:27:20 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.06.13 13:27:20 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.06.13 13:27:20 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 04:21:39 | 000,124,416 | ---- | M] (Microsoft Corp. and Executive Software International, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\dfrgui.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.02.27 09:19:30 | 000,403,120 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.02.27 10:21:56 | 000,102,632 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.02.27 10:21:56 | 000,087,932 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.02.27 10:21:56 | 000,496,766 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.02.27 10:21:56 | 000,502,026 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.02.27 10:21:56 | 001,208,228 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Files - Unicode (All) ==========
[2010.08.20 19:06:42 | 000,000,000 | ---D | M](C:\Documents and Settings\Michal\Data aplikac?) -- C:\Documents and Settings\Michal\Data aplikac�
(C:\Documents and Settings\Michal\Data aplikac?) -- C:\Documents and Settings\Michal\Data aplikac�

< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
  SRV - File not found [Disabled | Stopped] -- -- (AcrSch2Svc)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: - Reg Error: Key error. File not found
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
  IE - HKU\S-1-5-21-1417001333-796845957-682003330-1004\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
  FF - prefs.js..browser.search.defaultengine: "Ask.com"
  FF - prefs.js..browser.search.defaultenginename: "Ask.com"
  FF - prefs.js..browser.search.order.1: "Ask.com"
  FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
  FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
  FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHAL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\F861DC2F.DEFAULT\EXTENSIONS\{35106BCA-6C78-48C7-AC28-56DF30B51D2A}
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHAL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\F861DC2F.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHAL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\F861DC2F.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}
  [2011.02.26 12:54:07 | 000,002,046 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
  O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
  O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  O4 - HKU\S-1-5-21-1417001333-796845957-682003330-1004..\Run: [] File not found
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
  O33 - MountPoints2\{2cb76bc0-3385-11e0-b2b3-806d6172696f}\Shell - "" = AutoRun
  O33 - MountPoints2\{e07d7b35-76e5-11df-b1c1-806d6172696f}\Shell - "" = AutoRun
  [2011.02.26 12:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Data aplikací\facemoods.com
  [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
  [2011.02.26 12:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\facemoods.com
  
  :reg
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVPro]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
   
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [PURITY]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Bruce]

Takže provedeno dle pokynů:

All processes killed
========== OTL ==========
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
Service AcrSch2Svc stopped successfully!
Service AcrSch2Svc deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1417001333-796845957-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1417001333-796845957-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1417001333-796845957-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-796845957-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-796845957-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr
Prefs.js: "megaup" removed from browser.search.param.yahoo-fr-cjkt
Prefs.js: "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=" removed from keyword.URL
C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
File C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1417001333-796845957-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cb76bc0-3385-11e0-b2b3-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cb76bc0-3385-11e0-b2b3-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e07d7b35-76e5-11df-b1c1-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e07d7b35-76e5-11df-b1c1-806d6172696f}\ not found.
C:\Documents and Settings\Michal\Data aplikací\facemoods.com\facemoods folder moved successfully.
C:\Documents and Settings\Michal\Data aplikací\facemoods.com folder moved successfully.
C:\WINDOWS\002773_.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
Folder C:\Documents and Settings\Michal\Data aplikací\facemoods.com\ not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVPro\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12D5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP136D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1392.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13A5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP141.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP214.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP225.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP284.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP383.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP42E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP788.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFB.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI100.tmp moved successfully.
C:\WINDOWS\Installer\MSI101.tmp moved successfully.
C:\WINDOWS\Installer\MSI12A.tmp moved successfully.
C:\WINDOWS\Installer\MSI12F.tmp moved successfully.
C:\WINDOWS\Installer\MSI130.tmp moved successfully.
C:\WINDOWS\Installer\MSI133.tmp moved successfully.
C:\WINDOWS\Installer\MSI16.tmp moved successfully.
C:\WINDOWS\Installer\MSI161.tmp moved successfully.
C:\WINDOWS\Installer\MSI181.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A0.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A1.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A2.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A5.tmp moved successfully.
C:\WINDOWS\Installer\MSI1DB.tmp moved successfully.
C:\WINDOWS\Installer\MSI1E2.tmp moved successfully.
C:\WINDOWS\Installer\MSI1E4.tmp moved successfully.
C:\WINDOWS\Installer\MSI1F0.tmp moved successfully.
C:\WINDOWS\Installer\MSI1F5.tmp moved successfully.
C:\WINDOWS\Installer\MSI20F.tmp moved successfully.
C:\WINDOWS\Installer\MSI217.tmp moved successfully.
C:\WINDOWS\Installer\MSI22B.tmp moved successfully.
C:\WINDOWS\Installer\MSI22E.tmp moved successfully.
C:\WINDOWS\Installer\MSI23.tmp moved successfully.
C:\WINDOWS\Installer\MSI243.tmp moved successfully.
C:\WINDOWS\Installer\MSI264.tmp moved successfully.
C:\WINDOWS\Installer\MSI26A.tmp moved successfully.
C:\WINDOWS\Installer\MSI26D.tmp moved successfully.
C:\WINDOWS\Installer\MSI275.tmp moved successfully.
C:\WINDOWS\Installer\MSI296.tmp moved successfully.
C:\WINDOWS\Installer\MSI302.tmp moved successfully.
C:\WINDOWS\Installer\MSI310.tmp moved successfully.
C:\WINDOWS\Installer\MSI311.tmp moved successfully.
C:\WINDOWS\Installer\MSI317.tmp moved successfully.
C:\WINDOWS\Installer\MSI31A.tmp moved successfully.
C:\WINDOWS\Installer\MSI325.tmp moved successfully.
C:\WINDOWS\Installer\MSI327.tmp moved successfully.
C:\WINDOWS\Installer\MSI34.tmp moved successfully.
C:\WINDOWS\Installer\MSI3B3.tmp moved successfully.
C:\WINDOWS\Installer\MSI3FF.tmp moved successfully.
C:\WINDOWS\Installer\MSI426.tmp moved successfully.
C:\WINDOWS\Installer\MSI433.tmp moved successfully.
C:\WINDOWS\Installer\MSI439.tmp moved successfully.
C:\WINDOWS\Installer\MSI43A.tmp moved successfully.
C:\WINDOWS\Installer\MSI43B.tmp moved successfully.
C:\WINDOWS\Installer\MSI43D.tmp moved successfully.
C:\WINDOWS\Installer\MSI440.tmp moved successfully.
C:\WINDOWS\Installer\MSI4F.tmp moved successfully.
C:\WINDOWS\Installer\MSI5.tmp moved successfully.
C:\WINDOWS\Installer\MSI5A2.tmp moved successfully.
C:\WINDOWS\Installer\MSI5B.tmp moved successfully.
C:\WINDOWS\Installer\MSI5F.tmp moved successfully.
C:\WINDOWS\Installer\MSI5F3.tmp moved successfully.
C:\WINDOWS\Installer\MSI7.tmp moved successfully.
C:\WINDOWS\Installer\MSI72.tmp moved successfully.
C:\WINDOWS\Installer\MSI73.tmp moved successfully.
C:\WINDOWS\Installer\MSI74.tmp moved successfully.
C:\WINDOWS\Installer\MSI7DF.tmp moved successfully.
C:\WINDOWS\Installer\MSI82.tmp moved successfully.
C:\WINDOWS\Installer\MSI84C.tmp moved successfully.
C:\WINDOWS\Installer\MSI853.tmp moved successfully.
C:\WINDOWS\Installer\MSI865.tmp moved successfully.
C:\WINDOWS\Installer\MSI869.tmp moved successfully.
C:\WINDOWS\Installer\MSI870.tmp moved successfully.
C:\WINDOWS\Installer\MSI8D.tmp moved successfully.
C:\WINDOWS\Installer\MSI9.tmp moved successfully.
C:\WINDOWS\Installer\MSI97.tmp moved successfully.
C:\WINDOWS\Installer\MSI9F0.tmp moved successfully.
C:\WINDOWS\Installer\MSIA0B.tmp moved successfully.
C:\WINDOWS\Installer\MSIB09.tmp moved successfully.
C:\WINDOWS\Installer\MSIC8B.tmp moved successfully.
C:\WINDOWS\Installer\MSID8C.tmp moved successfully.
C:\WINDOWS\Installer\MSIE9.tmp moved successfully.
C:\WINDOWS\Installer\MSIEA.tmp moved successfully.
C:\WINDOWS\Installer\MSIEB.tmp moved successfully.
C:\WINDOWS\Installer\MSIEC.tmp moved successfully.
C:\WINDOWS\Installer\MSIED.tmp moved successfully.
C:\WINDOWS\Installer\MSIEE.tmp moved successfully.
C:\WINDOWS\Installer\MSIEF.tmp moved successfully.
C:\WINDOWS\Installer\MSIF0.tmp moved successfully.
C:\WINDOWS\Installer\MSIF1.tmp moved successfully.
C:\WINDOWS\Installer\MSIF2.tmp moved successfully.
C:\WINDOWS\Installer\MSIF3.tmp moved successfully.
C:\WINDOWS\Installer\MSIF4.tmp moved successfully.
C:\WINDOWS\Installer\MSIF5.tmp moved successfully.
C:\WINDOWS\Installer\MSIF6.tmp moved successfully.
C:\WINDOWS\Installer\MSIF7.tmp moved successfully.
C:\WINDOWS\Installer\MSIF8.tmp moved successfully.
C:\WINDOWS\Installer\MSIF9.tmp moved successfully.
C:\WINDOWS\Installer\MSIFA.tmp moved successfully.
C:\WINDOWS\Installer\MSIFB.tmp moved successfully.
C:\WINDOWS\Installer\MSIFC.tmp moved successfully.
C:\WINDOWS\Installer\MSIFD.tmp moved successfully.
C:\WINDOWS\Installer\MSIFE.tmp moved successfully.
C:\WINDOWS\Installer\MSIFF.tmp moved successfully.
C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\TBM4.tmp moved successfully.
C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\TBM5.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33566 bytes

User: Michal
->Temp folder emptied: 550729 bytes
->Temporary Internet Files folder emptied: 82322 bytes
->Java cache emptied: 3887345 bytes
->FireFox cache emptied: 57334049 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 59267 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1426790 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 108 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 331019206 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3144879 bytes

Total Files Cleaned = 379,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: Michal
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.22.1 log created on 02282011_085521

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[vyosek]

Jak se chova PC

[Bruce]

Úplně skvěle, všechno šlape na jedničku. Patří Vám veliké díky Navíc bleskové reakce, prostě paráda!!

[vyosek]

Tak jeste uklidime

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A pokud nejsou problemy ci dotazy, je to z me strany vse

Jinak nemate zac, rad jsem pomohl