prosim o preventivku...

Zpráva

Francouz · #1 Příspěvek od **Francouz** » 13 dub 2010 19:06

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:58, on 13.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FB0819B-7EA0-459F-94E7-C96DE20E64ED}: NameServer = 85.92.58.185
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe

--
End of file - 7626 bytes

#2 Příspěvek od **Caroprd111** » 13 dub 2010 19:08

Zdravím

Přečtěte si pravidla fóra a dejte log z RSIT.

Francouz · #3 Příspěvek od **Francouz** » 13 dub 2010 19:16

pardon

Logfile of random's system information tool 1.06 (written by random/random)
Run by aa at 2010-04-13 20:12:38
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (37%) free of 21 GB
Total RAM: 766 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:43, on 13.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\aa\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\HijackThis\aa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FB0819B-7EA0-459F-94E7-C96DE20E64ED}: NameServer = 85.92.58.185
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe

--
End of file - 7683 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-01 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2010-01-24 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-19 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-01 520192]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171008]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"FortKnoxPersonalFirewall"=C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-24 198160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
C:\Program Files\VersalSoft\InternetDownload\InternetDownload.exe /upgrade []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-24 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2010-04-05 319792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-01-17 618557]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"O&O Defrag"=2
"getPlus(R) Helper"=3
"PnkBstrB"=2
"PnkBstrA"=2
"ICQ Service"=2
"wltrysvc"=2
"ose"=3
"odserv"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"AVP"=2
"Ati HotKey Poller"=2
"sp_rssrv"=2
"SPF4"=2
"SbPF.Launcher"=2
"btwdins"=2
"NBService"=3
"WMPNetworkSvc"=3
"NMIndexingService"=3
"Microsoft Office Groove Audit Service"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-07-29 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=
"NoResolveTrack"=
"NoFileAssociate"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\aa\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\aa\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent.exe"="C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent(3).exe"="C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent(3).exe:*:Enabled:µTorrent"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe:*:Enabled:Sunbelt Kerio Personal Firewall 4 - GUI"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-13 20:12:38 ----D---- C:\rsit
2010-04-11 21:46:24 ----D---- C:\Program Files\Easy GIF Animator
2010-04-06 19:43:31 ----D---- C:\Program Files\Sunbelt Software
2010-03-24 04:56:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-24 04:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-24 04:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-24 04:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-24 04:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-24 04:54:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-24 04:54:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-24 04:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-24 04:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-24 04:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-24 04:51:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-23 21:55:30 ----D---- C:\Program Files\Amara - Intro and Banner Builder
2010-03-19 22:20:20 ----D---- C:\Documents and Settings\aa\Data aplikací\Kerio
2010-03-19 21:49:56 ----D---- C:\Program Files\ESET
2010-03-17 12:27:37 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-17 12:18:30 ----D---- C:\WINDOWS\system32\xp

======List of files/folders modified in the last 1 months======

2010-04-13 20:12:39 ----D---- C:\WINDOWS\temp
2010-04-13 20:12:20 ----D---- C:\Documents and Settings\aa\Data aplikací\uTorrent
2010-04-13 20:05:57 ----D---- C:\WINDOWS\Prefetch
2010-04-13 17:28:21 ----D---- C:\Program Files\AIMP2
2010-04-13 16:38:33 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-11 21:46:24 ----RD---- C:\Program Files
2010-04-10 07:35:01 ----D---- C:\WINDOWS\system32
2010-04-10 07:35:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-09 17:13:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-06 19:45:09 ----A---- C:\WINDOWS\system.ini
2010-04-06 19:43:37 ----SHD---- C:\WINDOWS\Installer
2010-04-06 19:43:37 ----D---- C:\Config.Msi
2010-04-06 19:43:33 ----D---- C:\WINDOWS\system32\drivers
2010-04-06 19:37:19 ----D---- C:\WINDOWS
2010-04-06 19:35:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-05 23:06:04 ----HD---- C:\WINDOWS\inf
2010-04-05 22:55:23 ----D---- C:\Program Files\uTorrent
2010-04-05 22:22:06 ----D---- C:\WINDOWS\Debug
2010-04-05 22:15:25 ----RASH---- C:\boot.ini
2010-04-05 22:15:25 ----A---- C:\WINDOWS\win.ini
2010-04-05 17:46:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-05 17:46:11 ----D---- C:\Program Files\Internet Explorer
2010-04-05 17:45:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-05 16:58:55 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-04 20:27:43 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 07:06:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-24 04:54:40 ----D---- C:\Program Files\Movie Maker
2010-03-23 04:11:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-03-23 04:10:12 ----RSD---- C:\WINDOWS\assembly
2010-03-23 04:08:23 ----RSD---- C:\WINDOWS\Fonts
2010-03-23 04:08:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-23 04:07:31 ----D---- C:\Program Files\Microsoft Works
2010-03-23 04:04:54 ----D---- C:\Program Files\Common Files\System
2010-03-22 23:04:43 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-22 18:58:47 ----A---- C:\WINDOWS\wincmd.ini
2010-03-20 06:51:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2010-03-19 21:33:10 ----SD---- C:\Documents and Settings\aa\Data aplikací\Microsoft
2010-03-17 12:26:58 ----D---- C:\Program Files\Windows Media Player
2010-03-17 12:26:57 ----D---- C:\WINDOWS\Help
2010-03-16 21:17:19 ----D---- C:\Documents and Settings\aa\Data aplikací\Skype
2010-03-16 20:28:42 ----D---- C:\Documents and Settings\aa\Data aplikací\skypePM
2010-03-16 19:19:17 ----SD---- C:\WINDOWS\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-12-15 274432]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-12-15 81920]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\System32\drivers\btserial.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [2006-01-17 850474]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 EMSCR;EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [2006-05-25 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [2006-05-25 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [2006-05-25 74752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 a2m92thi;a2m92thi; C:\WINDOWS\system32\drivers\a2m92thi.sys []
S3 acmcx76m;acmcx76m; C:\WINDOWS\system32\drivers\acmcx76m.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2007-07-26 547904]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\System32\DRIVERS\btport.sys [2006-01-17 30459]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\aa\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 KLIF;KLIF; \??\C:\WINDOWS\system32\drivers\klif.sys []
S3 kvnet;Kerio Virtual Network Adapter; C:\WINDOWS\system32\DRIVERS\kvnet.sys [2009-03-23 29696]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer; C:\WINDOWS\system32\DRIVERS\kwflower.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe [2005-12-19 1368064]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2006-04-27 405504]
S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe []
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-15 66872]
S4 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-13 202448]
S4 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2005-11-11 18944]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

#4 Příspěvek od **Caroprd111** » 13 dub 2010 19:18

Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.

Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Obrázek

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

Francouz · #5 Příspěvek od **Francouz** » 13 dub 2010 19:22

nelegalni,proc jako,?nechapu...jsem zde regnuty jiz nejakou dobu a vzdy vse ok...i dary odesilam...
ale nelegalniho to co mam mit,snad ne eset heslo z prace ?:)

#6 Příspěvek od **Caroprd111** » 13 dub 2010 19:30

V logu je vidět nelegální NOD32.

Francouz · #7 Příspěvek od **Francouz** » 13 dub 2010 20:12

Logfile of random's system information tool 1.06 (written by random/random)
Run by aa at 2010-04-13 21:03:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (36%) free of 21 GB
Total RAM: 766 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:57, on 13.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\aa\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\HijackThis\aa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FB0819B-7EA0-459F-94E7-C96DE20E64ED}: NameServer = 85.92.58.185
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

--
End of file - 7446 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-01 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2010-01-24 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-19 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-01 520192]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171008]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-24 198160]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-01-28 2757512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetDownload_upgrade]
C:\Program Files\VersalSoft\InternetDownload\InternetDownload.exe /upgrade []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit /s reset.reg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-24 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2010-04-05 319792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-01-17 618557]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"O&O Defrag"=2
"getPlus(R) Helper"=3
"PnkBstrB"=2
"PnkBstrA"=2
"ICQ Service"=2
"wltrysvc"=2
"ose"=3
"odserv"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"AVP"=2
"Ati HotKey Poller"=2
"sp_rssrv"=2
"SPF4"=2
"SbPF.Launcher"=2
"btwdins"=2
"NBService"=3
"WMPNetworkSvc"=3
"NMIndexingService"=3
"Microsoft Office Groove Audit Service"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-07-29 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=
"NoResolveTrack"=
"NoFileAssociate"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\aa\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\aa\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent.exe"="C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent(3).exe"="C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent(3).exe:*:Enabled:µTorrent"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe:*:Enabled:Sunbelt Kerio Personal Firewall 4 - GUI"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-13 20:36:14 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-13 20:36:05 ----D---- C:\Program Files\Alwil Software
2010-04-13 20:12:38 ----D---- C:\rsit
2010-04-11 21:46:24 ----D---- C:\Program Files\Easy GIF Animator
2010-03-24 04:56:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-24 04:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-24 04:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-24 04:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-24 04:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-24 04:54:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-24 04:54:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-24 04:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-24 04:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-24 04:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-24 04:51:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-23 21:55:30 ----D---- C:\Program Files\Amara - Intro and Banner Builder
2010-03-19 22:20:20 ----D---- C:\Documents and Settings\aa\Data aplikací\Kerio
2010-03-17 12:27:37 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-17 12:18:30 ----D---- C:\WINDOWS\system32\xp

======List of files/folders modified in the last 1 months======

2010-04-13 21:03:56 ----D---- C:\WINDOWS\temp
2010-04-13 21:02:10 ----RASH---- C:\boot.ini
2010-04-13 21:02:10 ----A---- C:\WINDOWS\win.ini
2010-04-13 21:02:10 ----A---- C:\WINDOWS\system.ini
2010-04-13 21:01:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-13 21:00:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-13 20:55:51 ----D---- C:\WINDOWS\system32
2010-04-13 20:55:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-13 20:50:44 ----RD---- C:\Program Files
2010-04-13 20:50:15 ----SHD---- C:\WINDOWS\Installer
2010-04-13 20:50:15 ----SD---- C:\Documents and Settings\aa\Data aplikací\Microsoft
2010-04-13 20:50:13 ----D---- C:\Config.Msi
2010-04-13 20:50:11 ----D---- C:\WINDOWS\system32\drivers
2010-04-13 20:49:26 ----D---- C:\WINDOWS\Prefetch
2010-04-13 20:46:01 ----D---- C:\Documents and Settings\aa\Data aplikací\uTorrent
2010-04-13 20:36:28 ----D---- C:\WINDOWS\WinSxS
2010-04-13 20:33:20 ----D---- C:\WINDOWS
2010-04-13 17:28:21 ----D---- C:\Program Files\AIMP2
2010-04-13 16:38:33 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-05 23:06:04 ----HD---- C:\WINDOWS\inf
2010-04-05 22:55:23 ----D---- C:\Program Files\uTorrent
2010-04-05 22:22:06 ----D---- C:\WINDOWS\Debug
2010-04-05 17:46:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-05 17:46:11 ----D---- C:\Program Files\Internet Explorer
2010-04-05 17:45:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-05 16:58:55 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-04 20:27:43 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 07:06:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-24 04:54:40 ----D---- C:\Program Files\Movie Maker
2010-03-23 04:11:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-03-23 04:10:12 ----RSD---- C:\WINDOWS\assembly
2010-03-23 04:08:23 ----RSD---- C:\WINDOWS\Fonts
2010-03-23 04:08:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-23 04:07:31 ----D---- C:\Program Files\Microsoft Works
2010-03-23 04:04:54 ----D---- C:\Program Files\Common Files\System
2010-03-22 23:04:43 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-22 18:58:47 ----A---- C:\WINDOWS\wincmd.ini
2010-03-20 06:51:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2010-03-17 12:26:58 ----D---- C:\Program Files\Windows Media Player
2010-03-17 12:26:57 ----D---- C:\WINDOWS\Help
2010-03-16 21:17:19 ----D---- C:\Documents and Settings\aa\Data aplikací\Skype
2010-03-16 20:28:42 ----D---- C:\Documents and Settings\aa\Data aplikací\skypePM
2010-03-16 19:19:17 ----SD---- C:\WINDOWS\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-01-28 28240]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2010-01-28 103120]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-01-28 270928]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-01-28 163280]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-01-28 46672]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-01-28 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-01-28 100432]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\System32\drivers\btserial.sys []
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-01-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [2006-01-17 850474]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 EMSCR;EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [2006-05-25 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [2006-05-25 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [2006-05-25 74752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 a2m92thi;a2m92thi; C:\WINDOWS\system32\drivers\a2m92thi.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2007-07-26 547904]
S3 aypfqqf1;aypfqqf1; C:\WINDOWS\system32\drivers\aypfqqf1.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\System32\DRIVERS\btport.sys [2006-01-17 30459]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\aa\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 KLIF;KLIF; \??\C:\WINDOWS\system32\drivers\klif.sys []
S3 kvnet;Kerio Virtual Network Adapter; C:\WINDOWS\system32\DRIVERS\kvnet.sys [2009-03-23 29696]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer; C:\WINDOWS\system32\DRIVERS\kwflower.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-01-28 119200]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2006-04-27 405504]
S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe []
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-15 66872]
S4 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-13 202448]
S4 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2005-11-11 18944]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

-----------------------------------------
-----------------------------------------
-----------------------------------------

#8 Příspěvek od **Caroprd111** » 13 dub 2010 20:14

OK, ještě CKScanner.

Francouz · #9 Příspěvek od **Francouz** » 13 dub 2010 20:35

ten skener fachci,ale po snaze ulozeni na plochu me to tam nikde nenecha,tak jsem udelal jen sreen...
hm tak ten me nejde nahraT NA SKLADE OBRAZKU...?

Francouz · #10 Příspěvek od **Francouz** » 13 dub 2010 20:45

uz jsem to nasel...uff
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\rybar\crack\ffsalias.ff2
c:\program files\rybar\crack\ffsinfo.ff2
c:\program files\rybar\crack\ffstran.cfg
c:\program files\rybar\crack\rybar.exe
c:\program files\rybar\crack\rybar.ini
scanner sequence 3.BC.11
----- EOF -----

#11 Příspěvek od **Caroprd111** » 13 dub 2010 20:55

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte program, poté klikněte na Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Francouz · #12 Příspěvek od **Francouz** » 13 dub 2010 21:07

OTL Extras logfile created on: 13.4.2010 21:59:01 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\aa\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

766,00 Mb Total Physical Memory | 225,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,49 Gb Total Space | 7,40 Gb Free Space | 36,12% Space Free | Partition Type: NTFS
Drive D: | 44,82 Gb Total Space | 8,07 Gb Free Space | 18,00% Space Free | Partition Type: NTFS
Drive E: | 46,47 Gb Total Space | 21,25 Gb Free Space | 45,74% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 465,65 Gb Total Space | 175,86 Gb Free Space | 37,77% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOMA-FK3WZJTN19
Current User Name: aa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\aa\Data aplikací\uTorrent\utorrent.exe" = C:\Documents and Settings\aa\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent.exe" = C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent(3).exe" = C:\Documents and Settings\aa\Dokumenty\Stažené soubory\utorrent(3).exe:*:Enabled:µTorrent -- File not found
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe" = C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe:*:Enabled:Sunbelt Kerio Personal Firewall 4 - GUI -- File not found
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216017F0}" = Java(TM) 6 Update 17
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{4888447D-7926-4697-9466-9561C8621029}" = Nero 7 Ultra Edition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79B05AF4-8894-49A1-9FF4-53F0142D85E1}" = ATI Catalyst Control Center
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B3783869-5D14-4838-A042-910DF816D070}" = Xara3D6
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D99C322D-C21B-40C7-AE71-EE51AA096B6E}" = Nokia Flashing Cable Driver
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{EF4F620F-F295-41D7-92C0-6B635709C850}" = Nokia Software Updater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = SMSC IrCC V5.1.3600.7
"{F70D5D8C-C1AF-40B3-9E47-3BB5F19EEA3A}" = Atheros for Acer Driver 5.3.0.67_Foxconn Installation Program
"{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}" = Commandos 2: Men of Courage
"6EDA9AD6C8C68418427383EF403AC547797F6A93" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIMP2" = AIMP2
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Amara - Intro and Banner Builder" = Amara - Intro and Banner Builder
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Internet Security
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Čeština do Commandos2" = Čeština do Commandos2
"Easy GIF Animator Pro_is1" = Easy GIF Animator 4.6 Pro
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"MediaInfo" = MediaInfo 0.7.10
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 12.0" = RealPlayer
"Reimage Repair" = Reimage Repair
"Rybář - profesionální rybářský záznamník_is1" = Rybář
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WheelMouse" = Smart-X7 7.80
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13.4.2010 15:02:30 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 13.4.2010 15:02:37 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 13.4.2010 15:02:37 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 13.4.2010 15:02:37 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 13.4.2010 15:02:37 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 13.4.2010 15:02:37 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 13.4.2010 15:02:37 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 13.4.2010 15:02:38 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 13.4.2010 15:02:39 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 13.4.2010 15:02:40 | Computer Name = DOMA-FK3WZJTN19 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

[ System Events ]
Error - 13.4.2010 14:43:19 | Computer Name = DOMA-FK3WZJTN19 | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 13.4.2010 14:48:35 | Computer Name = DOMA-FK3WZJTN19 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 13.4.2010 14:48:35 | Computer Name = DOMA-FK3WZJTN19 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 85.92.58.186,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 13.4.2010 14:56:14 | Computer Name = DOMA-FK3WZJTN19 | Source = ipnathlp | ID = 31012
Description = Agent serveru proxy služby DNS zjistil chybu, když přijímal místní
seznam serverů pro překlad adres IP. Je možné, že k některým serverům DNS nebo WINS
nebudou mít klienti v místní síti přístup. Uvedený údaj je kód chyby.

Error - 13.4.2010 14:56:14 | Computer Name = DOMA-FK3WZJTN19 | Source = ipnathlp | ID = 31012
Description = Agent serveru proxy služby DNS zjistil chybu, když přijímal místní
seznam serverů pro překlad adres IP. Je možné, že k některým serverům DNS nebo WINS
nebudou mít klienti v místní síti přístup. Uvedený údaj je kód chyby.

Error - 13.4.2010 14:56:49 | Computer Name = DOMA-FK3WZJTN19 | Source = ipnathlp | ID = 31012
Description = Agent serveru proxy služby DNS zjistil chybu, když přijímal místní
seznam serverů pro překlad adres IP. Je možné, že k některým serverům DNS nebo WINS
nebudou mít klienti v místní síti přístup. Uvedený údaj je kód chyby.

Error - 13.4.2010 14:56:49 | Computer Name = DOMA-FK3WZJTN19 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 85.92.58.186,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 13.4.2010 15:01:29 | Computer Name = DOMA-FK3WZJTN19 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 13.4.2010 15:01:29 | Computer Name = DOMA-FK3WZJTN19 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 85.92.58.186,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 13.4.2010 15:29:40 | Computer Name = DOMA-FK3WZJTN19 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}

< End of report >

Francouz · #13 Příspěvek od **Francouz** » 13 dub 2010 21:07

OTL logfile created on: 13.4.2010 21:59:01 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\aa\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

766,00 Mb Total Physical Memory | 225,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,49 Gb Total Space | 7,40 Gb Free Space | 36,12% Space Free | Partition Type: NTFS
Drive D: | 44,82 Gb Total Space | 8,07 Gb Free Space | 18,00% Space Free | Partition Type: NTFS
Drive E: | 46,47 Gb Total Space | 21,25 Gb Free Space | 45,74% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 465,65 Gb Total Space | 175,86 Gb Free Space | 37,77% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOMA-FK3WZJTN19
Current User Name: aa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.13 21:58:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aa\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.05 22:01:21 | 000,319,792 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2010.04.04 20:27:15 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.28 23:09:31 | 002,757,512 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.01.28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.01.28 23:09:15 | 000,119,200 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe
PRC - [2010.01.24 16:04:59 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.04.13 21:58:54 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aa\Dokumenty\Stažené soubory\OTL.exe
MOD - [2010.01.28 22:58:21 | 000,122,880 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\snxBorder.dll
MOD - [2010.01.28 22:56:49 | 000,135,168 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\snxPlugins.dll
MOD - [2010.01.24 16:05:48 | 000,102,400 | ---- | M] (RealPlayer) -- c:\Program Files\Real\RealPlayer\browserrecord\chrome\hook\rpchromebrowserrecordhelper.dll
MOD - [2010.01.24 16:05:03 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2009.08.13 15:56:20 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2007.04.12 15:00:16 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (ICQ Service)
SRV - File not found [Disabled | Stopped] -- -- (AVP)
SRV - [2010.01.28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.01.28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.01.28 23:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.01.28 23:09:15 | 000,119,200 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2009.09.23 17:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.03.19 22:25:03 | 000,015,906 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2010.01.28 22:59:21 | 000,103,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswFW.sys -- (aswFW)
DRV - [2010.01.28 22:59:05 | 000,270,928 | ---- | M] (ALWIL Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010.01.28 22:58:45 | 000,194,640 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2010.01.28 22:57:55 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.01.28 22:57:34 | 000,163,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.01.28 22:54:42 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.01.28 22:54:16 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.01.28 22:54:05 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.01.28 22:53:50 | 000,028,240 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.01.09 22:22:02 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2009.12.13 21:17:59 | 000,138,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009.11.12 23:17:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2009.03.23 11:25:54 | 000,029,696 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kvnet.sys -- (kvnet)
DRV - [2008.09.15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.07.18 17:39:18 | 000,213,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2008.06.20 13:08:27 | 000,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008.02.01 15:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008.02.01 15:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2007.07.26 13:19:24 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.05.14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007.05.14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2006.06.28 17:25:00 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.06.16 20:56:00 | 000,083,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.05.25 11:19:00 | 000,074,752 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006.05.25 11:19:00 | 000,061,056 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006.05.25 11:19:00 | 000,040,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006.05.10 12:22:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.27 10:46:50 | 001,540,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.03.03 13:52:00 | 000,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006.01.17 10:21:52 | 000,328,061 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.01.17 10:19:46 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006.01.17 10:18:22 | 000,850,474 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.01.17 10:15:36 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2004.10.15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: feedbar@efinke.com:4.1.2
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,www.plimus.com,regnow.com,www.regnow.com,"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 7070

FF - user.js..browser.search.openintab: false
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""
FF - user.js..network.proxy.socks: "127.0.0.1"
FF - user.js..network.proxy.socks_port: 7070
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\Program Files\Internet Explorer\plugins [2010.01.24 16:05:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.04 20:27:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.04 20:27:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2008.09.05 16:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Extensions
[2010.04.13 21:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions
[2009.01.01 20:40:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2009.11.04 16:11:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.12.12 22:49:19 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2009.11.07 22:10:07 | 000,000,000 | ---D | M] (Firefox Showcase) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2009.12.12 22:46:50 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2009.05.24 20:06:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009.10.30 11:08:35 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.03.07 07:57:06 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.12.22 18:13:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\DTToolbar@toolbarnet.com
[2009.12.12 22:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com
[2010.04.04 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\personas@christopher.beard
[2010.04.04 20:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis
[2009.12.27 01:27:17 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\askcom.xml
[2009.07.01 14:22:12 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\conduit.xml
[2009.12.25 23:00:05 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\daemon-search.xml
[2010.04.10 07:41:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-1.xml
[2009.07.18 07:43:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-10.xml
[2009.08.07 13:43:12 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-11.xml
[2009.09.13 19:00:31 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-12.xml
[2009.09.13 19:18:40 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-13.xml
[2009.10.30 07:51:17 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-14.xml
[2009.11.07 06:52:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-15.xml
[2009.11.12 23:34:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-16.xml
[2009.12.22 19:00:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-17.xml
[2010.01.07 13:53:46 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-18.xml
[2010.03.07 08:00:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-19.xml
[2008.12.28 22:46:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-2.xml
[2010.03.24 16:06:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-20.xml
[2010.04.04 20:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-21.xml
[2009.02.06 12:24:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-3.xml
[2009.03.14 21:49:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-4.xml
[2009.04.08 08:59:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-5.xml
[2009.04.08 09:25:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-6.xml
[2009.04.26 08:37:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-7.xml
[2009.05.06 11:04:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-8.xml
[2009.06.21 09:29:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-9.xml
[2008.03.31 09:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.gif
[2008.03.31 09:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.src
[2009.09.06 13:26:42 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.xml
[2010.04.10 07:41:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.10.16 10:34:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.11.05 21:05:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(2)
[2008.10.16 15:09:05 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npdrmv2.dll
[2008.10.16 15:08:46 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\Mozilla Firefox\plugins\npdsplay(2).dll
[2009.01.07 10:58:04 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2008.10.16 15:08:57 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll
[2010.04.04 20:27:22 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.04 20:27:22 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.04 20:27:22 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.04 20:27:22 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.04 20:27:22 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.05.14 08:36:27 | 000,000,193 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-F7ED0776FB27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Key error. File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Value error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\aa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\aa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.13 20:37:12 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.04.13 20:37:11 | 000,163,280 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.04.13 20:37:10 | 000,270,928 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2010.04.13 20:37:10 | 000,103,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2010.04.13 20:36:51 | 000,194,640 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2010.04.13 20:36:50 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.04.13 20:36:49 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.04.13 20:36:48 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.04.13 20:36:48 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.04.13 20:36:48 | 000,028,240 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.04.13 20:36:15 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2010.04.13 20:36:14 | 000,152,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.04.13 20:36:14 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.04.13 20:36:05 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.04.13 20:12:38 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.11 21:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Easy GIF Animator
[2010.04.05 22:21:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\aa\Recent
[2010.03.28 01:06:46 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.copy
[2010.03.23 21:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aa\Local Settings\Data aplikací\Amara
[2010.03.23 21:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Amara - Intro and Banner Builder
[2010.03.19 22:20:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aa\Data aplikací\Kerio
[2010.03.19 21:57:41 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.03.17 12:27:37 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.03.17 12:18:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xp
[2010.02.01 06:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2010.01.24 20:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2010.01.24 16:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.10.16 11:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.10.15 11:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2008.10.09 00:08:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2008.09.14 15:38:31 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\aa\Data aplikací\pcouffin.sys
[2008.09.13 16:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2008.09.05 13:11:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft

========== Files - Modified Within 30 Days ==========

[2010.04.13 21:56:43 | 000,023,630 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Stastlivci.2008.DVDR.CZ.Destroy-DRagON.torrent
[2010.04.13 21:29:47 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.13 21:22:53 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\aa\ntuser.dat
[2010.04.13 21:05:43 | 000,966,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.13 21:05:43 | 000,433,356 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.13 21:05:43 | 000,380,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.13 21:05:43 | 000,079,930 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.13 21:05:43 | 000,061,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.13 21:02:10 | 000,000,650 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.04.13 21:02:10 | 000,000,344 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.13 21:02:10 | 000,000,264 | RHS- | M] () -- C:\boot.ini
[2010.04.13 21:01:27 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.13 21:01:12 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.13 21:00:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.13 21:00:52 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.13 20:59:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\aa\ntuser.ini
[2010.04.13 20:59:45 | 008,579,108 | -H-- | M] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\IconCache.db
[2010.04.13 20:48:56 | 000,029,648 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2010.04.13 20:37:12 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Internet Security.lnk
[2010.04.13 20:36:48 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.04.13 16:38:45 | 000,000,098 | ---- | M] () -- C:\Documents and Settings\aa\default.pls
[2010.04.13 16:29:15 | 000,023,301 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Zodiac.DVD.2007.5.1.CZ.torrent
[2010.04.13 16:19:20 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.04.13 14:41:23 | 000,023,878 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Fantastic.Mr.Fox.PL.DVDR-FMFOX.torrent
[2010.04.12 20:31:14 | 000,021,369 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Materske.galeje.torrent
[2010.04.11 19:08:08 | 000,024,717 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Zeme.Ztracenych.2009.DVDR.CZ-TreZzoR.torrent
[2010.04.11 16:55:20 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.11 13:54:03 | 000,021,308 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Stari.a.neklidni.2009.FULL.DVD5.CZ.torrent
[2010.04.10 20:39:26 | 000,007,454 | ---- | M] () -- C:\Documents and Settings\aa\Plocha\avatar28.png
[2010.04.10 20:25:09 | 000,022,505 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Hlad.2008.FULL-DVD.CZ.Destroy-DRagON.torrent
[2010.04.10 14:54:59 | 000,014,449 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Agent bez minulosti 1.2.3.torrent
[2010.04.07 21:46:45 | 000,014,494 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Sherlock.Holmes.2009.BRRip.XviD.CZ.torrent
[2010.04.07 19:20:56 | 000,022,584 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Hlad.2008.FULL.DVD.CZ.Destroy-DRagON.torrent
[2010.04.05 08:05:33 | 000,019,016 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Likvidator.DVD.5.1.CZ.torrent
[2010.04.01 22:49:02 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010.04.01 18:11:52 | 000,016,117 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\2012 Posledni proroctvi.torrent
[2010.04.01 07:33:17 | 000,026,459 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Zaklety.v.case.2009.DVDR.CZ-cibulator679.torrent
[2010.03.31 10:38:23 | 000,026,530 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Ozbrojeni.a.nebezpecni.2009.DVDR.CZ-MiDo.torrent
[2010.03.30 20:58:12 | 000,021,843 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Jazzman.2009.FULL.DVD.CZ.Destroy-DRagON.torrent
[2010.03.28 17:29:48 | 000,023,838 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Test.DVD.2003.5.1.CZ.torrent
[2010.03.28 14:19:13 | 000,023,780 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\500.dni.se.Summer.2009.DVDR.CZ-MiDo.torrent
[2010.03.28 01:38:23 | 000,011,078 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Phat.Bottom.Girls.2.XviD.torrent
[2010.03.27 18:19:03 | 000,020,077 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Posledni.zustava.DVD.5.1.CZ.torrent
[2010.03.27 15:02:35 | 000,095,896 | ---- | M] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.25 22:12:44 | 000,014,606 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\This.Isnt.Twilight.The.XXX.Parody.2009.XXX.DVDRip.XviD.torrent
[2010.03.24 21:18:20 | 000,014,445 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Teachers.XXX.BDRiP.XviD.torrent
[2010.03.23 10:48:53 | 000,014,455 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Blonde.Bombs.XXX.DVDRip.XviD.torrent
[2010.03.23 04:32:22 | 000,323,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.23 00:23:44 | 000,021,913 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Hackers_2_Nebezpecny_kod_Cz.torrent
[2010.03.22 21:58:05 | 000,014,550 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Fresh.Outta.High.School.19.XXX.DVDRip.XviD.torrent
[2010.03.22 18:58:47 | 000,002,700 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.03.21 22:32:04 | 000,014,496 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Cotton.Panties.8.XXX.DVDRiP.XviD-DivXfacTory.torrent
[2010.03.21 00:39:34 | 000,018,687 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Hackers.3.Elita.DVD5.CZ.torrent
[2010.03.20 23:26:35 | 000,014,376 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Ashampoo Burning Studio v9.21.torrent
[2010.03.20 21:58:26 | 000,022,143 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Vrazda.v.Bilem.dome.1997.torrent
[2010.03.20 16:08:25 | 000,014,485 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Fly Girls.torrent
[2010.03.20 06:56:24 | 000,014,724 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Oil.Overload.3.DISC1.XXX.DVDRip.XviD.torrent
[2010.03.19 21:14:58 | 000,014,674 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Ass.Worship.11.XXX.DVDRip.XviD.torrent
[2010.03.19 11:15:43 | 000,014,677 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Cum.Spoiled.Brats.XXX.DVDRip.XviD.torrent
[2010.03.17 12:27:11 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.03.17 12:27:11 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.03.16 23:51:15 | 000,015,181 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Heinrich Himmler- Profil masoveho vraha.torrent

========== Files Created - No Company Name ==========

[2010.04.13 21:56:43 | 000,023,630 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Stastlivci.2008.DVDR.CZ.Destroy-DRagON.torrent
[2010.04.13 20:37:12 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Internet Security.lnk
[2010.04.13 14:41:23 | 000,023,878 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Fantastic.Mr.Fox.PL.DVDR-FMFOX.torrent
[2010.04.12 20:31:14 | 000,021,369 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Materske.galeje.torrent
[2010.04.11 19:08:08 | 000,024,717 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Zeme.Ztracenych.2009.DVDR.CZ-TreZzoR.torrent
[2010.04.11 13:54:03 | 000,021,308 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Stari.a.neklidni.2009.FULL.DVD5.CZ.torrent
[2010.04.10 20:45:01 | 000,007,454 | ---- | C] () -- C:\Documents and Settings\aa\Plocha\avatar28.png
[2010.04.08 21:37:36 | 000,014,449 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Agent bez minulosti 1.2.3.torrent
[2010.04.07 21:46:45 | 000,014,494 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Sherlock.Holmes.2009.BRRip.XviD.CZ.torrent
[2010.04.07 19:55:43 | 000,022,505 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Hlad.2008.FULL-DVD.CZ.Destroy-DRagON.torrent
[2010.04.07 04:09:51 | 000,022,584 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Hlad.2008.FULL.DVD.CZ.Destroy-DRagON.torrent
[2010.04.05 08:05:33 | 000,019,016 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Likvidator.DVD.5.1.CZ.torrent
[2010.04.01 18:11:52 | 000,016,117 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\2012 Posledni proroctvi.torrent
[2010.04.01 07:33:17 | 000,026,459 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Zaklety.v.case.2009.DVDR.CZ-cibulator679.torrent
[2010.03.31 10:38:23 | 000,026,530 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Ozbrojeni.a.nebezpecni.2009.DVDR.CZ-MiDo.torrent
[2010.03.30 20:58:12 | 000,021,843 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Jazzman.2009.FULL.DVD.CZ.Destroy-DRagON.torrent
[2010.03.28 18:28:52 | 000,023,301 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Zodiac.DVD.2007.5.1.CZ.torrent
[2010.03.28 17:29:47 | 000,023,838 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Test.DVD.2003.5.1.CZ.torrent
[2010.03.28 14:19:12 | 000,023,780 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\500.dni.se.Summer.2009.DVDR.CZ-MiDo.torrent
[2010.03.28 01:38:23 | 000,011,078 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Phat.Bottom.Girls.2.XviD.torrent
[2010.03.27 18:19:03 | 000,020,077 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Posledni.zustava.DVD.5.1.CZ.torrent
[2010.03.25 22:12:44 | 000,014,606 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\This.Isnt.Twilight.The.XXX.Parody.2009.XXX.DVDRip.XviD.torrent
[2010.03.24 21:18:20 | 000,014,445 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Teachers.XXX.BDRiP.XviD.torrent
[2010.03.23 10:48:53 | 000,014,455 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Blonde.Bombs.XXX.DVDRip.XviD.torrent
[2010.03.23 00:23:44 | 000,021,913 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Hackers_2_Nebezpecny_kod_Cz.torrent
[2010.03.22 21:58:05 | 000,014,550 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Fresh.Outta.High.School.19.XXX.DVDRip.XviD.torrent
[2010.03.21 21:38:32 | 000,014,496 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Cotton.Panties.8.XXX.DVDRiP.XviD-DivXfacTory.torrent
[2010.03.21 00:39:34 | 000,018,687 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Hackers.3.Elita.DVD5.CZ.torrent
[2010.03.20 23:26:35 | 000,014,376 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Ashampoo Burning Studio v9.21.torrent
[2010.03.20 21:58:25 | 000,022,143 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Vrazda.v.Bilem.dome.1997.torrent
[2010.03.20 16:08:25 | 000,014,485 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Fly Girls.torrent
[2010.03.20 06:56:24 | 000,014,724 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Oil.Overload.3.DISC1.XXX.DVDRip.XviD.torrent
[2010.03.19 21:14:58 | 000,014,674 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Ass.Worship.11.XXX.DVDRip.XviD.torrent
[2010.03.19 11:15:43 | 000,014,677 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Cum.Spoiled.Brats.XXX.DVDRip.XviD.torrent
[2010.03.16 23:51:15 | 000,015,181 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Heinrich Himmler- Profil masoveho vraha.torrent
[2010.03.10 19:59:35 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009.12.14 16:35:08 | 001,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll
[2009.12.05 12:30:50 | 000,000,060 | ---- | C] () -- C:\WINDOWS\pident.ini
[2009.12.05 12:27:56 | 000,000,584 | ---- | C] () -- C:\WINDOWS\pirchutl.ini
[2009.10.17 19:56:11 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.12.111745.560_XP_Vista_x32.INI
[2009.08.24 13:06:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.03.28 10:00:10 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\aa\Data aplikací\inst.exe
[2009.03.10 14:41:00 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.02.08 17:26:29 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.01.19 17:23:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.01.19 17:23:50 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.01.08 20:45:41 | 000,138,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.01.01 20:36:55 | 000,002,686 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.11.11 22:37:20 | 000,000,196 | ---- | C] () -- C:\WINDOWS\thtitanc.INI
[2008.11.04 09:07:39 | 009,699,328 | ---- | C] () -- C:\Documents and Settings\aa\ntuser.dat
[2008.10.23 17:43:31 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\aa\NTUSER.DAT.rdtmp.LOG
[2008.09.26 12:27:20 | 000,002,700 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.14 15:39:22 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\aa\Data aplikací\vso_ts_preview.xml
[2008.09.14 15:39:00 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\aa\Data aplikací\pcouffin.log
[2008.09.14 15:38:31 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\aa\Data aplikací\pcouffin.cat
[2008.09.14 15:38:31 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\aa\Data aplikací\pcouffin.inf
[2008.09.07 15:16:40 | 000,000,098 | ---- | C] () -- C:\Documents and Settings\aa\default.pls
[2008.09.07 00:10:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.09.07 00:01:25 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.09.06 09:53:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.09.06 00:04:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.09.05 23:34:41 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.05 15:33:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.09.05 14:14:26 | 000,000,211 | ---- | C] () -- C:\WINDOWS\System32\BOOTBAK.INI
[2008.09.05 13:22:12 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2008.09.05 13:12:52 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\aa\ntuser.ini
[2008.09.05 13:12:51 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\aa\ntuser.dat.LOG
[2008.09.05 13:12:49 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\aa\NTUSER.DAT.rdbkp
[2008.09.05 12:17:21 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008.09.05 12:16:56 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006.10.28 20:57:48 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2006.01.17 10:31:30 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 003,223,552 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2005.10.14 11:56:48 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2005.10.14 11:56:48 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005.10.14 11:56:48 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.02.17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2002.05.18 00:18:30 | 000,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0295CBF7
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DF462FF6
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D0F286CA
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
< End of report >

#14 Příspěvek od **Caroprd111** » 14 dub 2010 05:22

Doporučuji odinstalovat µTorrent.

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.

Obrázek

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
SRV - File not found [Disabled | Stopped] -- -- (ICQ Service)
SRV - File not found [Disabled | Stopped] -- -- (AVP)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-F7ED0776FB27} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
[2009.03.28 10:00:10 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\aa\Data aplikací\inst.exe
[2008.09.05 23:34:41 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
@Alternate Data Stream - 203 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0295CBF7
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DF462FF6
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D0F286CA
@Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9

:Commands
[PURITY] 
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]
[REBOOT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Francouz · #15 Příspěvek od **Francouz** » 14 dub 2010 06:36

All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
Service AVP stopped successfully!
Service AVP deleted successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-5736-4205-0008-F7ED0776FB27} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-5736-4205-0008-F7ED0776FB27}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
C:\Documents and Settings\aa\Data aplikací\inst.exe moved successfully.
C:\Documents and Settings\aa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0295CBF7 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DF462FF6 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D0F286CA deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: aa
->Temp folder emptied: 2742784 bytes
->Temporary Internet Files folder emptied: 450077 bytes
->Java cache emptied: 315032 bytes
->FireFox cache emptied: 170326227 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2560 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 923067 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 619 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 14035328 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 67 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 180,00 mb

[EMPTYFLASH]

User: aa
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.1.1 log created on 04142010_072706

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

VIRY.CZ

prosim o preventivku...

prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...

Re: prosim o preventivku...