VIRY.CZ

Dobrý den poslední dobou mám nehorázně zpomalený internet. Videa se načítají hrozně pomalu. Ve World of Warcraft latency doshauje klidně i 10000 ms. A mám podezření na backdoora.
Spyware terminator mi našel toto: Trojan.ExOptions.Gen
a nejde to smazat vždy napíše hlášku:

Mazání registrů selhalo: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe
Mazání registrů selhalo: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe

Našel jsem tu na fóru pár témat kde se tenhle případ řešil zkoušel jsem následovat rady moderátora ale nepomohlo proto zakládám svůj nový.

Log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by FEARFUL at 2010-04-21 17:57:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 231 GB (48%) free of 477 GB
Total RAM: 3582 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:57:52, on 21.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WTouch\WTouchService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\FEARFUL\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\FEARFUL.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Bitlord Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B55FCC5-ED07-441D-8ECF-73C106CCEA40}: NameServer = 160.218.10.200 160.218.43.200
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca314635ed9e0) (gupdate1ca314635ed9e0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: WTouch Service (WTouchService) - Wacom Technology, Corp. - C:\Program Files\WTouch\WTouchService.exe

--
End of file - 11145 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-04-14 1241960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-06-29 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-05-27 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
Bitlord Toolbar - C:\Program Files\TorrentMan\tbTor0.dll [2010-01-14 2166296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-09 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-27 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-27 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-16 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7c5c0f58-e061-457d-9033-77307f5ed00c} - Bitlord Toolbar - C:\Program Files\TorrentMan\tbTor0.dll [2010-01-14 2166296]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-04-14 1241960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-05-25 1953792]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-15 86016]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]
"Launch LGDCore"=C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe [2006-07-23 1126400]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-14 2176512]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-09 2140880]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-15 13680640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-03-24 3037696]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe [2010-03-31 133368]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Hry\World of Warcraft\Launcher.exe"="C:\Hry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\FEARFUL\Plocha\Stronghold\Stronghold Crusader.exe"="C:\Documents and Settings\FEARFUL\Plocha\Stronghold\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\Documents and Settings\FEARFUL\Plocha\aoe2\age2_x1.exe"="C:\Documents and Settings\FEARFUL\Plocha\aoe2\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Hry\Diablo II\Diablo II.exe"="C:\Hry\Diablo II\Diablo II.exe:*:Enabled:Diablo II - Lord of Destruction"
"C:\Hry\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe"="C:\Hry\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Hry\Wolfenstein - Enemy Territory\ET.exe"="C:\Hry\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold_TL.exe"="C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold_TL.exe:*:Enabled:Europa1400Gold_TL"
"C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold.exe"="C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold.exe:*:Enabled:Europa1400Gold"
"C:\Hry\UT2004\System\UT2004.exe"="C:\Hry\UT2004\System\UT2004.exe:*:Enabled:UT2004"
"C:\Hry\1C\RC Cars\RCCARS.EXE"="C:\Hry\1C\RC Cars\RCCARS.EXE:*:Enabled:RCCars executable"
"C:\Documents and Settings\FEARFUL\Plocha\Port Royale\PortRoyale.exe"="C:\Documents and Settings\FEARFUL\Plocha\Port Royale\PortRoyale.exe:*:Enabled:Port Royale"
"C:\Hry\World of Warcraft\BackgroundDownloader.exe"="C:\Hry\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\Hry\Warcraft III\Warcraft III.exe"="C:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe"="C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam"
"C:\Hry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="C:\Hry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client"
"C:\Hry\CGN\Re-Volt\REVOLT.EXE"="C:\Hry\CGN\Re-Volt\REVOLT.EXE:*:Enabled:REVOLT"
"C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Hry\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Hry\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Hry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Hry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Hry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="C:\Hry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Hry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="C:\Hry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Hry\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Hry\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Hry\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="C:\Hry\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\Hry\Codemasters\DiRT\DiRT.exe"="C:\Hry\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable"
"C:\Hry\Ubisoft\Techland\Call of Juarez\coj.exe"="C:\Hry\Ubisoft\Techland\Call of Juarez\coj.exe:*:Enabled:The Call of Juarez"
"C:\Hry\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="C:\Hry\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Hry\TrackMania United\TmUnited.exe"="C:\Hry\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\Hry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Hry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\Program Files\LuxRender\luxconsole.exe"="C:\Program Files\LuxRender\luxconsole.exe:*:Enabled:LuxRender Slave"
"C:\Hry\Microsoft Games\Age of Empires III\age3x.exe"="C:\Hry\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Hry\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="C:\Hry\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aomx.exe"="C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion"
"C:\Documents and Settings\FEARFUL\Plocha\Need for Speed Most Wanted\speed.exe"="C:\Documents and Settings\FEARFUL\Plocha\Need for Speed Most Wanted\speed.exe:*:Enabled:speed"
"C:\Hry\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe"="C:\Hry\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aom.exe"="C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aom.exe:*:Enabled:Age of Mythology"
"C:\Documents and Settings\FEARFUL\Local Settings\Apps\2.0\T3N1ZNG9.VWC\PD9V5ZB8.0B0\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe"="C:\Documents and Settings\FEARFUL\Local Settings\Apps\2.0\T3N1ZNG9.VWC\PD9V5ZB8.0B0\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe:*:Enabled:Curse Client 4.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\startcd.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d42e9958-f2d8-11de-a22d-001d7d9b1790}]
shell\AutoRun\command - wd_windows_tools\WDSetup.exe


======List of files/folders created in the last 3 months======

2010-04-21 17:57:10 ----D---- C:\rsit
2010-04-21 17:57:10 ----D---- C:\Program Files\trend micro
2010-04-20 21:49:21 ----D---- C:\Program Files\Crawler
2010-04-20 19:05:06 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\Malwarebytes
2010-04-20 19:04:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-04-20 19:04:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-20 17:12:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-04-20 17:03:56 ----D---- C:\Program Files\CCleaner
2010-04-04 10:44:17 ----D---- C:\Program Files\ESET
2010-03-31 10:00:48 ----D---- C:\Program Files\ICQ6Toolbar
2010-03-31 10:00:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-03-31 09:57:28 ----D---- C:\Program Files\ICQ7.1
2010-03-28 15:18:07 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\uTorrent
2010-03-24 20:11:52 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\WTouch
2010-03-24 20:11:51 ----N---- C:\WINDOWS\system32\Touch_Tablet.dll
2010-03-24 20:11:48 ----D---- C:\Program Files\WTouch
2010-03-24 20:11:43 ----D---- C:\Program Files\TabletPlugins
2010-03-24 20:09:28 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\WTablet
2010-03-24 20:02:54 ----D---- C:\WINDOWS\system32\WTablet
2010-03-24 20:02:49 ----N---- C:\WINDOWS\system32\Wintab32.dll
2010-03-24 20:02:49 ----A---- C:\WINDOWS\system32\Pen_Tablet.dll
2010-03-24 20:02:46 ----A---- C:\WINDOWS\system32\Pen_Tablet.exe
2010-03-24 20:02:41 ----D---- C:\Program Files\Tablet
2010-03-24 18:36:47 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\Spyware Terminator
2010-03-24 18:36:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-03-24 18:36:41 ----D---- C:\Program Files\Spyware Terminator
2010-03-24 15:08:51 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\inkscape
2010-03-24 15:04:29 ----D---- C:\Program Files\Inkscape
2010-03-13 16:29:03 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2010-03-13 16:26:10 ----D---- C:\3c7e26aeca254384f86473fc70
2010-03-13 15:59:00 ----RHD---- C:\AHCache
2010-02-25 21:18:00 ----D---- C:\Program Files\Zoner
2010-02-25 18:56:02 ----D---- C:\Program Files\Active GIF Creator 2.23
2010-02-22 14:53:14 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\Dev-Cpp
2010-02-22 14:52:47 ----D---- C:\Dev-Cpp
2010-02-22 13:50:52 ----D---- C:\Program Files\cygwin
2010-02-14 01:45:38 ----D---- C:\Program Files\EKO
2010-02-11 20:50:17 ----D---- C:\Program Files\Bunkspeed
2010-02-08 09:51:42 ----HD---- C:\Documents and Settings\FEARFUL\Data aplikací\FDBTemp
2010-02-05 17:38:06 ----D---- C:\Program Files\LogMeIn Hamachi
2010-02-03 20:10:20 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\My Battle for Middle-earth Files
2010-01-25 18:34:03 ----D---- C:\Program Files\7-Zip

======List of files/folders modified in the last 3 months======

2010-04-21 17:57:38 ----D---- C:\WINDOWS\Temp
2010-04-21 17:57:10 ----RD---- C:\Program Files
2010-04-21 17:56:58 ----D---- C:\WINDOWS\Prefetch
2010-04-21 17:56:31 ----A---- C:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6501) #3.txt
2010-04-21 16:08:57 ----A---- C:\WINDOWS\red_dialer.ini
2010-04-21 13:47:37 ----SD---- C:\WINDOWS\Tasks
2010-04-21 13:47:04 ----D---- C:\WINDOWS
2010-04-20 22:14:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-20 21:35:17 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-20 21:33:15 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\ICQ
2010-04-20 19:26:03 ----D---- C:\WINDOWS\system32
2010-04-20 19:04:47 ----D---- C:\WINDOWS\system32\drivers
2010-04-20 17:28:50 ----D---- C:\Program Files\Mozilla Firefox
2010-04-20 17:28:29 ----D---- C:\Program Files\BitLord
2010-04-20 17:18:35 ----SHD---- C:\WINDOWS\Installer
2010-04-20 17:18:35 ----HD---- C:\Config.Msi
2010-04-20 17:18:33 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-20 17:13:03 ----HD---- C:\WINDOWS\inf
2010-04-20 17:05:09 ----D---- C:\WINDOWS\Debug
2010-04-20 16:55:31 ----SHD---- C:\System Volume Information
2010-04-20 16:55:31 ----D---- C:\WINDOWS\system32\Restore
2010-04-20 16:52:07 ----D---- C:\WINDOWS\Minidump
2010-04-20 15:09:11 ----D---- C:\tmp
2010-04-19 17:01:43 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-17 01:32:20 ----D---- C:\Program Files\Common Files
2010-04-17 01:31:06 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-17 00:26:58 ----D---- C:\WINDOWS\WinSxS
2010-04-14 16:27:29 ----D---- C:\Program Files\Google
2010-04-12 22:35:28 ----D---- C:\Program Files\FlashGet
2010-04-12 15:44:55 ----D---- C:\Downloads
2010-04-02 23:27:38 ----D---- C:\Program Files\blender-2.49b-windows
2010-03-31 10:00:46 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-25 16:18:00 ----D---- C:\Program Files\ghgfhgfh
2010-03-24 20:03:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-13 16:46:30 ----RSD---- C:\WINDOWS\assembly
2010-03-13 16:44:07 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-13 16:28:50 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-13 16:27:11 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-13 16:27:08 ----D---- C:\WINDOWS\system32\en-us
2010-03-13 16:27:05 ----RSD---- C:\WINDOWS\Fonts
2010-03-13 16:25:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-12 15:40:33 ----D---- C:\Hry
2010-02-25 21:17:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-14 14:10:28 ----SD---- C:\Documents and Settings\FEARFUL\Data aplikací\Microsoft
2010-02-08 17:53:11 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\gtk-2.0
2010-02-05 17:37:59 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\Hamachi
2010-01-25 18:13:38 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\Indigo Renderer
2010-01-24 23:00:03 ----D---- C:\Program Files\Common Files\Adobe
2010-01-24 22:59:59 ----A---- C:\WINDOWS\win.ini
2010-01-23 08:23:46 ----D---- C:\Documents and Settings\FEARFUL\Data aplikací\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-09 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-09 95872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-05-24 271360]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-09 139192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-05-24 18048]
R3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 65408]
R3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-15 6301248]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-08-07 98944]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2009-05-20 13736]
S3 ayrms8uq;ayrms8uq; C:\WINDOWS\system32\drivers\ayrms8uq.sys []
S3 aze5mdbf;aze5mdbf; C:\WINDOWS\system32\drivers\aze5mdbf.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-09 810120]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-27 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-15 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-14 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-16 214520]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-14 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TabletServicePen;TabletServicePen; C:\WINDOWS\system32\Pen_Tablet.exe [2009-11-24 4497704]
R2 WTouchService;WTouch Service; C:\Program Files\WTouch\WTouchService.exe [2009-11-24 113448]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
R3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S2 gupdate1ca314635ed9e0;Služba Google Update (gupdate1ca314635ed9e0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-09 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-09 194032]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc); C:\WINDOWS\system32\pr2ah4nc.exe [2007-05-18 407152]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-09 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-26 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


Snad je tenhle log správný pokud ne pokuste se mě navést předem děkuji.

Zdravím


Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte, poté do spodního políčka vložte následující skript.

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Provedeno

OTL.txt

OTL logfile created on: 21.4.2010 18:21:42 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\FEARFUL\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 225,55 Gb Free Space | 48,43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FEARFUL-DBB43B4
Current User Name: FEARFUL
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.21 18:20:25 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FEARFUL\Dokumenty\Downloads\OTL.exe
PRC - [2010.04.14 15:21:08 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.04.14 15:21:07 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010.03.28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010.03.24 18:36:49 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.03.09 10:13:08 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.03.09 10:12:56 | 002,140,880 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.11.24 01:53:58 | 004,781,352 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009.11.24 01:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009.11.24 01:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009.11.24 01:53:56 | 001,823,528 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
PRC - [2009.10.29 13:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.06.01 10:21:30 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.01 10:21:08 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006.07.23 03:22:42 | 001,126,400 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
PRC - [2006.06.15 12:36:18 | 000,229,376 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2006.06.05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2005.07.21 04:13:42 | 001,294,442 | ---- | M] () -- C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe


========== Modules (SafeList) ==========

MOD - [2010.04.21 18:20:25 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FEARFUL\Dokumenty\Downloads\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2010.04.14 15:21:08 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.03.09 10:14:36 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.03.09 10:13:08 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.11.24 01:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009.11.24 01:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009.10.29 13:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009.08.26 10:19:12 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007.05.18 21:53:29 | 000,407,152 | ---- | M] (CODEMASTERS) [Auto | Stopped] -- C:\WINDOWS\System32\pr2ah4nc.exe -- (pr2ah4nc) DiRT Drivers Auto Removal (pr2ah4nc)
SRV - [2006.06.05 13:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
SRV - [2004.03.18 16:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2010.03.24 18:36:48 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.03.09 10:13:32 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.03.09 10:13:00 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.03.09 10:11:22 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.09.23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.12 11:14:30 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.24 11:19:04 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.05.24 11:19:04 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.20 20:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009.04.21 15:21:49 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009.01.15 08:19:00 | 006,301,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.08.07 11:40:38 | 000,098,944 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.07.18 13:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.06.13 17:47:12 | 000,048,256 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007.05.18 21:53:01 | 000,064,880 | ---- | M] (CODEMASTERS) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pe3ah4nc.sys -- (pe3ah4nc) DiRT Environment Driver (pe3ah4nc)
DRV - [2007.05.18 21:52:38 | 000,055,160 | ---- | M] (CODEMASTERS) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ps6ah4nc.sys -- (ps6ah4nc) DiRT Synchronization Driver (ps6ah4nc)
DRV - [2007.02.16 20:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006.05.29 08:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006.05.29 08:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006.05.29 08:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006.05.29 08:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005.05.02 13:55:40 | 000,065,408 | R--- | M] (AnyDATA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adusbmdm65.sys -- (adusbmdm6501) AnyDATA CDMA USB Modem Driver (PID 6501)
DRV - [2005.05.02 13:55:34 | 000,064,896 | R--- | M] (AnyDATA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adusbser65.sys -- (adusbser6501) AnyDATA CDMA USB Serial Port (PID 6501)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-436374069-1801674531-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-436374069-1801674531-839522115-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-436374069-1801674531-839522115-1003\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-436374069-1801674531-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-436374069-1801674531-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.2&q="

FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2010.04.20 21:49:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.10 06:51:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.16 13:38:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.04.04 10:44:20 | 000,000,000 | ---D | M]

[2009.04.21 17:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Mozilla\Extensions
[2010.04.14 22:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Mozilla\Firefox\Profiles\f15exube.default\extensions
[2010.03.31 10:00:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FEARFUL\Data aplikací\Mozilla\Firefox\Profiles\f15exube.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.31 10:00:45 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Data aplikací\Mozilla\Firefox\Profiles\f15exube.default\searchplugins\icqplugin.gif
[2010.03.31 10:00:45 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Data aplikací\Mozilla\Firefox\Profiles\f15exube.default\searchplugins\icqplugin.src
[2010.04.09 14:24:04 | 000,000,958 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Data aplikací\Mozilla\Firefox\Profiles\f15exube.default\searchplugins\icqplugin.xml
[2010.04.14 22:41:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.04.21 17:29:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2009.08.16 23:38:27 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.08.16 23:38:27 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.08.16 23:38:27 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.08.16 23:38:27 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.08.16 23:38:27 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001.10.25 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bitlord Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (&Crawler lišta) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (Bitlord Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Bitlord Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Bitlord Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-436374069-1801674531-839522115-1003\..\Toolbar\WebBrowser: (Bitlord Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTor0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKU\S-1-5-21-436374069-1801674531-839522115-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-436374069-1801674531-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-436374069-1801674531-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-436374069-1801674531-839522115-1003..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-436374069-1801674531-839522115-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-1801674531-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\JC_LINK.HTM ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-436374069-1801674531-839522115-1003\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\FEARFUL\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\FEARFUL\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d42e9958-f2d8-11de-a22d-001d7d9b1790}\Shell\AutoRun\command - "" = wd_windows_tools\WDSetup.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\startcd.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.04.21 17:00:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.avis - C:\WINDOWS\System32\ff_acm.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.04.21 17:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.21 17:57:10 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.21 13:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
[2010.04.20 21:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010.04.20 19:05:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Data aplikací\Malwarebytes
[2010.04.20 19:04:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.20 19:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.04.20 19:04:44 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.20 19:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.20 17:27:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\FEARFUL\Recent
[2010.04.20 17:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2010.04.20 17:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.19 17:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Dokumenty\W7_ULTIMATE
[2010.04.19 14:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\WTablet
[2010.04.04 10:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.04.03 00:52:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Plocha\blender-2.49b-windows
[2010.04.02 22:44:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Plocha\blender-2.5-alpha2-win32
[2010.03.31 10:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2010.03.31 10:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.03.31 09:57:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Local Settings\Data aplikací\AOL
[2010.03.31 09:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.1
[2010.03.28 15:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Data aplikací\uTorrent
[2010.03.24 20:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Data aplikací\WTouch
[2010.03.24 20:11:51 | 000,245,032 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Touch_Tablet.dll
[2010.03.24 20:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\WTouch
[2010.03.24 20:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2010.03.24 20:11:16 | 006,393,640 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\PenTablet.cpl
[2010.03.24 20:09:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Data aplikací\WTablet
[2010.03.24 20:03:46 | 000,011,312 | ---- | C] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacommousefilter.sys
[2010.03.24 20:03:14 | 000,013,736 | ---- | C] (Wacom Technology) -- C:\WINDOWS\System32\drivers\wacomvhid.sys
[2010.03.24 20:02:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WTablet
[2010.03.24 20:02:49 | 000,416,040 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.dll
[2010.03.24 20:02:49 | 000,284,160 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wintab32.dll
[2010.03.24 20:02:46 | 004,497,704 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.exe
[2010.03.24 20:02:41 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2010.03.24 18:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Data aplikací\Spyware Terminator
[2010.03.24 18:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.03.24 18:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.03.24 15:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Data aplikací\inkscape
[2010.03.24 15:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Inkscape
[2010.03.23 22:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FEARFUL\Dokumenty\1
[2009.09.09 14:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.09.09 14:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.07.30 12:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2009.04.21 15:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.04.21 15:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.04.21 15:11:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.04.21 15:11:44 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.21 17:53:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.21 17:10:42 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\World of Warcraft.lnk
[2010.04.21 16:19:18 | 000,092,739 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Dokumenty\24563_414380367068_208735512068_5828709_1827084_n.jpg
[2010.04.21 16:08:57 | 000,000,244 | ---- | M] () -- C:\WINDOWS\red_dialer.ini
[2010.04.21 13:47:37 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.04.21 13:46:39 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.21 13:46:36 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.21 13:46:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.21 13:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.20 22:14:32 | 006,815,744 | ---- | M] () -- C:\Documents and Settings\FEARFUL\ntuser.dat
[2010.04.20 20:30:05 | 000,080,103 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Dokumenty\mh4pzn.jpg
[2010.04.20 19:04:50 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.20 17:12:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.20 17:03:56 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Plocha\CCleaner.lnk
[2010.04.20 16:55:06 | 001,531,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.20 16:53:49 | 000,065,216 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.04.20 15:49:34 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2010.04.20 15:49:34 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2010.04.19 19:56:34 | 000,023,584 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Dokumenty\bookmarks.html
[2010.04.19 17:07:10 | 000,000,183 | ---- | M] () -- C:\Documents and Settings\FEARFUL\default.pls
[2010.04.19 17:01:43 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.19 16:27:21 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.18 20:28:12 | 370,409,471 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Dokumenty\W7_ULTIMATE_7600.16385.090713-1255_x86_x64_CZ_EN_SK_Activated.iso
[2010.04.18 20:28:12 | 370,409,471 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Dokumenty\Kopie - W7_ULTIMATE_7600.16385.090713-1255_x86_x64_CZ_EN_SK_Activated.iso
[2010.04.18 08:02:26 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\FEARFUL\ntuser.ini
[2010.04.16 13:38:42 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.04.15 11:50:52 | 000,403,881 | ---- | M] () -- C:\Documents and Settings\FEARFUL\Plocha\_4_0d.pdf
[2010.04.14 16:27:45 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.04.13 07:14:49 | 734,457,166 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Ulovit miliardare.avi
[2010.04.11 15:55:30 | 008,276,752 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\aom10to110.exe
[2010.04.11 15:54:33 | 002,175,368 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\AgeOfMythologyv1.10FixedexeEng.rar
[2010.04.11 15:28:14 | 008,264,162 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\aom10to109.zip
[2010.04.01 01:02:37 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.03.31 10:01:08 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.1.lnk
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.25 00:00:30 | 000,003,439 | ---- | M] () -- C:\Documents and Settings\FEARFUL\.recently-used.xbel
[2010.03.24 20:11:04 | 000,000,468 | ---- | M] () -- C:\WINDOWS\System32\TouchTabletUserDefaults.xml
[2010.03.24 20:11:04 | 000,000,468 | ---- | M] () -- C:\WINDOWS\System32\PenTabletUserDefaults.xml
[2010.03.24 18:37:01 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.03.24 18:36:48 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.03.24 15:08:00 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Inkscape.lnk
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.21 16:19:18 | 000,092,739 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Dokumenty\24563_414380367068_208735512068_5828709_1827084_n.jpg
[2010.04.20 21:21:56 | 1673,986,047 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Plocha\rzr-sim3.iso
[2010.04.20 20:30:05 | 000,080,103 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Dokumenty\mh4pzn.jpg
[2010.04.20 19:04:50 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.20 17:03:56 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Plocha\CCleaner.lnk
[2010.04.19 19:56:34 | 000,023,584 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Dokumenty\bookmarks.html
[2010.04.19 17:13:54 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2010.04.19 17:13:54 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2010.04.19 17:09:50 | 370,409,471 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Dokumenty\Kopie - W7_ULTIMATE_7600.16385.090713-1255_x86_x64_CZ_EN_SK_Activated.iso
[2010.04.15 11:50:52 | 000,403,881 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Plocha\_4_0d.pdf
[2010.04.14 16:27:45 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.04.13 18:06:58 | 734,457,166 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Ulovit miliardare.avi
[2010.04.11 15:58:19 | 008,276,752 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\aom10to110.exe
[2010.04.11 15:58:19 | 002,175,368 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\AgeOfMythologyv1.10FixedexeEng.rar
[2010.04.11 15:21:00 | 008,264,162 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\aom10to109.zip
[2010.03.31 10:01:08 | 000,001,487 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ICQ7.1.lnk
[2010.03.28 15:24:01 | 370,409,471 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Dokumenty\W7_ULTIMATE_7600.16385.090713-1255_x86_x64_CZ_EN_SK_Activated.iso
[2010.03.25 00:00:30 | 000,003,439 | ---- | C] () -- C:\Documents and Settings\FEARFUL\.recently-used.xbel
[2010.03.24 20:11:20 | 001,595,175 | ---- | C] () -- C:\WINDOWS\System32\PenTablet.znc
[2010.03.24 20:02:41 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\TouchTabletUserDefaults.xml
[2010.03.24 20:02:41 | 000,000,468 | ---- | C] () -- C:\WINDOWS\System32\PenTabletUserDefaults.xml
[2010.03.24 18:37:01 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.03.24 18:36:48 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.03.24 15:08:00 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Inkscape.lnk
[2010.01.16 12:46:32 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.01.09 15:23:50 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.01.09 15:23:49 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.01.09 13:09:52 | 000,000,309 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.08.20 14:52:13 | 000,611,288 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.08.11 14:21:30 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.08.11 14:21:23 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Data aplikací\PnkBstrK.sys
[2009.07.27 03:02:35 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\FEARFUL\dxva_sig.txt
[2009.07.24 16:38:54 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009.07.18 01:16:16 | 003,156,992 | -HS- | C] () -- C:\Documents and Settings\FEARFUL\DokumentyMqb77c_save2pc.exe
[2009.06.27 12:40:34 | 006,815,744 | ---- | C] () -- C:\Documents and Settings\FEARFUL\ntuser.dat
[2009.06.17 15:32:02 | 003,156,992 | -HS- | C] () -- C:\Documents and Settings\FEARFUL\DokumentyFuk3Uw_save2pc.exe
[2009.06.17 15:21:26 | 003,156,992 | -HS- | C] () -- C:\Documents and Settings\FEARFUL\DokumentyJjb0Iy_save2pc.exe
[2009.06.16 22:26:53 | 003,156,992 | -HS- | C] () -- C:\Documents and Settings\FEARFUL\DokumentyClW8Yu_save2pc.exe
[2009.06.16 22:16:34 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.06.13 11:32:49 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.06.13 11:29:18 | 000,000,016 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2009.05.24 11:19:04 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.05.24 11:19:04 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.05.23 16:28:05 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\FEARFUL\intlname.ols
[2009.05.14 14:09:52 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.02 17:09:14 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\FEARFUL\Local Settings\Data aplikací\fusioncache.dat
[2009.05.02 12:00:04 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.04.24 13:13:24 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.04.23 18:19:11 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009.04.23 18:19:10 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009.04.23 18:19:10 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009.04.23 17:56:57 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.04.23 15:16:51 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.04.21 17:56:50 | 000,000,183 | ---- | C] () -- C:\Documents and Settings\FEARFUL\default.pls
[2009.04.21 17:53:36 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.21 15:57:26 | 000,000,244 | ---- | C] () -- C:\WINDOWS\red_dialer.ini
[2009.04.21 15:14:42 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\FEARFUL\ntuser.ini
[2009.04.21 15:14:41 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\FEARFUL\ntuser.dat.LOG
[2009.01.15 08:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.15 08:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.15 08:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.15 08:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.28 17:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009.11.17 01:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.01.16 13:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Age of Empires 3
[2009.04.23 17:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.04.23 15:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.04.21 16:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.06.29 10:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Fallout3
[2010.03.31 10:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.04.23 15:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.04.21 18:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.04.17 01:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.19 15:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania United
[2009.11.17 01:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\ACD Systems
[2010.01.09 15:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\AnvSoft
[2009.06.16 22:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Any Video Converter
[2009.05.03 13:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Blender Foundation
[2009.04.23 17:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\DAEMON Tools
[2009.04.23 18:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\DAEMON Tools Lite
[2009.04.23 17:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\DAEMON Tools Pro
[2009.06.07 22:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Datalayer
[2010.02.22 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Dev-Cpp
[2010.02.08 09:52:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\FDBTemp
[2009.09.24 17:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\GHISLER
[2010.02.08 17:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\gtk-2.0
[2010.04.20 21:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\ICQ
[2010.01.25 18:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Indigo Renderer
[2010.03.24 15:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\inkscape
[2010.02.04 21:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\My Battle for Middle-earth Files
[2010.01.03 19:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\My Battle for Middle-earth(tm) II Files
[2009.04.23 15:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Nokia
[2009.04.23 15:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\PC Suite
[2010.04.21 18:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Spyware Terminator
[2009.08.01 11:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\The Creative Assembly
[2010.04.20 16:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\uTorrent
[2010.03.24 20:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\WTouch

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.06.01 10:21:08 | 000,153,136 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.12.29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd)
"AlcoholAutomount" = "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount -- [2009.04.24 05:16:34 | 000,203,928 | ---- | M] (Alcohol Soft Development Team)
"SpywareTerminatorUpdate" = "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" -- [2010.03.24 18:36:49 | 003,037,696 | ---- | M] (Crawler.com)
"ICQ" = "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4 -- [2010.03.31 09:57:30 | 000,133,368 | ---- | M] (ICQ, LLC.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[8 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.11.17 01:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\ACD Systems
[2010.01.23 08:23:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Adobe
[2009.04.23 19:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Ahead
[2010.01.09 15:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\AnvSoft
[2009.06.16 22:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Any Video Converter
[2009.05.03 13:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Blender Foundation
[2009.04.23 17:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\DAEMON Tools
[2009.04.23 18:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\DAEMON Tools Lite
[2009.04.23 17:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\DAEMON Tools Pro
[2009.06.07 22:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Datalayer
[2010.02.22 15:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Dev-Cpp
[2010.02.08 09:52:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\FDBTemp
[2009.09.24 17:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\GHISLER
[2009.09.09 14:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Google
[2010.02.08 17:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\gtk-2.0
[2010.02.05 17:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Hamachi
[2010.04.20 21:33:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\ICQ
[2009.04.21 15:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Identities
[2010.01.25 18:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Indigo Renderer
[2010.03.24 15:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\inkscape
[2009.04.21 15:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\InstallShield
[2009.04.21 17:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Macromedia
[2010.04.20 19:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Malwarebytes
[2010.01.09 15:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Media Player Classic
[2010.02.14 14:10:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Microsoft
[2009.04.21 17:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Mozilla
[2010.02.04 21:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\My Battle for Middle-earth Files
[2010.01.03 19:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\My Battle for Middle-earth(tm) II Files
[2009.04.23 15:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Nokia
[2009.04.23 15:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\PC Suite
[2009.08.23 16:22:28 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\SecuROM
[2010.04.21 18:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Spyware Terminator
[2009.05.27 16:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Sun
[2009.10.14 19:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\teamspeak2
[2009.08.01 11:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\The Creative Assembly
[2010.04.20 16:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\uTorrent
[2009.04.24 15:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\Ventrilo
[2009.04.22 15:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\WinRAR
[2010.04.21 13:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\WTablet
[2010.03.24 20:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FEARFUL\Data aplikací\WTouch

< %APPDATA%\*.exe /s >
[2009.05.02 12:05:18 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\FEARFUL\Data aplikací\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe
[2010.02.08 09:51:47 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\FEARFUL\Data aplikací\Microsoft\Installer\{6815FCDD-401D-481E-BA88-31B4754C2B46}\ARPPRODUCTICON.exe
[2009.08.01 18:40:32 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\FEARFUL\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.07.12 11:14:30 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.04.21 17:02:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.21 17:02:46 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.21 17:02:46 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:FB1B13D8
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:40FCD9A0
< End of report >

Extras.txt

OTL Extras logfile created on: 21.4.2010 18:21:42 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Documents and Settings\FEARFUL\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 225,55 Gb Free Space | 48,43% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FEARFUL-DBB43B4
Current User Name: FEARFUL
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-436374069-1801674531-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 3.Manage] -- "C:\Program Files\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"6112:TCP" = 6112:TCP:*:Enabled:Blizzard Downloader
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Hry\World of Warcraft\Launcher.exe" = C:\Hry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- File not found
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\FEARFUL\Plocha\Stronghold\Stronghold Crusader.exe" = C:\Documents and Settings\FEARFUL\Plocha\Stronghold\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- ( )
"C:\Documents and Settings\FEARFUL\Plocha\aoe2\age2_x1.exe" = C:\Documents and Settings\FEARFUL\Plocha\aoe2\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- File not found
"C:\Hry\Diablo II\Diablo II.exe" = C:\Hry\Diablo II\Diablo II.exe:*:Enabled:Diablo II - Lord of Destruction -- (Blizzard North)
"C:\Hry\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe" = C:\Hry\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable -- (Gas Powered Games)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Hry\Wolfenstein - Enemy Territory\ET.exe" = C:\Hry\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- ()
"C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold_TL.exe" = C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold_TL.exe:*:Enabled:Europa1400Gold_TL -- ()
"C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold.exe" = C:\Hry\Encore\Europa 1400 - Gold Edition\Europa1400Gold.exe:*:Enabled:Europa1400Gold -- ()
"C:\Hry\UT2004\System\UT2004.exe" = C:\Hry\UT2004\System\UT2004.exe:*:Enabled:UT2004 -- ()
"C:\Hry\1C\RC Cars\RCCARS.EXE" = C:\Hry\1C\RC Cars\RCCARS.EXE:*:Enabled:RCCars executable -- (Computer Graphics Studio CREAT)
"C:\Documents and Settings\FEARFUL\Plocha\Port Royale\PortRoyale.exe" = C:\Documents and Settings\FEARFUL\Plocha\Port Royale\PortRoyale.exe:*:Enabled:Port Royale -- (Ascaron Entertainment GmbH)
"C:\Hry\World of Warcraft\BackgroundDownloader.exe" = C:\Hry\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Hry\Warcraft III\Warcraft III.exe" = C:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe" = C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War -- (The Creative Assembly Ltd)
"C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Hry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = C:\Hry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client -- File not found
"C:\Hry\CGN\Re-Volt\REVOLT.EXE" = C:\Hry\CGN\Re-Volt\REVOLT.EXE:*:Enabled:REVOLT -- ()
"C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = C:\Hry\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\Hry\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Hry\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Hry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = C:\Hry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"C:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- File not found
"C:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = C:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Hry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = C:\Hry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Hry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = C:\Hry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Hry\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat" = C:\Hry\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II -- (Electronic Arts Inc.)
"C:\Hry\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE" = C:\Hry\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem -- (Team 17 Ltd)
"C:\Hry\Codemasters\DiRT\DiRT.exe" = C:\Hry\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable -- (Codemasters)
"C:\Hry\Ubisoft\Techland\Call of Juarez\coj.exe" = C:\Hry\Ubisoft\Techland\Call of Juarez\coj.exe:*:Enabled:The Call of Juarez -- File not found
"C:\Hry\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe" = C:\Hry\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Hry\TrackMania United\TmUnited.exe" = C:\Hry\TrackMania United\TmUnited.exe:*:Enabled:TmUnited -- ()
"C:\Hry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Hry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\LuxRender\luxconsole.exe" = C:\Program Files\LuxRender\luxconsole.exe:*:Enabled:LuxRender Slave -- ()
"C:\Hry\Microsoft Games\Age of Empires III\age3x.exe" = C:\Hry\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs -- (Ensemble Studios)
"C:\Hry\EA GAMES\The Battle for Middle-earth (tm)\game.dat" = C:\Hry\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm) -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aomx.exe" = C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion -- (Ensemble Studios)
"C:\Documents and Settings\FEARFUL\Plocha\Need for Speed Most Wanted\speed.exe" = C:\Documents and Settings\FEARFUL\Plocha\Need for Speed Most Wanted\speed.exe:*:Enabled:speed -- ()
"C:\Hry\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe" = C:\Hry\World of Warcraft\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aom.exe" = C:\Documents and Settings\FEARFUL\Plocha\Age of Mythology\aom.exe:*:Enabled:Age of Mythology -- (Ensemble Studios)
"C:\Documents and Settings\FEARFUL\Local Settings\Apps\2.0\T3N1ZNG9.VWC\PD9V5ZB8.0B0\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe" = C:\Documents and Settings\FEARFUL\Local Settings\Apps\2.0\T3N1ZNG9.VWC\PD9V5ZB8.0B0\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}" = Nokia N73 highlights
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{04DD2EE7-31BB-4186-9A30-447283BC26F8}" = HyperShot
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3d9ac095-e115-4e94-bdef-7f7edf17697d}" = Python 2.6.3
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}" = Worms 4 Mayhem
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{59359B3D-ABE7-46BF-AB55-43B67A64DC68}" = Nokia MTP driver
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66EBD70F-A42C-475F-AEDF-277378151029}" = Nero 7 Essentials
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77A1C7DD-E4F6-4057-92FC-710219215987}" = Logitech G11 Keyboard Software 1.03
"{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}" = Nokia themes for your device
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7F8EEE16-9240-4B20-8357-13CE74D1858C}" = RC Cars
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9DFF6811-C498-45E4-94C8-A0B98FCBEC32}" = ESET NOD32 Antivirus
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C289183E-1DD8-42FA-8DFE-94F61ED1CFA3}_is1" = LuxRender 0.6.1 x86 SSE2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{de2f2d9c-53e2-40ee-8209-74da63cb060e}" = Python 3.0.1
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{EE565795-2776-415A-B31C-EB3A8D7C6FA4}" = Nokia Lifeblog 2.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
"7-Zip" = 7-Zip 4.65
"Active GIF Creator 2.23" = Active GIF Creator 2.23
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.1
"Any Video Converter_is1" = Any Video Converter 2.7.4
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"Blendigo" = Blendigo
"Bobot Version 04.01" = Bobot Version 04.01
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Diablo II" = Diablo II
"DivXCodec" = DivX 4.11 Codec
"DungeonSiege2" = Dungeon Siege 2
"Easy Wireless Net" = Easy Wireless Net V1.18
"EAX Unified" = EAX Unified
"Europa 1400 - Gold Edition" = Europa 1400 - Gold Edition
"ffdshow_is1" = ffdshow [rev 3178] [2010-01-03]
"FlashGet" = FlashGet 1.9.0.1012
"GameParkClient_is1" = GamePark
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Photo & Imaging" = HP Image Zone 4.2
"ICQToolbar" = ICQ Toolbar
"Inkscape" = Inkscape 0.47
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micro DVD Player" = Micro DVD Player
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo
"PunkBusterSvc" = PunkBuster Services
"Re-Volt_is1" = Re-Volt - www.classic-gaming.net
"save2pc Light_is1" = save2pc Light 3.51
"slovesa 1.0.0.0_is1" = slovesa version 1.0.0.0
"Spyware Terminator_is1" = Spyware Terminator
"Steam App 10500" = Empire: Total War
"TmUnited_is1" = TrackMania United 0.2.0.0
"TorrentMan Toolbar" = TorrentMan Toolbar
"Totalcmd" = Total Commander (Remove or Repair)
"UT2004" = Unreal Tournament 2004
"VentriloMIX" = VentriloMIX
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"YafaRay MinGW32 Build" = YafaRay MinGW32 Build

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-436374069-1801674531-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19.4.2010 15:53:26 | Computer Name = FEARFUL-DBB43B4 | Source = Google Update | ID = 20
Description =

Error - 20.4.2010 11:14:18 | Computer Name = FEARFUL-DBB43B4 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 20.4.2010 11:14:42 | Computer Name = FEARFUL-DBB43B4 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 20.4.2010 11:15:07 | Computer Name = FEARFUL-DBB43B4 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 20.4.2010 11:16:18 | Computer Name = FEARFUL-DBB43B4 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 20.4.2010 11:16:29 | Computer Name = FEARFUL-DBB43B4 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 20.4.2010 11:16:33 | Computer Name = FEARFUL-DBB43B4 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 20.4.2010 11:16:36 | Computer Name = FEARFUL-DBB43B4 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 20.4.2010 11:17:17 | Computer Name = FEARFUL-DBB43B4 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 20.4.2010 11:17:26 | Computer Name = FEARFUL-DBB43B4 | Source = MSSecurityEssentials | ID = 5000
Description =

[ System Events ]
Error - 20.4.2010 15:30:14 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 20.4.2010 15:30:14 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 20.4.2010 15:30:14 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 20.4.2010 15:30:14 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 20.4.2010 15:31:45 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 20.4.2010 15:31:45 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 20.4.2010 15:31:45 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 20.4.2010 15:31:45 | Computer Name = FEARFUL-DBB43B4 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 20.4.2010 15:33:00 | Computer Name = FEARFUL-DBB43B4 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba brány aplikačního rozhraní.

Error - 20.4.2010 15:33:00 | Computer Name = FEARFUL-DBB43B4 | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1053


< End of report >


omlouvám se že je to takhle rozkouskovaně ale nepovolilo mi to forum kvůli počtu znaků

Spusťte OTL a do spodního okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Provedeno:

log:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\*\ deleted successfully.
Invalid CLSID key: *
Registry key HKEY_USERS\S-1-5-21-436374069-1801674531-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\*\ deleted successfully.
Invalid CLSID key: *
C:\WINDOWS\002692_.tmp deleted successfully.
C:\WINDOWS\DUMP2e53.tmp deleted successfully.
C:\WINDOWS\DUMP5062.tmp deleted successfully.
C:\WINDOWS\DUMP6b5c.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:FB1B13D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:40FCD9A0 deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: FEARFUL
->Temp folder emptied: 1506061 bytes
->Temporary Internet Files folder emptied: 12396851 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 71565769 bytes
->Google Chrome cache emptied: 151388094 bytes
->Flash cache emptied: 613 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33664 bytes

User: NetworkService
->Temp folder emptied: 3480 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9170 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 226,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: FEARFUL
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.1.3 log created on 04212010_184752

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

• Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
• Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
• Log vložte sem.

Provedeno:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 4012

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

21.4.2010 19:45:20
mbam-log-2010-04-21 (19-45-20).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 274835
Uplynulý čas: 47 minuta(y), 19 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

Provedeno:

ComboFix 10-04-21.01 - FEARFUL 21.04.2010 20:19:15.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.3206 [GMT 2:00]
Spuštěný z: c:\documents and settings\FEARFUL\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-21 do 2010-04-21 )))))))))))))))))))))))))))))))
.

2010-04-21 16:47 . 2010-04-21 16:47 -------- d-----w- C:\_OTL
2010-04-21 15:57 . 2010-04-21 16:05 -------- d-----w- c:\program files\trend micro
2010-04-21 15:57 . 2010-04-21 15:57 -------- d-----w- C:\rsit
2010-04-20 19:49 . 2010-04-20 19:58 -------- d-----w- c:\program files\Crawler
2010-04-20 17:04 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-20 17:04 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-20 17:04 . 2010-04-20 17:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-20 15:03 . 2010-04-20 15:03 -------- d-----w- c:\program files\CCleaner
2010-03-31 08:00 . 2010-03-31 08:00 -------- d-----w- c:\program files\ICQ6Toolbar
2010-03-31 07:57 . 2010-03-31 08:01 -------- d-----w- c:\program files\ICQ7.1
2010-03-24 18:11 . 2009-11-23 23:53 245032 ------w- c:\windows\system32\Touch_Tablet.dll
2010-03-24 18:11 . 2010-03-24 18:11 -------- d-----w- c:\program files\WTouch
2010-03-24 18:11 . 2010-03-24 18:11 -------- d-----w- c:\program files\TabletPlugins
2010-03-24 18:03 . 2007-02-16 18:12 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2010-03-24 18:03 . 2009-05-20 18:54 13736 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2010-03-24 18:02 . 2010-03-24 18:11 -------- d-----w- c:\windows\system32\WTablet
2010-03-24 18:02 . 2009-11-23 23:53 416040 ----a-w- c:\windows\system32\Pen_Tablet.dll
2010-03-24 18:02 . 2009-11-23 20:16 284160 ------w- c:\windows\system32\Wintab32.dll
2010-03-24 18:02 . 2009-11-23 23:53 4497704 ----a-w- c:\windows\system32\Pen_Tablet.exe
2010-03-24 18:02 . 2010-03-24 18:11 -------- d-----w- c:\program files\Tablet
2010-03-24 16:36 . 2010-03-24 16:36 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-03-24 16:36 . 2010-04-21 16:01 -------- d-----w- c:\program files\Spyware Terminator
2010-03-24 13:04 . 2010-03-24 13:08 -------- d-----w- c:\program files\Inkscape

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-21 16:47 . 2001-10-25 12:00 502954 ----a-w- c:\windows\system32\perfh005.dat
2010-04-21 16:47 . 2001-10-25 12:00 107350 ----a-w- c:\windows\system32\perfc005.dat
2010-04-20 15:28 . 2009-04-25 09:54 -------- d-----w- c:\program files\BitLord
2010-04-14 14:27 . 2009-09-09 12:01 -------- d-----w- c:\program files\Google
2010-04-12 20:35 . 2009-08-25 23:31 -------- d-----w- c:\program files\FlashGet
2010-04-02 21:27 . 2009-11-16 21:34 -------- d-----w- c:\program files\blender-2.49b-windows
2010-03-31 08:00 . 2009-04-21 13:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-25 14:18 . 2009-11-03 20:26 -------- d-----w- c:\program files\ghgfhgfh
2010-03-11 11:41 . 2009-05-15 15:49 132153 ----a-w- c:\windows\War3Unin.dat
2010-02-25 19:18 . 2010-02-25 19:18 -------- d-----w- c:\program files\Zoner
2010-02-25 19:17 . 2009-04-21 15:16 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-25 16:56 . 2010-02-25 16:56 -------- d-----w- c:\program files\Active GIF Creator 2.23
2010-02-22 12:10 . 2010-02-22 11:50 -------- d-----w- c:\program files\cygwin
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-01-14 2166296]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2010-01-14 20:52 2166296 ----a-w- c:\program files\TorrentMan\tbTor0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-01-14 2166296]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-01-14 2166296]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-24 3037696]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" [2010-03-31 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-25 1953792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Rychl‚ spuçtŘnˇ aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Hry\\World of Warcraft\\Launcher.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Stronghold\\Stronghold Crusader.exe"=
"c:\\Hry\\Diablo II\\Diablo II.exe"=
"c:\\Hry\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Hry\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Hry\\Encore\\Europa 1400 - Gold Edition\\Europa1400Gold_TL.exe"=
"c:\\Hry\\Encore\\Europa 1400 - Gold Edition\\Europa1400Gold.exe"=
"c:\\Hry\\UT2004\\System\\UT2004.exe"=
"c:\\Hry\\1C\\RC Cars\\RCCARS.EXE"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Port Royale\\PortRoyale.exe"=
"c:\\Hry\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Hry\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\empire total war\\Empire.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"c:\\Hry\\CGN\\Re-Volt\\REVOLT.EXE"=
"c:\\Hry\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Hry\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Hry\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"c:\\Hry\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Hry\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Hry\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Hry\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"c:\\Hry\\Codemasters\\DiRT\\DiRT.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"c:\\Hry\\TrackMania United\\TmUnited.exe"=
"c:\\Hry\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\LuxRender\\luxconsole.exe"=
"c:\\Hry\\Microsoft Games\\Age of Empires III\\age3x.exe"=
"c:\\Hry\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Age of Mythology\\aomx.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Need for Speed Most Wanted\\speed.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Age of Mythology\\aom.exe"=
"c:\\Documents and Settings\\FEARFUL\\Local Settings\\Apps\\2.0\\T3N1ZNG9.VWC\\PD9V5ZB8.0B0\\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\\CurseClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Blizzard Downloader
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys [18.5.2007 21:53 64880]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys [18.5.2007 21:52 55160]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [24.3.2010 18:36 142592]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.10.2009 13:27 1074568]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [31.3.2010 10:00 246520]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [24.3.2010 20:02 4497704]
R2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [24.3.2010 20:11 113448]
R3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [21.4.2009 15:59 65408]
R3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [21.4.2009 15:52 64896]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.4.2009 17:56 721904]
S2 gupdate1ca314635ed9e0;Služba Google Update (gupdate1ca314635ed9e0);c:\program files\Google\Update\GoogleUpdate.exe [9.9.2009 14:06 133104]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-09 12:01]

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-09 12:06]

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-09 12:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Settings,ProxyOverride = *.local
IE: &Stáhnout &vše FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\FEARFUL\Data aplikací\Mozilla\Firefox\Profiles\f15exube.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q=
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\TabletPlugins\npwacom.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-CTFMON - (no file)



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-436374069-1801674531-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:0c,a7,e1,14,96,00,b3,dc,5a,7b,09,a1,58,51,84,54,e5,05,53,d9,98,
2b,f4,97,6b,79,9e,da,00,9d,f0,58,03,ca,bf,05,3e,e2,18,b4,5a,dd,fd,4a,10,4a,\
"rkeysecu"=hex:fe,0a,22,57,ae,71,bf,41,ed,02,63,94,76,1a,43,bf
.
Celkový čas: 2010-04-21 20:24:05
ComboFix-quarantined-files.txt 2010-04-21 18:24

Před spuštěním: Volných bajtů: 242 509 524 992
Po spuštění: Volných bajtů: 242 475 212 800

- - End Of File - - 703178C5B1FE939F0A6E8E9B36665E75

Pokud nemáte, přesuňte Combofix na plochu

• Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

• Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
• Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
  
  
• Po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Provedeno, problém se startem nebyl.

ComboFix 10-04-21.01 - FEARFUL 21.04.2010 21:15:23.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.3053 [GMT 2:00]
Spuštěný z: c:\documents and settings\FEARFUL\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\FEARFUL\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ghgfhgfh
c:\program files\ghgfhgfh\bhjh\andie_valentino.wmv
c:\program files\ghgfhgfh\bhjh\angel_dark_2.wmv
c:\program files\ghgfhgfh\bhjh\bree_olson_5.wmv
c:\program files\ghgfhgfh\bhjh\high.wmv
c:\program files\ghgfhgfh\bhjh\krystal_steal_3.wmv
c:\program files\ghgfhgfh\bhjh\low.wmv
c:\program files\ghgfhgfh\bhjh\rychlyprachy19-01.wmv
c:\program files\ghgfhgfh\bhjh\rychlyprachy22-01.wmv
c:\program files\ghgfhgfh\bhjh\rychlyprachy4-01.wmv
c:\program files\ghgfhgfh\bhjh\Thumbs.db
c:\program files\ghgfhgfh\fotky skola\[Originals]\P1291506.jpg
c:\program files\ghgfhgfh\fotky skola\[Originals]\P1291506.jpg.xmp
c:\program files\ghgfhgfh\fotky skola\[Originals]\PA230471.JPG
c:\program files\ghgfhgfh\fotky skola\[Originals]\PA230471.JPG.xmp
c:\program files\ghgfhgfh\fotky skola\06042010150.jpg
c:\program files\ghgfhgfh\fotky skola\13341_103170706368626_100000270916565_83524_1955755_n.jpg
c:\program files\ghgfhgfh\fotky skola\2.JPG
c:\program files\ghgfhgfh\fotky skola\4537_1008714958226_1835535025_14809_3976772_n.jpg
c:\program files\ghgfhgfh\fotky skola\jana I.bmp
c:\program files\ghgfhgfh\fotky skola\P1291506.jpg
c:\program files\ghgfhgfh\fotky skola\PA230471.JPG
c:\program files\ghgfhgfh\fotky skola\PA230520.JPG
c:\program files\ghgfhgfh\fotky skola\PA230522.JPG
c:\program files\ghgfhgfh\fotky skola\Snímek 057.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 058.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 059.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 060.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 061.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 062.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 063.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 064.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 065.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 066.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 067.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 068.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 069.jpg
c:\program files\ghgfhgfh\fotky skola\Snímek 070.jpg
c:\program files\ghgfhgfh\fotky skola\Thumbs.db
c:\program files\ghgfhgfh\fotky\PA230463.JPG
c:\program files\ghgfhgfh\fotky\PA230464.JPG
c:\program files\ghgfhgfh\fotky\PA230465.JPG
c:\program files\ghgfhgfh\fotky\PA230466.JPG
c:\program files\ghgfhgfh\fotky\PA230467.JPG
c:\program files\ghgfhgfh\fotky\PA230468.JPG
c:\program files\ghgfhgfh\fotky\PA230469.JPG
c:\program files\ghgfhgfh\fotky\PA230470.JPG
c:\program files\ghgfhgfh\fotky\PA230471.JPG
c:\program files\ghgfhgfh\fotky\PA230472.JPG
c:\program files\ghgfhgfh\fotky\PA230473.JPG
c:\program files\ghgfhgfh\fotky\PA230474.JPG
c:\program files\ghgfhgfh\fotky\PA230475.JPG
c:\program files\ghgfhgfh\fotky\PA230476.JPG
c:\program files\ghgfhgfh\fotky\PA230477.JPG
c:\program files\ghgfhgfh\fotky\PA230478.JPG
c:\program files\ghgfhgfh\fotky\PA230479.JPG
c:\program files\ghgfhgfh\fotky\PA230480.JPG
c:\program files\ghgfhgfh\fotky\PA230481.JPG
c:\program files\ghgfhgfh\fotky\PA230482.JPG
c:\program files\ghgfhgfh\fotky\PA230483.JPG
c:\program files\ghgfhgfh\fotky\PA230484.JPG
c:\program files\ghgfhgfh\fotky\PA230485.JPG
c:\program files\ghgfhgfh\fotky\PA230486.JPG
c:\program files\ghgfhgfh\fotky\PA230487.JPG
c:\program files\ghgfhgfh\fotky\PA230488.JPG
c:\program files\ghgfhgfh\fotky\PA230489.JPG
c:\program files\ghgfhgfh\fotky\PA230490.JPG
c:\program files\ghgfhgfh\fotky\PA230491.JPG
c:\program files\ghgfhgfh\fotky\PA230492.JPG
c:\program files\ghgfhgfh\fotky\PA230493.JPG
c:\program files\ghgfhgfh\fotky\PA230494.JPG
c:\program files\ghgfhgfh\fotky\PA230495.JPG
c:\program files\ghgfhgfh\fotky\PA230496.JPG
c:\program files\ghgfhgfh\fotky\PA230497.JPG
c:\program files\ghgfhgfh\fotky\PA230498.JPG
c:\program files\ghgfhgfh\fotky\PA230499.JPG
c:\program files\ghgfhgfh\fotky\PA230500.JPG
c:\program files\ghgfhgfh\fotky\PA230501.JPG
c:\program files\ghgfhgfh\fotky\PA230502.JPG
c:\program files\ghgfhgfh\fotky\PA230503.JPG
c:\program files\ghgfhgfh\fotky\PA230504.JPG
c:\program files\ghgfhgfh\fotky\PA230505.JPG
c:\program files\ghgfhgfh\fotky\PA230506.JPG
c:\program files\ghgfhgfh\fotky\PA230507.JPG
c:\program files\ghgfhgfh\fotky\PA230508.JPG
c:\program files\ghgfhgfh\fotky\PA230509.JPG
c:\program files\ghgfhgfh\fotky\PA230510.JPG
c:\program files\ghgfhgfh\fotky\PA230511.JPG
c:\program files\ghgfhgfh\fotky\PA230512.JPG
c:\program files\ghgfhgfh\fotky\PA230513.JPG
c:\program files\ghgfhgfh\fotky\PA230514.JPG
c:\program files\ghgfhgfh\fotky\PA230515.JPG
c:\program files\ghgfhgfh\fotky\PA230516.JPG
c:\program files\ghgfhgfh\fotky\PA230517.JPG
c:\program files\ghgfhgfh\fotky\PA230518.JPG
c:\program files\ghgfhgfh\fotky\PA230519.JPG
c:\program files\ghgfhgfh\fotky\PA230520.JPG
c:\program files\ghgfhgfh\fotky\PA230521.JPG
c:\program files\ghgfhgfh\fotky\PA230522.JPG
c:\program files\ghgfhgfh\fotky\PA230523.JPG
c:\program files\ghgfhgfh\fotky\PA230524.JPG
c:\program files\ghgfhgfh\fotky\PA230525.JPG
c:\program files\ghgfhgfh\fotky\PA230526.JPG
c:\program files\ghgfhgfh\fotky\PA230527.JPG
c:\program files\ghgfhgfh\fotky\PA230528.JPG
c:\program files\ghgfhgfh\fotky\PA230529.JPG
c:\program files\ghgfhgfh\fotky\PA230530.JPG
c:\program files\ghgfhgfh\fotky\PA230531.JPG
c:\program files\ghgfhgfh\fotky\PA230532.JPG
c:\program files\ghgfhgfh\fotky\PA230533.JPG
c:\program files\ghgfhgfh\fotky\PA230534.JPG
c:\program files\ghgfhgfh\fotky\PA230535.JPG
c:\program files\ghgfhgfh\fotky\PA230536.JPG
c:\program files\ghgfhgfh\fotky\PA230537.JPG
c:\program files\ghgfhgfh\fotky\PA230538.JPG
c:\program files\ghgfhgfh\fotky\PA230539.JPG
c:\program files\ghgfhgfh\fotky\PA230540.JPG
c:\program files\ghgfhgfh\fotky\PA230541.JPG
c:\program files\ghgfhgfh\fotky\PA230542.JPG
c:\program files\ghgfhgfh\fotky\PA230543.JPG
c:\program files\ghgfhgfh\fotky\PA230544.JPG
c:\program files\ghgfhgfh\fotky\PA230545.JPG
c:\program files\ghgfhgfh\fotky\PA230547.JPG
c:\program files\ghgfhgfh\fotky\PA230548.JPG
c:\program files\ghgfhgfh\fotky\PA230549.JPG
c:\program files\ghgfhgfh\fotky\PA230550.JPG
c:\program files\ghgfhgfh\fotky\PA230551.JPG
c:\program files\ghgfhgfh\fotky\PA230552.JPG
c:\program files\ghgfhgfh\fotky\PA230553.JPG
c:\program files\ghgfhgfh\fotky\PA230554.JPG
c:\program files\ghgfhgfh\fotky\PA230556.JPG
c:\program files\ghgfhgfh\fotky\PA230557.JPG
c:\program files\ghgfhgfh\fotky\PA230558.JPG
c:\program files\ghgfhgfh\fotky\PA230560.JPG
c:\program files\ghgfhgfh\fotky\PA230561.JPG
c:\program files\ghgfhgfh\fotky\PA230562.JPG
c:\program files\ghgfhgfh\fotky\PA230563.JPG
c:\program files\ghgfhgfh\fotky\PA230564.JPG
c:\program files\ghgfhgfh\fotky\Thumbs.db
c:\program files\ghgfhgfh\fotky_sraz\sraz 001.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 002.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 003-uprava.JPG
c:\program files\ghgfhgfh\fotky_sraz\sraz 003.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 004-uprava.JPG
c:\program files\ghgfhgfh\fotky_sraz\sraz 004.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 005-uprava.JPG
c:\program files\ghgfhgfh\fotky_sraz\sraz 005.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 006-uprava.JPG
c:\program files\ghgfhgfh\fotky_sraz\sraz 006.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 007-uprava.JPG
c:\program files\ghgfhgfh\fotky_sraz\sraz 007.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 008.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 009.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 010.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 011.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 012.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 013.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 014.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 015.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 016.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 017.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 018.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 019.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 020.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 021.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 022.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 023.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 024.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 025.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 026.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 027.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 028.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 029.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 030.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 031.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 032.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 033.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 034.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 035.jpg
c:\program files\ghgfhgfh\fotky_sraz\sraz 036.jpg
c:\program files\ghgfhgfh\fotky_sraz\Thumbs.db
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 001.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 002.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 003.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 004.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 005.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 006.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 007.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 008.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 009.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 010.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 011.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 012.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 013.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 014.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 015.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 016.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 017.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 018.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 019.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 020.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 021.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 022.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 023.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 024.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 025.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 026.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 027.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 028.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 030.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 031.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 032.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 033.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 034.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 036.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 037.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 038.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 039.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 040.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 041.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 042.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 043.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 046.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 047.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 048.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 049.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 050.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 051.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 052.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 053.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 054.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 055.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 056.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 057.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 058.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 059.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 060.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 061.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 062.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 063.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 064.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 065.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 066.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 067.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 068.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 069.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 070.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 071.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 072.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 075.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 076.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 077.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 078.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 079.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 080.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 081.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 082.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 083.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 084.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 085.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 087.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 088.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 089.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 090.jpg
c:\program files\ghgfhgfh\stuzkovani\stužkování 09 092.jpg
c:\program files\ghgfhgfh\stuzkovani\Thumbs.db
c:\program files\ghgfhgfh\večírek\P1050433.JPG
c:\program files\ghgfhgfh\večírek\P1050434.JPG
c:\program files\ghgfhgfh\večírek\P1050435.JPG
c:\program files\ghgfhgfh\večírek\P1050436.JPG
c:\program files\ghgfhgfh\večírek\P1050437.JPG
c:\program files\ghgfhgfh\večírek\P1050438.JPG
c:\program files\ghgfhgfh\večírek\P1050439.JPG
c:\program files\ghgfhgfh\večírek\P1050440.JPG
c:\program files\ghgfhgfh\večírek\P1050441.JPG
c:\program files\ghgfhgfh\večírek\P1050442.JPG
c:\program files\ghgfhgfh\večírek\P1050443.JPG
c:\program files\ghgfhgfh\večírek\P1050445.JPG
c:\program files\ghgfhgfh\večírek\P1050446.JPG
c:\program files\ghgfhgfh\večírek\P1050447.JPG
c:\program files\ghgfhgfh\večírek\P1050448.JPG
c:\program files\ghgfhgfh\večírek\P1050449.JPG
c:\program files\ghgfhgfh\večírek\P1050450.JPG
c:\program files\ghgfhgfh\večírek\P1050451.JPG
c:\program files\ghgfhgfh\večírek\P1050452.JPG
c:\program files\ghgfhgfh\večírek\P1050453.JPG
c:\program files\ghgfhgfh\večírek\P1050454.JPG
c:\program files\ghgfhgfh\večírek\P1050455.JPG
c:\program files\ghgfhgfh\večírek\P1050456.JPG
c:\program files\ghgfhgfh\večírek\P1050457.JPG
c:\program files\ghgfhgfh\večírek\P1050458.JPG
c:\program files\ghgfhgfh\večírek\P1050459.JPG
c:\program files\ghgfhgfh\večírek\P1050460.JPG
c:\program files\ghgfhgfh\večírek\P1050461.JPG
c:\program files\ghgfhgfh\večírek\P1050462.JPG
c:\program files\ghgfhgfh\večírek\P1050463.JPG
c:\program files\ghgfhgfh\večírek\P1050464.JPG
c:\program files\ghgfhgfh\večírek\P1050465.JPG
c:\program files\ghgfhgfh\večírek\P1050466.JPG
c:\program files\ghgfhgfh\večírek\P1050467.JPG
c:\program files\ghgfhgfh\večírek\P1050468.JPG
c:\program files\ghgfhgfh\večírek\P1050469.JPG
c:\program files\ghgfhgfh\večírek\P1050470.JPG
c:\program files\ghgfhgfh\večírek\P1050471.JPG
c:\program files\ghgfhgfh\večírek\P1050472.JPG
c:\program files\ghgfhgfh\večírek\P1050473.JPG
c:\program files\ghgfhgfh\večírek\P1050474.JPG
c:\program files\ghgfhgfh\večírek\P1050475.JPG
c:\program files\ghgfhgfh\večírek\P1050476.JPG
c:\program files\ghgfhgfh\večírek\P1050477.JPG
c:\program files\ghgfhgfh\večírek\P1050478.JPG
c:\program files\ghgfhgfh\večírek\P1050479.JPG
c:\program files\ghgfhgfh\večírek\P1050480.JPG
c:\program files\ghgfhgfh\večírek\P1050481.JPG
c:\program files\ghgfhgfh\večírek\P1050482.JPG
c:\program files\ghgfhgfh\večírek\P1050483.JPG
c:\program files\ghgfhgfh\večírek\P1050484.JPG
c:\program files\ghgfhgfh\večírek\P1050486.JPG
c:\program files\ghgfhgfh\večírek\P1050487.JPG
c:\program files\ghgfhgfh\večírek\P1050488.JPG
c:\program files\ghgfhgfh\večírek\P1050489.JPG
c:\program files\ghgfhgfh\večírek\P1050490.JPG
c:\program files\ghgfhgfh\večírek\P1050491.JPG
c:\program files\ghgfhgfh\večírek\P1050492.JPG
c:\program files\ghgfhgfh\večírek\P1050493.JPG
c:\program files\ghgfhgfh\večírek\P1050494.JPG
c:\program files\ghgfhgfh\večírek\P1050495.JPG
c:\program files\ghgfhgfh\večírek\P1050496.JPG
c:\program files\ghgfhgfh\večírek\P1050497.JPG
c:\program files\ghgfhgfh\večírek\P1050498.JPG
c:\program files\ghgfhgfh\večírek\P1050499.JPG
c:\program files\ghgfhgfh\večírek\P1050500.JPG
c:\program files\ghgfhgfh\večírek\P1050501.JPG
c:\program files\ghgfhgfh\večírek\P1050502.JPG
c:\program files\ghgfhgfh\večírek\P1050503.JPG
c:\program files\ghgfhgfh\večírek\P1050504.JPG
c:\program files\ghgfhgfh\večírek\P1050505.JPG
c:\program files\ghgfhgfh\večírek\P1050506.JPG
c:\program files\ghgfhgfh\večírek\P1050507.JPG
c:\program files\ghgfhgfh\večírek\P1050508.JPG
c:\program files\ghgfhgfh\večírek\P1050509.JPG
c:\program files\ghgfhgfh\večírek\P1050511.JPG
c:\program files\ghgfhgfh\večírek\P1050512.JPG
c:\program files\ghgfhgfh\večírek\P1050513.JPG
c:\program files\ghgfhgfh\večírek\P1050514.JPG
c:\program files\ghgfhgfh\večírek\P1050515.JPG
c:\program files\ghgfhgfh\večírek\P1050516.JPG
c:\program files\ghgfhgfh\večírek\P1050517.JPG
c:\program files\ghgfhgfh\večírek\P1050518.JPG
c:\program files\ghgfhgfh\večírek\P1050519.JPG
c:\program files\ghgfhgfh\večírek\P1050520.JPG
c:\program files\ghgfhgfh\večírek\P1050521.JPG
c:\program files\ghgfhgfh\večírek\P1050522.JPG
c:\program files\ghgfhgfh\večírek\P1050523.JPG
c:\program files\ghgfhgfh\večírek\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-21 do 2010-04-21 )))))))))))))))))))))))))))))))
.

2010-04-21 18:26 . 2010-04-21 19:00 -------- d-----w- c:\windows\LastGood
2010-04-21 16:47 . 2010-04-21 16:47 -------- d-----w- C:\_OTL
2010-04-21 15:57 . 2010-04-21 16:05 -------- d-----w- c:\program files\trend micro
2010-04-21 15:57 . 2010-04-21 15:57 -------- d-----w- C:\rsit
2010-04-20 19:49 . 2010-04-20 19:58 -------- d-----w- c:\program files\Crawler
2010-04-20 17:04 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-20 17:04 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-20 17:04 . 2010-04-20 17:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-20 15:03 . 2010-04-20 15:03 -------- d-----w- c:\program files\CCleaner
2010-03-31 08:00 . 2010-03-31 08:00 -------- d-----w- c:\program files\ICQ6Toolbar
2010-03-31 07:57 . 2010-03-31 08:01 -------- d-----w- c:\program files\ICQ7.1
2010-03-24 18:11 . 2009-11-23 23:53 245032 ------w- c:\windows\system32\Touch_Tablet.dll
2010-03-24 18:11 . 2010-03-24 18:11 -------- d-----w- c:\program files\WTouch
2010-03-24 18:11 . 2010-03-24 18:11 -------- d-----w- c:\program files\TabletPlugins
2010-03-24 18:03 . 2007-02-16 18:12 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2010-03-24 18:03 . 2009-05-20 18:54 13736 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2010-03-24 18:02 . 2010-03-24 18:11 -------- d-----w- c:\windows\system32\WTablet
2010-03-24 18:02 . 2009-11-23 23:53 416040 ----a-w- c:\windows\system32\Pen_Tablet.dll
2010-03-24 18:02 . 2009-11-23 20:16 284160 ------w- c:\windows\system32\Wintab32.dll
2010-03-24 18:02 . 2009-11-23 23:53 4497704 ----a-w- c:\windows\system32\Pen_Tablet.exe
2010-03-24 18:02 . 2010-03-24 18:11 -------- d-----w- c:\program files\Tablet
2010-03-24 16:36 . 2010-03-24 16:36 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-03-24 16:36 . 2010-04-21 18:26 -------- d-----w- c:\program files\Spyware Terminator
2010-03-24 13:04 . 2010-03-24 13:08 -------- d-----w- c:\program files\Inkscape

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-21 16:47 . 2001-10-25 12:00 502954 ----a-w- c:\windows\system32\perfh005.dat
2010-04-21 16:47 . 2001-10-25 12:00 107350 ----a-w- c:\windows\system32\perfc005.dat
2010-04-20 15:28 . 2009-04-25 09:54 -------- d-----w- c:\program files\BitLord
2010-04-14 14:27 . 2009-09-09 12:01 -------- d-----w- c:\program files\Google
2010-04-12 20:35 . 2009-08-25 23:31 -------- d-----w- c:\program files\FlashGet
2010-04-02 21:27 . 2009-11-16 21:34 -------- d-----w- c:\program files\blender-2.49b-windows
2010-03-31 08:00 . 2009-04-21 13:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-11 11:41 . 2009-05-15 15:49 132153 ----a-w- c:\windows\War3Unin.dat
2010-02-25 19:18 . 2010-02-25 19:18 -------- d-----w- c:\program files\Zoner
2010-02-25 19:17 . 2009-04-21 15:16 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-25 16:56 . 2010-02-25 16:56 -------- d-----w- c:\program files\Active GIF Creator 2.23
2010-02-22 12:10 . 2010-02-22 11:50 -------- d-----w- c:\program files\cygwin
.

((((((((((((((((((((((((((((( SnapShot@2010-04-21_18.23.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-21 19:00 . 2010-03-09 08:13 95872 c:\windows\LastGood\system32\DRIVERS\epfwtdir.sys
+ 2010-04-21 19:00 . 2010-03-09 08:13 114984 c:\windows\LastGood\system32\DRIVERS\ehdrv.sys
+ 2010-04-21 19:00 . 2010-03-09 08:11 139192 c:\windows\LastGood\system32\DRIVERS\eamon.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-01-14 2166296]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2010-01-14 20:52 2166296 ----a-w- c:\program files\TorrentMan\tbTor0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-01-14 2166296]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-01-14 2166296]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-24 3037696]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" [2010-03-31 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-25 1953792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Rychl‚ spuçtŘnˇ aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Hry\\World of Warcraft\\Launcher.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Stronghold\\Stronghold Crusader.exe"=
"c:\\Hry\\Diablo II\\Diablo II.exe"=
"c:\\Hry\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Hry\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Hry\\Encore\\Europa 1400 - Gold Edition\\Europa1400Gold_TL.exe"=
"c:\\Hry\\Encore\\Europa 1400 - Gold Edition\\Europa1400Gold.exe"=
"c:\\Hry\\UT2004\\System\\UT2004.exe"=
"c:\\Hry\\1C\\RC Cars\\RCCARS.EXE"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Port Royale\\PortRoyale.exe"=
"c:\\Hry\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Hry\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\empire total war\\Empire.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"c:\\Hry\\CGN\\Re-Volt\\REVOLT.EXE"=
"c:\\Hry\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Hry\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Hry\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"c:\\Hry\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Hry\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Hry\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Hry\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"c:\\Hry\\Codemasters\\DiRT\\DiRT.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"c:\\Hry\\TrackMania United\\TmUnited.exe"=
"c:\\Hry\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\LuxRender\\luxconsole.exe"=
"c:\\Hry\\Microsoft Games\\Age of Empires III\\age3x.exe"=
"c:\\Hry\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Age of Mythology\\aomx.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Need for Speed Most Wanted\\speed.exe"=
"c:\\Hry\\World of Warcraft\\WoW-3.3.2.11403-to-3.3.3.11685-enGB-downloader.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Documents and Settings\\FEARFUL\\Plocha\\Age of Mythology\\aom.exe"=
"c:\\Documents and Settings\\FEARFUL\\Local Settings\\Apps\\2.0\\T3N1ZNG9.VWC\\PD9V5ZB8.0B0\\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\\CurseClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Blizzard Downloader
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);c:\windows\system32\drivers\pe3ah4nc.sys [18.5.2007 21:53 64880]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);c:\windows\system32\drivers\ps6ah4nc.sys [18.5.2007 21:52 55160]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [24.3.2010 18:36 142592]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.10.2009 13:27 1074568]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [31.3.2010 10:00 246520]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [24.3.2010 20:02 4497704]
R2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [24.3.2010 20:11 113448]
R3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [21.4.2009 15:59 65408]
R3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [21.4.2009 15:52 64896]
R4 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys --> c:\windows\system32\DRIVERS\ehdrv.sys [?]
R4 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.4.2009 17:56 721904]
S2 gupdate1ca314635ed9e0;Služba Google Update (gupdate1ca314635ed9e0);c:\program files\Google\Update\GoogleUpdate.exe [9.9.2009 14:06 133104]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);c:\windows\system32\pr2ah4nc.exe svc --> c:\windows\system32\pr2ah4nc.exe svc [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-09 12:01]

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-09 12:06]

2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-09 12:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Settings,ProxyOverride = *.local
IE: &Stáhnout &vše FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: {5B55FCC5-ED07-441D-8ECF-73C106CCEA40} = 160.218.10.200 160.218.43.200
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\FEARFUL\Data aplikací\Mozilla\Firefox\Profiles\f15exube.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q=
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\TabletPlugins\npwacom.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-21 21:17
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-436374069-1801674531-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:0c,a7,e1,14,96,00,b3,dc,5a,7b,09,a1,58,51,84,54,e5,05,53,d9,98,
2b,f4,97,6b,79,9e,da,00,9d,f0,58,03,ca,bf,05,3e,e2,18,b4,5a,dd,fd,4a,10,4a,\
"rkeysecu"=hex:fe,0a,22,57,ae,71,bf,41,ed,02,63,94,76,1a,43,bf
.
Celkový čas: 2010-04-21 21:18:37
ComboFix-quarantined-files.txt 2010-04-21 19:18

ComboFix2.txt 2010-04-21 18:24

Před spuštěním: Volných bajtů: 242 273 034 240
Po spuštění: Volných bajtů: 242 239 492 096

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - CADE65BF0C561A303210EE20FEE1B67F

Složku c:\program files\ghgfhgfh znáte Chcete ji obnovit