VIRY.CZ

dobrej mam problem s virama a nevim jak je odstranit kdyz dam v HiJackThis fix checked tak se nic nezmeni tady je log :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:29:43, on 1.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\COMODO\EasyVPN\crdphService.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\COMODO\EasyVPN\Vpnservice.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\explorer.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\WINDOWS\system32\RunDll32.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
D:\Program Files\Steam\Steam.exe
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
D:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\hry\Diablo II\Game.exe
D:\Program Files\mIRC\mirc.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe
D:\DOCUME~1\ondra\LOCALS~1\Temp\T8SoB.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd
O4 - HKLM\..\Run: [HKLM] D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe
O4 - HKLM\..\Run: [L07WGZr36fRQtwyzUcj] D:\DOCUME~1\ondra\LOCALS~1\Temp\T8SoB.exe
O4 - HKLM\..\Run: [3i0xcLrEpJlGBlzL4rqM3AO] D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Comodo EasyVPN] "D:\Program Files\COMODO\EasyVPN\EasyVPN.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [HKCU] D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe
O4 - HKCU\..\Run: [7EfxRIQSMJOUgwF3QES4ujzx1] D:\DOCUME~1\ondra\LOCALS~1\Temp\T8SoB.exe
O4 - HKCU\..\Run: [rVSL8Klen6Kveo4] D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFA7F045-795D-48A2-AA35-770727246063}: NameServer = 85.255.112.126
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - D:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - D:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8097 bytes

Zdravím

Příště dávejte log z RSIT.


Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

OTL logfile created on: 1.7.2010 16:07:05 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Documents and Settings\ondra\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 343,00 Mb Available Physical Memory | 34,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 39,06 Gb Total Space | 0,70 Gb Free Space | 1,78% Space Free | Partition Type: NTFS
Drive D: | 109,99 Gb Total Space | 0,99 Gb Free Space | 0,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 494,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JELEN
Current User Name: ondra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.01 16:05:22 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\ondra\Plocha\OTL.exe
PRC - [2010.06.17 11:28:53 | 001,238,352 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2010.05.30 09:31:50 | 000,892,928 | RHS- | M] (PSY7cWk) -- D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe
PRC - [2010.05.09 14:30:16 | 000,483,395 | RHS- | M] (QoSxssp) -- D:\Documents and Settings\ondra\Local Settings\Temp\5a9v7.exe
PRC - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010.03.25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2009.11.11 11:57:36 | 001,451,520 | ---- | M] (Nokia) -- D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.27 10:15:44 | 000,132,608 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- D:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.08.11 19:47:02 | 000,491,768 | ---- | M] (COMODO) -- D:\Program Files\COMODO\EasyVPN\crdphService.exe
PRC - [2009.08.11 19:46:24 | 000,045,304 | ---- | M] () -- D:\Program Files\COMODO\EasyVPN\Vpnservice.exe
PRC - [2009.07.03 16:49:06 | 001,029,456 | ---- | M] (Lavasoft) -- D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- D:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009.02.05 22:08:45 | 000,081,000 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.02.05 22:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.01.15 18:42:46 | 007,430,144 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.01.15 18:42:44 | 007,434,240 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008.10.17 10:39:50 | 002,810,880 | ---- | M] (mIRC Co. Ltd.) -- D:\Program Files\mIRC\mirc.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2001.06.26 20:44:14 | 000,424,067 | ---- | M] (Blizzard North) -- D:\hry\Diablo II\Game.exe


========== Modules (SafeList) ==========

MOD - [2010.07.01 16:05:22 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\ondra\Plocha\OTL.exe
MOD - [2009.02.05 22:07:43 | 000,139,264 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.03 14:45:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- D:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.08.11 19:47:02 | 000,491,768 | ---- | M] (COMODO) [Auto | Running] -- D:\Program Files\COMODO\EasyVPN\crdphService.exe -- (CrdphService)
SRV - [2009.08.11 19:46:24 | 000,045,304 | ---- | M] () [Auto | Running] -- D:\Program Files\COMODO\EasyVPN\Vpnservice.exe -- (EasyVpnAdpt)
SRV - [2009.07.03 16:49:06 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.02.05 22:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)


========== Driver Services (SafeList) ==========

DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.11.16 12:31:49 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.08.04 06:34:57 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.07.03 16:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009.02.05 22:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.02.05 22:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.02.05 22:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.02.05 22:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.02.05 22:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.02.05 22:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.12.10 11:08:54 | 000,017,424 | ---- | M] (Comodo, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\cmdatp.sys -- (ATP)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.12 18:30:02 | 003,007,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.01.30 03:41:42 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2004.11.09 17:04:26 | 001,342,080 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\cmuda3.sys -- (cmuda3)
DRV - [2001.08.17 22:05:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\OVCD.sys -- (QCDonner)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1060284298-287218729-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-1060284298-287218729-1606980848-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1060284298-287218729-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3789
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.07 16:44:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.06.26 13:00:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.06.26 13:00:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009.07.31 20:28:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Mozilla\Extensions
[2010.06.30 17:00:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Mozilla\Firefox\Profiles\qtn4qc4n.default\extensions
[2010.03.01 13:29:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Documents and Settings\ondra\Data aplikací\Mozilla\Firefox\Profiles\qtn4qc4n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.03 23:42:03 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- D:\Documents and Settings\ondra\Data aplikací\Mozilla\Firefox\Profiles\qtn4qc4n.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009.08.04 06:38:15 | 000,002,399 | ---- | M] () -- D:\Documents and Settings\ondra\Data aplikací\Mozilla\Firefox\Profiles\qtn4qc4n.default\searchplugins\daemon-search.xml
[2010.06.30 17:00:42 | 000,000,955 | ---- | M] () -- D:\Documents and Settings\ondra\Data aplikací\Mozilla\Firefox\Profiles\qtn4qc4n.default\searchplugins\icqplugin.xml
[2010.06.30 16:50:42 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2009.07.31 20:30:05 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.11.11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- D:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009.07.15 20:42:42 | 000,000,638 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.07.15 20:42:42 | 000,001,687 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.07.15 20:42:42 | 000,001,367 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.07.15 20:42:42 | 000,000,654 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.07.15 20:42:42 | 000,001,179 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001.10.25 16:00:00 | 000,000,737 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O3 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [3i0xcLrEpJlGBlzL4rqM3AO] D:\Documents and Settings\ondra\Local Settings\Temp\5a9v7.exe (QoSxssp)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [HKLM] D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe (PSY7cWk)
O4 - HKLM..\Run: [L07WGZr36fRQtwyzUcj] D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe (PSY7cWk)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003..\Run: [7EfxRIQSMJOUgwF3QES4ujzx1] D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe (PSY7cWk)
O4 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003..\Run: [Comodo EasyVPN] D:\Program Files\COMODO\EasyVPN\EasyVPN.exe (COMODO)
O4 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003..\Run: [HKCU] D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe (PSY7cWk)
O4 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003..\Run: [PC Suite Tray] D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003..\Run: [rVSL8Klen6Kveo4] D:\Documents and Settings\ondra\Local Settings\Temp\5a9v7.exe (QoSxssp)
O4 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: D:\Documents and Settings\ondra\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = D:\DOCUME~1\ondra\LOCALS~1\Temp\T8SoB.exe (PSY7cWk)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1060284298-287218729-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe (QoSxssp)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\ondra\Data aplikací\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\ondra\Data aplikací\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.09.18 21:54:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.08.21 10:31:07 | 000,000,053 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009.08.21 10:31:07 | 000,000,053 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001.04.18 16:23:00 | 000,000,041 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{61e6dbd8-80b0-11de-ba81-00690009b26d}\Shell - "" = AutoRun
O33 - MountPoints2\{61e6dbd8-80b0-11de-ba81-00690009b26d}\Shell\AutoRun\command - "" = G:\SETUP.EXE -- [2001.04.30 18:33:00 | 000,032,768 | R--- | M] ()
O33 - MountPoints2\{7dda6af3-4cff-11de-b11b-00690009b26d}\Shell\AutoRun\command - "" = cv8j.exe
O33 - MountPoints2\{7dda6af3-4cff-11de-b11b-00690009b26d}\Shell\open\Command - "" = cv8j.exe
O33 - MountPoints2\{c9c842de-0a33-11dd-b276-806d6172696f}\Shell\AutoRun\command - "" = lcw.exe
O33 - MountPoints2\{c9c842de-0a33-11dd-b276-806d6172696f}\Shell\open\Command - "" = lcw.exe
O33 - MountPoints2\{c9c842df-0a33-11dd-b276-806d6172696f}\Shell\AutoRun\command - "" = lcw.exe
O33 - MountPoints2\{c9c842df-0a33-11dd-b276-806d6172696f}\Shell\open\Command - "" = lcw.exe
O33 - MountPoints2\C\Shell\AutoRun\command - "" = lcw.exe
O33 - MountPoints2\C\Shell\open\Command - "" = lcw.exe
O33 - MountPoints2\D\Shell\AutoRun\command - "" = lcw.exe
O33 - MountPoints2\D\Shell\open\Command - "" = lcw.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - D:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - D:\WINDOWS\system32\ias [2009.07.31 18:22:23 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - D:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - D:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - D:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - D:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - D:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - D:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - D:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - D:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - D:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - D:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - D:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.VP60 - D:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - D:\WINDOWS\system32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (32664708049797120)

========== Files/Folders - Created Within 30 Days ==========

[2010.07.01 16:05:16 | 000,574,464 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\ondra\Plocha\OTL.exe
[2010.06.29 20:59:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Plocha\gp4
[2010.06.29 20:59:05 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Plocha\fotky
[2010.06.29 20:58:46 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Plocha\Tomas_Klus
[2010.06.29 20:58:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Plocha\Guitar Pro 5
[2010.06.29 10:28:26 | 000,000,000 | ---D | C] -- D:\Program Files\mIRC
[2010.06.24 17:31:24 | 003,516,965 | ---- | C] (Max Prasak) -- D:\Documents and Settings\ondra\Plocha\D2instcz.exe
[2010.06.24 17:28:22 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- D:\WINDOWS\DIIUnin.exe
[2010.06.24 12:38:35 | 000,000,000 | ---D | C] -- D:\Program Files\Diablo II
[2010.06.24 11:39:52 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Plocha\Rehoc Leader Roster
[2010.06.23 14:01:01 | 000,000,000 | ---D | C] -- D:\Program Files\Guitar Pro 5
[2010.06.23 09:30:18 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Data aplikací\Turbine
[2010.06.23 09:26:29 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Plocha\Need For Speed Pro Street - Soundtrack
[2010.06.22 17:53:09 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Local Settings\Data aplikací\Turbine
[2010.06.22 16:46:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Local Settings\Data aplikací\ApplicationHistory
[2010.06.22 16:43:44 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\URTTEMP
[2010.06.22 14:04:22 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\ondra\Recent
[2010.06.19 10:49:16 | 000,000,000 | ---D | C] -- D:\Program Files\Trend Micro
[2010.06.18 13:11:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Dokumenty\Electronic Arts
[2010.06.18 13:02:45 | 000,447,752 | R--- | C] (On2.com) -- D:\WINDOWS\System32\vp6vfw.dll
[2010.06.18 13:02:44 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft WSE
[2010.06.17 11:27:08 | 000,000,000 | ---D | C] -- D:\Program Files\Steam
[2010.06.16 12:24:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Data aplikací\Trymedia
[2010.06.08 13:19:27 | 000,000,000 | -HSD | C] -- D:\Documents and Settings\ondra\IECompatCache
[2010.06.06 21:36:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Plocha\WowBgTweaker_v2.1
[2010.06.05 18:38:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\browserchoice.exe
[2010.06.04 22:42:43 | 001,342,080 | ---- | C] (C-Media Inc) -- D:\WINDOWS\System32\drivers\cmuda3.sys
[2010.06.04 22:42:43 | 000,036,864 | ---- | C] (C-Media) -- D:\WINDOWS\System32\CMUDA3.DLL
[2010.06.04 22:42:43 | 000,032,768 | ---- | C] (C-Media Corporation) -- D:\WINDOWS\System32\UDAPROP3.DLL
[2010.06.04 22:42:42 | 002,596,864 | ---- | C] (C-Media Corporation) -- D:\WINDOWS\System\CMICNFG3.CPL
[2010.06.04 22:42:42 | 000,917,504 | ---- | C] (C-Media Electronics Inc.) -- D:\WINDOWS\System\CMDS3D3.DLL
[2010.06.04 22:42:42 | 000,712,704 | ---- | C] (Sensaura Ltd) -- D:\WINDOWS\System32\AUDIO3D3.DLL
[2010.06.04 22:42:42 | 000,712,704 | ---- | C] (Sensaura Ltd) -- D:\WINDOWS\System32\dllcache\a3d.dll
[2010.06.04 22:42:42 | 000,712,704 | ---- | C] (Sensaura Ltd) -- D:\WINDOWS\System32\a3d.dll
[2010.06.04 22:42:42 | 000,000,000 | ---D | C] -- D:\Program Files\C-Media PCI Audio
[2010.06.04 22:22:13 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Data aplikací\GetRightToGo
[2010.06.04 22:12:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ondra\Dokumenty\Přijaté soubory
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.01 16:08:40 | 001,179,612 | -H-- | M] () -- D:\Documents and Settings\ondra\Data aplikací\cglogs.dat
[2010.07.01 16:05:22 | 000,574,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\ondra\Plocha\OTL.exe
[2010.07.01 15:29:05 | 000,002,441 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\HiJackThis.lnk
[2010.07.01 13:37:05 | 000,000,472 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.07.01 11:15:12 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010.07.01 11:13:56 | 000,000,430 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts.ics
[2010.07.01 11:13:14 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010.07.01 11:13:05 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010.07.01 11:12:57 | 1072,549,888 | -HS- | M] () -- D:\hiberfil.sys
[2010.06.30 17:10:04 | 006,029,312 | -H-- | M] () -- D:\Documents and Settings\ondra\NTUSER.DAT
[2010.06.30 17:10:04 | 000,000,178 | -HS- | M] () -- D:\Documents and Settings\ondra\ntuser.ini
[2010.06.30 17:09:35 | 002,107,604 | -H-- | M] () -- D:\Documents and Settings\ondra\Local Settings\Data aplikací\IconCache.db
[2010.06.30 12:26:48 | 260,814,907 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\CZ+CZ_titulky_by_Striker.rar
[2010.06.29 22:19:56 | 183,533,664 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E17-The_Front_Porch.rar
[2010.06.29 22:07:38 | 183,531,606 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E16-Sorry__Bro.rar
[2010.06.29 21:24:04 | 183,496,886 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E14-The_Possimpible.rar
[2010.06.29 21:12:20 | 183,531,619 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E13-Three_Days_of_Snow.rar
[2010.06.29 10:28:27 | 000,000,626 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\mIRC.lnk
[2010.06.27 16:10:36 | 000,178,176 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\zpevnik_tabor2010.doc
[2010.06.24 19:33:50 | 000,073,820 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\snow_hey_oh.gp3
[2010.06.24 19:31:27 | 000,060,304 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\dani_california_ver4.gp3
[2010.06.24 19:25:05 | 000,024,940 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Blue_Effect_-_Sluneční_hrob.gp5
[2010.06.24 19:04:16 | 000,037,407 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Divokej_Bill_-_Malování.gp3
[2010.06.24 18:44:28 | 000,011,295 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Nohavica, Jaromir - Kometa.gp5-by-www.get-the-tab.com.zip
[2010.06.24 18:44:00 | 000,021,242 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Nohavica, Jaromir - Kometa.gp5
[2010.06.24 17:33:46 | 000,028,761 | ---- | M] () -- D:\WINDOWS\DIIUnin.dat
[2010.06.24 17:32:31 | 000,001,452 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Diablo II - Lord of Destruction.lnk
[2010.06.24 17:31:32 | 003,516,965 | ---- | M] (Max Prasak) -- D:\Documents and Settings\ondra\Plocha\D2instcz.exe
[2010.06.24 17:28:25 | 000,001,452 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Diablo II.lnk
[2010.06.24 17:28:22 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- D:\WINDOWS\DIIUnin.exe
[2010.06.24 17:28:22 | 000,002,829 | ---- | M] () -- D:\WINDOWS\DIIUnin.pif
[2010.06.24 12:59:01 | 000,021,840 | ---- | M] () -- D:\WINDOWS\System32\SIntfNT.dll
[2010.06.24 12:59:00 | 000,017,212 | ---- | M] () -- D:\WINDOWS\System32\SIntf32.dll
[2010.06.24 12:59:00 | 000,012,067 | ---- | M] () -- D:\WINDOWS\System32\SIntf16.dll
[2010.06.24 12:56:46 | 011,759,475 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Diablo 2 Crack.rar
[2010.06.24 11:38:03 | 002,437,442 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\1277149710_sb_rehocleaderroster.rar
[2010.06.24 10:04:24 | 001,417,608 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.23 14:02:08 | 000,020,880 | ---- | M] () -- D:\Documents and Settings\ondra\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.23 14:01:23 | 000,000,619 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Guitar Pro 5.lnk
[2010.06.23 11:24:49 | 000,001,889 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\The Sims™ 3 Povolání snů.lnk
[2010.06.22 16:46:14 | 000,000,125 | ---- | M] () -- D:\Documents and Settings\ondra\Local Settings\Data aplikací\fusioncache.dat
[2010.06.22 16:45:47 | 001,021,366 | ---- | M] () -- D:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.22 16:45:47 | 000,440,684 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2010.06.22 16:45:47 | 000,437,056 | ---- | M] () -- D:\WINDOWS\System32\perfh005.dat
[2010.06.22 16:45:47 | 000,082,440 | ---- | M] () -- D:\WINDOWS\System32\perfc005.dat
[2010.06.22 16:45:47 | 000,071,002 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2010.06.22 16:43:12 | 000,001,638 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\The Lord of the Rings Online.lnk
[2010.06.22 15:03:12 | 000,053,760 | ---- | M] () -- D:\Documents and Settings\ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.19 11:02:50 | 000,530,701 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\RobertVarga_8-6-2009-21-06-54_Sims_3_Censor.rar
[2010.06.18 13:02:16 | 000,001,723 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\The Sims™ 3.lnk
[2010.06.17 15:59:58 | 182,298,881 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\04-13 - Three Days of Snow.rar
[2010.06.17 11:34:12 | 000,000,664 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Steam.lnk
[2010.06.17 11:26:33 | 001,588,224 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\SteamInstall.msi
[2010.06.07 11:51:59 | 000,089,829 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\NHL MATCH.JPG
[2010.06.06 21:36:18 | 004,147,105 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\WowBgTweaker_v2.1.rar
[2010.06.06 08:53:07 | 000,001,503 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Výběr prohlížeče.lnk
[2010.06.04 22:44:34 | 000,000,165 | ---- | M] () -- D:\WINDOWS\System\Cmicnfg3.ini
[2010.06.04 22:22:41 | 000,000,404 | ---- | M] () -- D:\Documents and Settings\All Users\Plocha\Resume Driver Detective.lnk
[2010.06.04 21:57:58 | 000,000,016 | ---- | M] () -- D:\WINDOWS\wininit.ini
[2010.06.04 21:38:50 | 000,001,324 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010.06.03 21:14:02 | 000,551,398 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\HIMYM titulky.rar
[2010.06.03 00:09:44 | 000,000,439 | ---- | M] () -- D:\Documents and Settings\ondra\Plocha\Zástupce - RelicCOH.lnk
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.30 12:25:06 | 260,814,907 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\CZ+CZ_titulky_by_Striker.rar
[2010.06.29 22:19:33 | 183,533,664 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E17-The_Front_Porch.rar
[2010.06.29 22:07:27 | 183,531,606 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E16-Sorry__Bro.rar
[2010.06.29 21:23:57 | 183,496,886 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E14-The_Possimpible.rar
[2010.06.29 21:11:49 | 183,531,619 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E13-Three_Days_of_Snow.rar
[2010.06.29 20:59:05 | 000,178,176 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\zpevnik_tabor2010.doc
[2010.06.29 10:28:27 | 000,000,626 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\mIRC.lnk
[2010.06.24 19:53:07 | 000,021,242 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Nohavica, Jaromir - Kometa.gp5
[2010.06.24 19:33:50 | 000,073,820 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\snow_hey_oh.gp3
[2010.06.24 19:31:27 | 000,060,304 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\dani_california_ver4.gp3
[2010.06.24 19:25:04 | 000,024,940 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Blue_Effect_-_Sluneční_hrob.gp5
[2010.06.24 19:04:15 | 000,037,407 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Divokej_Bill_-_Malování.gp3
[2010.06.24 18:44:27 | 000,011,295 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Nohavica, Jaromir - Kometa.gp5-by-www.get-the-tab.com.zip
[2010.06.24 17:32:31 | 000,001,452 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Diablo II - Lord of Destruction.lnk
[2010.06.24 17:28:25 | 000,028,761 | ---- | C] () -- D:\WINDOWS\DIIUnin.dat
[2010.06.24 17:28:25 | 000,001,452 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Diablo II.lnk
[2010.06.24 17:28:22 | 000,002,829 | ---- | C] () -- D:\WINDOWS\DIIUnin.pif
[2010.06.24 12:57:17 | 000,021,840 | ---- | C] () -- D:\WINDOWS\System32\SIntfNT.dll
[2010.06.24 12:57:16 | 000,017,212 | ---- | C] () -- D:\WINDOWS\System32\SIntf32.dll
[2010.06.24 12:57:16 | 000,012,067 | ---- | C] () -- D:\WINDOWS\System32\SIntf16.dll
[2010.06.24 12:56:36 | 011,759,475 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Diablo 2 Crack.rar
[2010.06.24 11:37:47 | 002,437,442 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\1277149710_sb_rehocleaderroster.rar
[2010.06.23 14:01:23 | 000,000,619 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Guitar Pro 5.lnk
[2010.06.23 11:24:41 | 000,001,889 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\The Sims™ 3 Povolání snů.lnk
[2010.06.22 16:46:14 | 000,000,125 | ---- | C] () -- D:\Documents and Settings\ondra\Local Settings\Data aplikací\fusioncache.dat
[2010.06.22 16:43:12 | 000,001,638 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\The Lord of the Rings Online.lnk
[2010.06.19 11:02:48 | 000,530,701 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\RobertVarga_8-6-2009-21-06-54_Sims_3_Censor.rar
[2010.06.19 10:49:17 | 000,002,441 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\HiJackThis.lnk
[2010.06.18 13:02:16 | 000,001,723 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\The Sims™ 3.lnk
[2010.06.17 15:59:45 | 182,298,881 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\04-13 - Three Days of Snow.rar
[2010.06.17 15:53:18 | 183,517,184 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\HIMYM-S04E12-Benefits.avi
[2010.06.17 11:27:11 | 000,000,664 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Steam.lnk
[2010.06.17 11:26:23 | 001,588,224 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\SteamInstall.msi
[2010.06.06 21:36:05 | 004,147,105 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\WowBgTweaker_v2.1.rar
[2010.06.06 08:53:07 | 000,001,503 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Výběr prohlížeče.lnk
[2010.06.04 22:44:34 | 000,000,165 | ---- | C] () -- D:\WINDOWS\System\Cmicnfg3.ini
[2010.06.04 22:43:10 | 000,028,672 | ---- | C] () -- D:\WINDOWS\CmiPCIUninstall.exe
[2010.06.04 22:42:43 | 000,233,472 | ---- | C] () -- D:\WINDOWS\System32\CMRMDRV3.exe
[2010.06.04 22:42:43 | 000,028,672 | ---- | C] () -- D:\WINDOWS\System32\CMRMDRV3.DLL
[2010.06.04 22:22:41 | 000,000,404 | ---- | C] () -- D:\Documents and Settings\All Users\Plocha\Resume Driver Detective.lnk
[2010.06.04 21:57:58 | 000,000,016 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2010.06.04 21:40:10 | 1072,549,888 | -HS- | C] () -- D:\hiberfil.sys
[2010.06.03 21:14:01 | 000,551,398 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\HIMYM titulky.rar
[2010.06.03 00:09:44 | 000,000,439 | ---- | C] () -- D:\Documents and Settings\ondra\Plocha\Zástupce - RelicCOH.lnk
[2010.04.26 20:28:53 | 000,000,262 | ---- | C] () -- D:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.08.13 16:07:09 | 000,139,456 | ---- | C] () -- D:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.08.04 06:34:57 | 000,721,904 | ---- | C] () -- D:\WINDOWS\System32\drivers\sptd.sys
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- D:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- D:\WINDOWS\System32\AgCPanelFrench.dll
[2008.04.14 08:51:46 | 000,755,200 | ---- | C] () -- D:\WINDOWS\System32\ir50_32.dll
[2008.04.14 08:51:46 | 000,338,432 | ---- | C] () -- D:\WINDOWS\System32\ir41_qcx.dll
[2008.04.14 08:51:46 | 000,200,192 | ---- | C] () -- D:\WINDOWS\System32\ir50_qc.dll
[2008.04.14 08:51:46 | 000,183,808 | ---- | C] () -- D:\WINDOWS\System32\ir50_qcx.dll
[2008.04.14 08:51:46 | 000,120,320 | ---- | C] () -- D:\WINDOWS\System32\ir41_qc.dll
[1999.08.12 00:00:00 | 001,708,032 | ---- | C] () -- D:\WINDOWS\System32\MSO97V.DLL
[1999.08.12 00:00:00 | 000,036,864 | ---- | C] () -- D:\WINDOWS\System32\DOCOBJ.DLL
[1999.08.12 00:00:00 | 000,032,768 | ---- | C] () -- D:\WINDOWS\System32\MSORFS.DLL
[1999.08.12 00:00:00 | 000,032,768 | ---- | C] () -- D:\WINDOWS\System32\HLINKPRX.DLL
[1997.06.13 23:56:08 | 000,056,832 | ---- | C] () -- D:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2009.08.04 06:38:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.08.07 10:23:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\ESET
[2009.07.31 20:30:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.01.07 16:27:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\Installations
[2010.01.19 20:16:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.08.07 11:11:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.11.09 12:16:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Data aplikací\TrackMania
[2009.08.20 13:36:47 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Data aplikací\{EF63305C-BAD7-4144-9208-D65528260864}
[2009.08.04 06:46:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\DAEMON Tools Lite
[2009.08.05 20:46:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\ESET
[2010.06.20 00:38:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Facebook
[2010.06.04 22:22:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\GetRightToGo
[2010.06.28 16:15:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\ICQ
[2009.08.02 13:26:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Nokia
[2009.08.13 17:10:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\OpenOffice.org
[2009.08.02 13:26:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\PC Suite
[2009.08.28 15:29:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\SPORE
[2010.03.12 20:11:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\TeamViewer
[2010.06.23 09:30:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Turbine
[2010.07.01 13:37:05 | 000,000,472 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = D:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
"Comodo EasyVPN" = "D:\Program Files\COMODO\EasyVPN\EasyVPN.exe" -- [2009.09.28 18:36:40 | 003,563,768 | ---- | M] (COMODO)
"PC Suite Tray" = "D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 11:57:36 | 001,451,520 | ---- | M] (Nokia)
"Steam" = "D:\Program Files\Steam\Steam.exe" -silent -- [2010.06.17 11:28:53 | 001,238,352 | ---- | M] (Valve Corporation)
"HKCU" = D:\DOCUME~1\ondra\LOCALS~1\Temp\T8SoB.exe -- [2010.05.30 09:31:50 | 000,892,928 | RHS- | M] (PSY7cWk)
"rVSL8Klen6Kveo4" = D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe -- [2010.05.09 14:30:16 | 000,483,395 | RHS- | M] (QoSxssp)
"7EfxRIQSMJOUgwF3QES4ujzx1" = D:\DOCUME~1\ondra\LOCALS~1\Temp\T8SoB.exe -- [2010.05.30 09:31:50 | 000,892,928 | RHS- | M] (PSY7cWk)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.03 16:59:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Adobe
[2009.07.31 20:00:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\ATI
[2009.12.28 14:08:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\COMODO
[2009.08.04 06:46:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\DAEMON Tools Lite
[2010.03.06 21:59:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\dvdcss
[2009.08.05 20:46:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\ESET
[2010.06.20 00:38:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Facebook
[2010.06.04 22:22:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\GetRightToGo
[2010.06.29 12:04:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Hamachi
[2010.06.28 16:15:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\ICQ
[2009.07.31 18:33:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Identities
[2009.07.31 20:41:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Macromedia
[2009.07.31 22:24:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Malwarebytes
[2010.06.22 17:53:06 | 000,000,000 | --SD | M] -- D:\Documents and Settings\ondra\Data aplikací\Microsoft
[2010.07.01 14:51:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\mIRC
[2009.07.31 20:28:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Mozilla
[2009.08.02 13:26:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Nokia
[2009.08.13 17:10:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\OpenOffice.org
[2009.08.02 13:26:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\PC Suite
[2010.06.20 15:52:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Skype
[2010.06.20 16:02:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\skypePM
[2009.08.28 15:29:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\SPORE
[2010.03.31 07:25:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Sun
[2010.06.01 13:08:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\teamspeak2
[2010.03.12 20:11:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\TeamViewer
[2010.06.23 09:30:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Turbine
[2010.03.05 15:47:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\Ventrilo
[2010.06.22 13:55:04 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\vlc
[2009.07.31 23:14:09 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ondra\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2010.05.16 20:59:42 | 000,050,354 | ---- | M] (Facebook, Inc.) -- D:\Documents and Settings\ondra\Data aplikací\Facebook\uninstall.exe
[2009.09.02 22:19:33 | 001,961,720 | ---- | M] (Adobe Systems Incorporated) -- D:\Documents and Settings\ondra\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.06.19 10:49:17 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- D:\Documents and Settings\ondra\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2010.06.18 13:02:45 | 000,010,134 | R--- | M] () -- D:\Documents and Settings\ondra\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- D:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- D:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- D:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- D:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- D:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- D:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- D:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- D:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- D:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- D:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- D:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- D:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- D:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- D:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- D:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- D:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- D:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- D:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- D:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- D:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- D:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- D:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.05.12 17:56:04 | 000,397,312 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- D:\WINDOWS\system32\ATIDEMGX.dll
[2009.03.08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtrans.dll
[2008.04.14 08:51:50 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\msvbvm60.dll
[4 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.08.04 06:34:57 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- D:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.07.31 20:06:37 | 000,094,208 | ---- | M] () -- D:\WINDOWS\system32\config\default.sav
[2009.07.31 20:06:36 | 001,093,632 | ---- | M] () -- D:\WINDOWS\system32\config\software.sav
[2009.07.31 20:06:36 | 000,507,904 | ---- | M] () -- D:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008.05.12 17:56:04 | 000,397,312 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- D:\WINDOWS\system32\ATIDEMGX.dll
[2009.03.08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\dxtrans.dll
[2008.04.14 08:51:50 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\msvbvm60.dll
[4 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.07.01 11:13:15 | 000,000,795 | ---- | M] () -- D:\WINDOWS\system32\VpnService.log
[2010.07.01 11:15:12 | 000,002,206 | ---- | M] () -- D:\WINDOWS\system32\wpa.dbl
[4 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
< End of report >

OTL Extras logfile created on: 1.7.2010 16:07:05 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = D:\Documents and Settings\ondra\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 343,00 Mb Available Physical Memory | 34,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 39,06 Gb Total Space | 0,70 Gb Free Space | 1,78% Space Free | Partition Type: NTFS
Drive D: | 109,99 Gb Total Space | 0,99 Gb Free Space | 0,90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 494,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JELEN
Current User Name: ondra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"13909:TCP" = 13909:TCP:*:Enabled:BitComet 13909 TCP
"13909:UDP" = 13909:UDP:*:Enabled:BitComet 13909 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\ICQ6.5\ICQ.exe" = D:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\hry\Left4Dead\hl2.exe" = C:\hry\Left4Dead\hl2.exe:*:Enabled:hl2 -- File not found
"D:\Documents and Settings\ondra\Local Settings\Temp\Rar$EX00.438\StrongDC.exe" = D:\Documents and Settings\ondra\Local Settings\Temp\Rar$EX00.438\StrongDC.exe:*:Enabled:StrongDC++ -- File not found
"D:\Documents and Settings\ondra\Plocha\StrongDC.exe" = D:\Documents and Settings\ondra\Plocha\StrongDC.exe:*:Enabled:StrongDC++ -- File not found
"F:\CSS\hl2.exe" = F:\CSS\hl2.exe:*:Enabled:hl2 -- File not found
"D:\Program Files\BitComet\BitComet.exe" = D:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
"C:\hry\World of Warcraft\Launcher.exe" = C:\hry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\hry\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe" = C:\hry\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe" = D:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Firewall GUI -- File not found
"D:\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = D:\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\hry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = C:\hry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\CSS\hl2.exe" = D:\CSS\hl2.exe:*:Enabled:hl2 -- ()
"D:\Program Files\Garena\Garena.exe" = D:\Program Files\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"D:\Program Files\Left4Dead\left4dead.exe" = D:\Program Files\Left4Dead\left4dead.exe:*:Enabled:left4dead -- ()
"C:\hry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = C:\hry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Documents and Settings\ondra\Plocha\Audiosurf\DC++\StrongDC.exe" = D:\Documents and Settings\ondra\Plocha\Audiosurf\DC++\StrongDC.exe:*:Enabled:StrongDC++ -- File not found
"D:\Documents and Settings\ondra\Plocha\DC++\StrongDC.exe" = D:\Documents and Settings\ondra\Plocha\DC++\StrongDC.exe:*:Enabled:StrongDC++ -- File not found
"C:\hry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = C:\hry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\hry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = C:\hry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\NHL\NHL 09\nhl2009.exe" = D:\NHL\NHL 09\nhl2009.exe:*:Enabled:nhl2009 -- File not found
"D:\hry\Warcraft III\Warcraft III.exe" = D:\hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found
"D:\Program Files\mIRC\mirc.exe" = D:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"D:\hry\Warcraft III\war3.exe" = D:\hry\Warcraft III\war3.exe:*:Enabled:Warcraft III -- File not found
"D:\hry\TmNationsForever\TmForever.exe" = D:\hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"D:\NHL 09-EVROPA\nhl2009.exe" = D:\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009 -- File not found
"D:\NHL 09\nhl2009.exe" = D:\NHL 09\nhl2009.exe:*:Enabled:nhl2009 -- ()
"C:\hry\World of Warcraft\WoW-3.2.0-enGB-downloader.exe" = C:\hry\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Documents and Settings\ondra\Plocha\WoW_FotLK_ESRB_EN_XVID_F-avi-downloader.exe" = D:\Documents and Settings\ondra\Plocha\WoW_FotLK_ESRB_EN_XVID_F-avi-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Program Files\COMODO\EasyVPN\EasyVPN.exe" = D:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN -- (COMODO)
"D:\hry\Wow 3.1.3\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = D:\hry\Wow 3.1.3\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\hry\Wow 3.1.3\Launcher.exe" = D:\hry\Wow 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"D:\hry\Wow 3.1.3\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = D:\hry\Wow 3.1.3\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\hry\Wow 3.1.3\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = D:\hry\Wow 3.1.3\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Program Files\Hamachi\hamachi.exe" = D:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client -- (LogMeIn Inc.)
"D:\Documents and Settings\ondra\Plocha\programy\DC++\StrongDC.exe" = D:\Documents and Settings\ondra\Plocha\programy\DC++\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"D:\hry\Warcraft III\Warcraft III\Warcraft III.exe" = D:\hry\Warcraft III\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"D:\Program Files\TeamViewer\Version5\TeamViewer.exe" = D:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"D:\Program Files\Ventrilo\Ventrilo.exe" = D:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"D:\WINDOWS\system32\dpvsetup.exe" = D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\hry\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe" = C:\hry\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"D:\WINDOWS\system32\dplaysvr.exe" = D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\CoH\RelicCOH.exe" = C:\CoH\RelicCOH.exe:*:Enabled:RelicCOH -- (THQ Canada Inc.)
"D:\hry\Wow 3.1.3\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = D:\hry\Wow 3.1.3\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{13F7A77E-8B11-75C0-6DA1-D7C201DD0B77}" = Catalyst Control Center Graphics Light
"{16622757-3724-4DA8-A5CC-3CE75636E8B9}" = COMODO EasyVPN
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26599B5C-19CC-2FF7-408A-3FE86E881CE0}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2F3140FA-11CC-FA89-5F25-924E36D1EAE8}" = ccc-utility
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B32B8D8-76D7-FB63-470E-67DFB7DEA0DA}" = Catalyst Control Center Graphics Full Existing
"{7ECCA66F-9809-239A-BAD1-12BAA6080D67}" = Catalyst Control Center Graphics Previews Common
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8A7F6127-CF84-476E-B2DE-F3CC912CBF6C}" = RuneScape
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{997AD8E5-DBD1-60E1-4D47-20991B45622F}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1" = Free MP3 Recorder 1.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B434CA41-53B0-D745-79FC-64AAAD7509B7}" = Skins
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DE922DA2-CB04-90DD-E230-AECEA81F381D}" = CCC Help English
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EEA77270-476A-2172-C3FC-DCAE572CF61B}" = Catalyst Control Center Core Implementation
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F68563C0-2CCD-4799-A014-017A370D627B}" = Sběratelská edice Heroes of Might and Magic V
"{FE67045B-AD41-C190-AFDC-009F28D3B195}" = ccc-core-preinstall
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = The Lord of the Rings Online™: Shadows of Angmar™ v07.12.30.70
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II - The Conquerors - 1.0e Patch FINAL_is1" = Age of Empires II - The Conquerors - 1.0e Patch FINAL
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"All2WAV Recorder_is1" = All2WAV Recorder 3.20
"ATI Display Driver" = ATI Display Driver
"Audiosurf_is1" = Audiosurf Beta
"avast!" = avast! Antivirus
"BitComet" = BitComet 1.13
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"CD Ripper a WAV - MP3 Encoder_is1" = CD Ripper a WAV - MP3 Encoder (14.04.2009)
"C-Media PCI Sound" = C-Media PCI Audio
"Diablo II" = Diablo II
"Fiddler2" = Fiddler2 (remove only)
"Fraps" = Fraps
"GameParkClient_is1" = GamePark
"Garena" = Garena
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Hamachi" = Hamachi 1.0.3.0
"ie8" = Windows Internet Explorer 8
"Karaoke Editor_is1" = Verze 1.12
"L4DSP" = Left 4 Dead Standalone Patch
"Left 4 Dead_is1" = Left 4 Dead v1.0.0.5
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"n2n Gui_is1" = n2n Gui 0.31
"Nokia PC Suite" = Nokia PC Suite
"PPTView97" = Microsoft PowerPoint Viewer 97
"PunkBusterSvc" = PunkBuster Services
"QIP Infium JadrisPack 2.5.0" = QIP Infium JadrisPack 2.5.0
"Re-Volt Demo" = Re-Volt Demo
"RocketDock_is1" = RocketDock 1.3.5
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 1.0.0
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Warcraft III" = Warcraft III

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 10.11.2009 9:17:11 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.facebook.com/home.php failed, 0000A413.

Error - 19.2.2010 4:14:45 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://dl.s7.uloz.to/Ps;Hs;fid=3299904; ... Chaos%20CZ
failed, 00000084.

Error - 18.5.2010 10:06:14 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\DOCUME~1\ondra\LOCALS~1\Temp\XxX.xXx failed, 00000005.

Error - 18.5.2010 16:02:57 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\DOCUME~1\ondra\LOCALS~1\Temp\XxX.xXx failed, 00000005.

Error - 22.5.2010 7:00:59 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of F:\karneval kochánky 27.3.2010\IMG_5787.JPG failed, 0000045D.

Error - 31.5.2010 9:14:10 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\DOCUME~1\ondra\LOCALS~1\Temp\XxX.xXx failed, 00000005.

Error - 1.6.2010 10:52:29 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\DOCUME~1\ondra\LOCALS~1\Temp\XxX.xXx failed, 00000005.

Error - 24.6.2010 16:34:52 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\DOCUME~1\ondra\LOCALS~1\Temp\XxX.xXx failed, 00000005.

Error - 25.6.2010 6:02:30 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\DOCUME~1\ondra\LOCALS~1\Temp\XxX.xXx failed, 00000005.

Error - 26.6.2010 7:53:59 | Computer Name = JELEN | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of D:\DOCUME~1\ondra\LOCALS~1\Temp\XxX.xXx failed, 00000005.

[ Application Events ]
Error - 20.4.2010 12:01:56 | Computer Name = JELEN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: A connection with the server could not be established

Error - 20.4.2010 12:02:05 | Computer Name = JELEN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 20.4.2010 12:02:05 | Computer Name = JELEN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 22.4.2010 9:48:53 | Computer Name = JELEN | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 22.4.2010 9:49:48 | Computer Name = JELEN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: 404 (Stav odpovědi HTTP)

Error - 22.4.2010 9:49:48 | Computer Name = JELEN | Source = crypt32 | ID = 131077
Description = Načtení automatické aktualizace kořenového certifikátu jiného výrobce
z: <http://www.download.windowsupdate.com/m ... 2A58FE.crt>
se nezdařilo. Chyba: 404 (Stav odpovědi HTTP)

Error - 22.4.2010 9:49:48 | Computer Name = JELEN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 25.4.2010 14:34:51 | Computer Name = JELEN | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 25.4.2010 14:45:06 | Computer Name = JELEN | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: 404 (Stav odpovědi HTTP)

Error - 25.4.2010 14:45:06 | Computer Name = JELEN | Source = crypt32 | ID = 131077
Description = Načtení automatické aktualizace kořenového certifikátu jiného výrobce
z: <http://www.download.windowsupdate.com/m ... 2A58FE.crt>
se nezdařilo. Chyba: 404 (Stav odpovědi HTTP)

[ System Events ]
Error - 26.6.2010 17:17:19 | Computer Name = JELEN | Source = NetBT | ID = 4307
Description = Inicializace se nezdařila, protože přenos odmítl otevřít počáteční
adresy.

Error - 26.6.2010 17:17:38 | Computer Name = JELEN | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 0023C33D48CC. Došlo k následující chybě: %%1223. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 26.6.2010 17:17:40 | Computer Name = JELEN | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 5.61.72.204,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 28.6.2010 4:21:17 | Computer Name = JELEN | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 5.61.72.204,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 28.6.2010 11:33:06 | Computer Name = JELEN | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 30.6.2010 5:49:55 | Computer Name = JELEN | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 5.61.72.204,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 30.6.2010 10:48:59 | Computer Name = JELEN | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 5.61.72.204 pro síťovou kartu se síťovou
adresou 0023053D48CC byla ukončena.

Error - 1.7.2010 5:13:56 | Computer Name = JELEN | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 5.61.72.204,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 1.7.2010 5:16:59 | Computer Name = JELEN | Source = ipnathlp | ID = 31008
Description = Agentu serveru proxy služby DNS se nepodařilo načíst místní seznam
serverů pro překlad adres IP z registru. Uvedený údaj je kód chyby.

Error - 1.7.2010 5:19:36 | Computer Name = JELEN | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.


< End of report >

Spusťte OTL a do spodního okna vložte následující skript. Klikněte na Opravit, PC se restartuje, log vložte sem.


Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

• Spusťte, poté klikněte na Deletion.
• Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Doporučuji odinstalovat Ad-Aware a Garenu


Doporučuji odinstalovat P2P klienty.

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.


Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

• Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
• Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

Přečtěte si SZ.

All processes killed
========== OTL ==========
Process T8SoB.exe killed successfully!
Process 5a9v7.exe killed successfully!
Registry value HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3i0xcLrEpJlGBlzL4rqM3AO deleted successfully.
D:\Documents and Settings\ondra\Local Settings\Temp\5a9v7.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CmPCIaudio deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM deleted successfully.
D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\L07WGZr36fRQtwyzUcj deleted successfully.
File D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe not found.
Registry value HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Run\\7EfxRIQSMJOUgwF3QES4ujzx1 deleted successfully.
File D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe not found.
Registry value HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully.
File D:\Documents and Settings\ondra\Local Settings\Temp\T8SoB.exe not found.
Registry value HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Run\\rVSL8Klen6Kveo4 deleted successfully.
File D:\Documents and Settings\ondra\Local Settings\Temp\5a9v7.exe (QoSx not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully.
File D:\DOCUME~1\ondra\LOCALS~1\Temp\T8SoB.exe not found.
Registry value HKEY_USERS\S-1-5-21-1060284298-287218729-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully.
File D:\DOCUME~1\ondra\LOCALS~1\Temp\5a9v7.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61e6dbd8-80b0-11de-ba81-00690009b26d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61e6dbd8-80b0-11de-ba81-00690009b26d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7dda6af3-4cff-11de-b11b-00690009b26d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7dda6af3-4cff-11de-b11b-00690009b26d}\ not found.
File cv8j.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7dda6af3-4cff-11de-b11b-00690009b26d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7dda6af3-4cff-11de-b11b-00690009b26d}\ not found.
File cv8j.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9c842de-0a33-11dd-b276-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9c842de-0a33-11dd-b276-806d6172696f}\ not found.
File lcw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9c842de-0a33-11dd-b276-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9c842de-0a33-11dd-b276-806d6172696f}\ not found.
File lcw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9c842df-0a33-11dd-b276-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9c842df-0a33-11dd-b276-806d6172696f}\ not found.
File lcw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9c842df-0a33-11dd-b276-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9c842df-0a33-11dd-b276-806d6172696f}\ not found.
File lcw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\ deleted successfully.
File lcw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\ not found.
File lcw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully.
File lcw.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found.
File lcw.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
D:\WINDOWS\System32\CONFIG.TMP deleted successfully.
D:\WINDOWS\System32\SET73.tmp deleted successfully.
D:\WINDOWS\System32\SET77.tmp deleted successfully.
D:\WINDOWS\System32\SET7F.tmp deleted successfully.
D:\WINDOWS\SET3.tmp deleted successfully.
D:\WINDOWS\SET4.tmp deleted successfully.
D:\WINDOWS\SET8.tmp deleted successfully.
D:\Documents and Settings\ondra\Data aplikací\cglogs.dat moved successfully.
D:\Documents and Settings\ondra\Plocha\Diablo 2 Crack.rar moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: ondra
->Temp folder emptied: 6159879 bytes
->Temporary Internet Files folder emptied: 3485288173 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 81097071 bytes
->Flash cache emptied: 1990553 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 180707 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 33193780 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3 441,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: ondra
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.7.0 log created on 07012010_180309

Files\Folders moved on Reboot...
File\Folder D:\Documents and Settings\ondra\Local Settings\Temp\~DF58E4.tmp not found!
File\Folder D:\Documents and Settings\ondra\Local Settings\Temp\~DF594E.tmp not found!
File\Folder D:\Documents and Settings\ondra\Local Settings\Temp\~DF5ACD.tmp not found!
File\Folder D:\Documents and Settings\ondra\Local Settings\Temp\~DF5AE8.tmp not found!
File\Folder D:\Documents and Settings\ondra\Local Settings\Temp\~DF5C71.tmp not found!
File\Folder D:\Documents and Settings\ondra\Local Settings\Temp\~DF5C96.tmp not found!
D:\Documents and Settings\ondra\Local Settings\Temporary Internet Files\Content.IE5\994THBLR\afr[1].htm moved successfully.
D:\Documents and Settings\ondra\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. D:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
D:\WINDOWS\temp\Perflib_Perfdata_30c.dat moved successfully.

Registry entries deleted on Reboot...

OK, ještě další kroky.

############################## | UsbFix 7.015 | [Deletion]

User: ondra (Administrator) # JELEN [ ]
Updated 01/07/10 by El Desaparecido / C_XX
Started at 18:17:58 | 01/07/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Sempron(tm) 2200+
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Disabled /!\
Antivirus: avast! antivirus 4.8.1335 [VPS 100406-1] 4.8.1335 [Enabled | (!) Outdated]
RAM -> 1023 Mb
C:\ -> Fixed drive # 39 Gb (713 Mb free - 2%) [O-Programy] # NTFS
D:\ (%systemdrive%) -> Fixed drive # 110 Gb (4 Mb free - 4%) [] # NTFS
E:\ -> CD-ROM
G:\ -> CD-ROM

################## | Files # Infected Folders |

Deleted ! D:\Documents and Settings\ondra\Data aplikací\logs.dat
Deleted ! D:\Documents and Settings\ondra\Data aplikací\SQLite3.dll
Deleted ! C:\Autorun.inf
Deleted ! D:\Autorun.inf
Deleted ! C:\resycled

################## | Registry |

Deleted ! HKLM\Software\Classes\CLSID\MADOWN
Deleted ! HKLM\SYSTEM\ControlSet001\Services\AVPsys
Deleted ! HKLM\SYSTEM\ControlSet002\Services\AVPsys

################## | Mountpoints2 |


################## | Listing |

[31/03/2010 - 07:27:48 | D ] C:\.jagex_cache_32
[01/07/2010 - 18:10:19 | A | 72796] C:\aaw7boot.log
[03/03/2010 - 14:42:10 | D ] C:\Adobe Photoshop CS3 CZ
[18/09/2007 - 21:54:59 | A | 0] C:\AUTOEXEC.BAT
[19/09/2007 - 14:21:20 | D ] C:\bb2
[18/09/2007 - 21:48:33 | ASH | 211] C:\BOOT.BKK
[16/06/2010 - 11:06:40 | RSH | 345] C:\boot.ini
[25/10/2001 - 16:00:00 | RASH | 4952] C:\Bootfont.bin
[02/06/2010 - 21:48:12 | D ] C:\CoH
[31/07/2009 - 09:23:51 | SHD ] C:\Config.Msi
[18/09/2007 - 21:54:59 | A | 0] C:\CONFIG.SYS
[03/03/2010 - 15:41:25 | D ] C:\CS3
[08/05/2010 - 09:08:06 | D ] C:\directory
[10/05/2010 - 23:10:02 | D ] C:\do mobilu
[08/08/2009 - 13:23:16 | D ] C:\Documents and Settings
[29/04/2010 - 20:56:43 | RD ] C:\Downloads
[10/05/2010 - 23:26:39 | A | 4009270] C:\Edward Maya feat. Vika Jigulina - Stereo Love.mp3
[29/06/2010 - 21:39:09 | A | 183513479] C:\HIMYM-S04E15-The_Stinsons.rar
[10/05/2010 - 23:25:23 | A | 6233651] C:\HP6 28 The Weasley Stomp.mp3
[23/06/2010 - 10:45:14 | D ] C:\hry
[18/09/2007 - 21:54:59 | RASH | 0] C:\IO.SYS
[18/09/2007 - 21:54:59 | RASH | 0] C:\MSDOS.SYS
[20/01/2010 - 23:55:42 | RHD ] C:\MSOCache
[13/04/2008 - 22:13:04 | RASH | 47564] C:\NTDETECT.COM
[14/04/2008 - 00:01:48 | RASH | 250576] C:\ntldr
[04/09/2009 - 14:33:12 | D ] C:\QIP Infium JadrisPack
[01/07/2010 - 18:23:12 | SHD ] C:\RECYCLER
[19/11/2009 - 19:27:17 | D ] C:\RP6
[02/06/2010 - 10:12:25 | A | 4971939840] C:\Sim3amb.iso
[01/07/2010 - 18:18:57 | SHD ] C:\System Volume Information
[08/08/2009 - 00:34:45 | D ] D:\!KillBox
[08/08/2009 - 13:05:41 | HD ] D:\a
[31/07/2009 - 19:54:50 | D ] D:\ATI
[22/06/2010 - 16:46:12 | SHD ] D:\Config.Msi
[12/08/2009 - 21:42:04 | D ] D:\CSS
[18/01/2010 - 19:02:30 | D ] D:\de935c7da5c6d503ec95e05f65a534
[04/08/2009 - 23:41:17 | D ] D:\Documents and Settings
[18/06/2010 - 12:50:00 | D ] D:\Downloads
[16/10/2009 - 20:03:52 | D ] D:\Fraps
[01/07/2010 - 18:10:21 | ASH | 1072549888] D:\hiberfil.sys
[24/06/2010 - 17:24:51 | D ] D:\hry
[26/12/2009 - 21:19:15 | RD ] D:\Mobil
[13/05/2010 - 17:16:55 | RD ] D:\MP3
[21/05/2010 - 22:34:05 | D ] D:\NHL 09
[01/07/2010 - 18:10:19 | ASH | 1610612736] D:\pagefile.sys
[29/06/2010 - 10:28:26 | RD ] D:\Program Files
[10/11/2008 - 01:01:32 | A | 649] D:\Q9HMF-F4PRH-9V66F-GC473-27DM3.txt
[01/07/2010 - 18:23:12 | SHD ] D:\RECYCLER
[18/05/2010 - 15:20:40 | D ] D:\ReHoc MS10 roster
[21/02/2009 - 16:05:24 | A | 141084] D:\Skola.rar
[01/07/2010 - 18:08:47 | SHD ] D:\System Volume Information
[01/07/2010 - 18:23:12 | D ] D:\UsbFix
[01/07/2010 - 18:23:19 | A | 2745] D:\UsbFix.txt
[01/07/2010 - 18:03:15 | D ] D:\WINDOWS
[01/07/2010 - 18:03:09 | D ] D:\_OTL
[26/08/2009 - 15:53:19 | A | 22016] D:\škola 1.doc
[26/08/2009 - 15:52:29 | A | 24576] D:\Škola.doc

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: D:\UsbFix_Upload_Me_JELEN.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

CKScanner - Additional Security Risks - These are not necessarily bad
c:\adobe photoshop cs3 cz\!crack\cti.txt
c:\adobe photoshop cs3 cz\!crack\photoshop.exe
c:\hry\microsoft games\aoeii\cracked\empires2.exe
scanner sequence 3.CP.11
----- EOF -----

a P2P je treba hamachi a n2n a tak ? a precist si SP to nevim co je

P2P klient je třeba BitComet. SZ je Soukromá zpráva (vlevo nahoře).


Odinstalujte všechny emulátory virtuálních mechanik.

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

• Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
• zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

• Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Start > Spustit (Win + R)

• Vyskočí okénko, zkopírujte do něj:

• Klikněte na OK

• Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

Start > Spustit (Win + R) toto mi nejde

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-01 19:08:54
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: D:\DOCUME~1\ondra\LOCALS~1\Temp\axtdypow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

JelenJelcin píše:Start > Spustit (Win + R) toto mi nejde

Popište mi to přesněji.

udělal sem todle - Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe
a ten dalsi krok - Start > Spustit (Win + R)
udelam ale nic se nespusti takze nemuzu udelat - Vyskočí okénko, zkopírujte do něj:
Kód:
"%userprofile%\plocha\mbr" -t


Klikněte na OK
Vytvoří se log s názvem mbr.log, vložte ho sem.