Viry ve windows prosím help

[P@tRiCk_]

Měl sem v PC ESET ale moc zatěžoval PC tak sem si nainstaloval Avast když sem spustil test tak mi to našla viry ve win a nwm co s něma protože když je chci dát do truhly nebo něco tak mi to píše přístup odepřen...

Viry se nachází zde:

Kód: Vybrat vše

C/windows/system32/02.tmp
C/windows/Temp/NOD2DD.tmp
C/windows/Temp/NOD2DF.tmp

Screen:
http://img819.imageshack.us/img819/4661/screen02m.jpg

Závažnost je prý vysoká tak to asi nebude chyba avastu že?

Prosím omluvte můj pravopis...

Log

Logfile of random's system information tool 1.07 (written by random/random)
Run by Patrik at 2010-07-02 18:34:52
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (6%) free of 38 GB
Total RAM: 1023 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:31, on 2.7.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Registry Mechanic\RegMech.exe
C:\Program Files\Free Desktop Clock\DesktopClock.exe
D:\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\ViStart\ViStart.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
D:\ProgSense\ProgSense.exe
D:\Screenshot Utility\ScreenshotUtility.exe
C:\PROGRA~1\ViGlance\ViGlance.exe
C:\Program Files\Xfire\Xfire.exe
C:\PROGRA~1\ViSplore\ViSplore.exe
C:\PROGRA~1\TRUETR~1\TRUETR~1.EXE
C:\PROGRA~1\VISTAR~1\Rainbar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Opera 10 Beta\opera.exe
C:\Documents and Settings\Patrik\Plocha\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\trend micro\Patrik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.zoner.cz/podpora/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
R3 - URLSearchHook: Softonic VLC EN Toolbar - {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: Max EN Toolbar - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll
R3 - URLSearchHook: Softonic English TC Toolbar - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Softonic English TC Toolbar - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Max EN Toolbar - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Softonic VLC EN Toolbar - {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Softonic VLC EN Toolbar - {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Max EN Toolbar - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll
O3 - Toolbar: Softonic English TC Toolbar - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Bing Bar] "C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKCU\..\Run: [RegistryMechanic] D:\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe
O4 - HKCU\..\Run: [Calendar] D:\Documents and Settings\Patrik\Desktop iCal\Calendar.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1801674531-2077806209-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1801674531-2077806209-725345543-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Majša')
O4 - HKUS\S-1-5-21-1801674531-2077806209-725345543-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Dominik')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ProgSense.lnk = D:\ProgSense\ProgSense.exe
O4 - Startup: Screenshot Utility.lnk = D:\Screenshot Utility\ScreenshotUtility.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Download with YouTube Clip Extractor - {3e717667-c786-43d0-b809-b378938f6770} - D:\Clip Extractor\ClipExtractor.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Heroes of Hellas\Images\stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Heroes of Hellas\Images\armhelper.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{52B0A3FB-BE3D-424D-A8D1-BAE446DAD5F8}: NameServer = 213.211.45.3,212.96.160.7
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 16675 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2077806209-725345543-1008Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2077806209-725345543-1008UA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9C10480B-93C6-4E37-91DA-96E8674D38DE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-05-14 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]
Softonic English TC Toolbar - C:\Program Files\Softonic_English_TC\tbSoft.dll [2010-04-15 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22}]
AOLSearchHook Class - C:\Program Files\AIM Search\AOLSearch.dll [2009-12-01 111976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
XfireXO Toolbar - C:\Program Files\XfireXO\tbXfir.dll [2010-06-03 2736736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-01-14 138624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{867dd841-5bf7-44ca-8426-c5a6eda00735}]
Max EN Toolbar - C:\Program Files\Max_EN\tbMax1.dll [2010-05-21 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96372AB6-15EB-4316-B497-71C741BC548C}]
Easy Gif Animator Toolbar Helper - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll [2010-01-24 815104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0cda128-b425-4eef-a174-61a11ac5dbf8}]
AIM Toolbar Loader - C:\Program Files\AIM Toolbar\aimtb.dll [2010-01-26 1303888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll [2010-02-17 548184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6570cd8-9978-4621-b1f9-6a62436f0466}]
Softonic VLC EN Toolbar - C:\Program Files\Softonic_VLC_EN\tbSof0.dll [2010-05-21 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-31 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-10-27 1014520]
{e6570cd8-9978-4621-b1f9-6a62436f0466} - Softonic VLC EN Toolbar - C:\Program Files\Softonic_VLC_EN\tbSof0.dll [2010-05-21 2515552]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]
{35065594-9169-4A34-B167-FC4865038E53} - Easy Gif Animator Toolbar - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll [2010-01-24 815104]
{61539ecd-cc67-4437-a03c-9aaccbd14326} - AIM Toolbar - C:\Program Files\AIM Toolbar\aimtb.dll [2010-01-26 1303888]
{867dd841-5bf7-44ca-8426-c5a6eda00735} - Max EN Toolbar - C:\Program Files\Max_EN\tbMax1.dll [2010-05-21 2515552]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll [2010-02-17 548184]
{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - Softonic English TC Toolbar - C:\Program Files\Softonic_English_TC\tbSoft.dll [2010-04-15 2515552]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - XfireXO Toolbar - C:\Program Files\XfireXO\tbXfir.dll [2010-06-03 2736736]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-07-12 352256]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-06-23 847872]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2006-02-22 344064]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"Bing Bar"=C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe [2010-02-17 243032]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-11-11 288088]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-05-14 202256]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]
"vilaunch"=C:\WINDOWS\system32\vilaunch.exe [2009-09-09 146412]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-01-12 37888]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"Google Update"=C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
"QIP2005"=C:\Program Files\QIP\qip.exe [2009-08-13 3276288]
"fsm"= []
"RegistryMechanic"=D:\Registry Mechanic\RegMech.exe [2009-11-25 3176408]
"SkinClock"=C:\Program Files\Free Desktop Clock\DesktopClock.exe [2006-10-01 334848]
"Calendar"=D:\Documents and Settings\Patrik\Desktop iCal\Calendar.exe []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění
ProgSense.lnk - D:\ProgSense\ProgSense.exe
Screenshot Utility.lnk - D:\Screenshot Utility\ScreenshotUtility.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-12-05 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Průzkumník Windows"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Team17\Worms Armageddon\WA.exe"="C:\Program Files\Team17\Worms Armageddon\WA.exe:*:Enabled:Worms Armageddon"
"C:\Program Files\Team17\Worms World Party\wwp.exe"="C:\Program Files\Team17\Worms World Party\wwp.exe:*:Enabled:Worms World Party"
"C:\Program Files\Codemasters\Worms 4 Mayhem Demo\Worms 4 Mayhem Demo.exe"="C:\Program Files\Codemasters\Worms 4 Mayhem Demo\Worms 4 Mayhem Demo.exe:*:Enabled:Worms 4 Mayhem Demo"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Team17 Software Ltd\WormsFortsDemo\WF.exe"="C:\Program Files\Team17 Software Ltd\WormsFortsDemo\WF.exe:*:Enabled:WF"
"C:\Documents and Settings\Majša\Plocha\ss\bin\Worms3D.exe"="C:\Documents and Settings\Majša\Plocha\ss\bin\Worms3D.exe:*:Enabled:Worms3D"
"C:\Program Files\Codemasters\Worms 4 Mayhem Online Demo\Worms 4 Mayhem Online Demo.exe"="C:\Program Files\Codemasters\Worms 4 Mayhem Online Demo\Worms 4 Mayhem Online Demo.exe:*:Enabled:Worms 4 Mayhem"
"C:\Program Files\Opera 10 Beta\opera.exe"="C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Team17\Worms 3D\bin\worms3d.exe"="C:\Program Files\Team17\Worms 3D\bin\worms3d.exe:*:Enabled:worms3d"
"C:\Documents and Settings\Patrik\Plocha\aministrace\samp\7777\samp-server.exe"="C:\Documents and Settings\Patrik\Plocha\aministrace\samp\7777\samp-server.exe:*:Enabled:samp-server"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Patrik\Plocha\Nová složka (11)\Mouse\nethostfs.exe"="C:\Documents and Settings\Patrik\Plocha\Nová složka (11)\Mouse\nethostfs.exe:*:Enabled:nethostfs"
"C:\Documents and Settings\Patrik\Plocha\samp03\samp-server.exe"="C:\Documents and Settings\Patrik\Plocha\samp03\samp-server.exe:*:Enabled:SA-MP dedicated server"
"C:\Documents and Settings\Patrik\Plocha\samp02x\samp-server.exe"="C:\Documents and Settings\Patrik\Plocha\samp02x\samp-server.exe:*:Enabled:samp-server"
"C:\Documents and Settings\Patrik\Plocha\samp01b\samp-server.exe"="C:\Documents and Settings\Patrik\Plocha\samp01b\samp-server.exe:*:Enabled:samp-server"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Documents and Settings\Patrik\Plocha\samp022\samp-server.exe"="C:\Documents and Settings\Patrik\Plocha\samp022\samp-server.exe:*:Enabled:samp-server"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AIM"
"C:\Program Files\Atari\Locomotion\Loco.exe"="C:\Program Files\Atari\Locomotion\Loco.exe:*:Enabled:Chris Sawyer's Locomotion"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"D:\hl.exe"="D:\hl.exe:*:Disabled:Half-Life Launcher"
"D:\cstrike.exe"="D:\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe"="C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall"
"D:\totalcmd\TOTALCMD.EXE"="D:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe"="C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe:*:Enabled:SRS"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\trainer.exe.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\trainer.exe.exe:*:Enabled:trainer.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ff50580-fa18-11de-b337-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{92df2777-c491-11de-b2ba-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL s.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{92df2778-c491-11de-b2ba-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL s.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0e07d19-050b-11df-b349-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0e07d1a-050b-11df-b349-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{baf538b6-f0a7-11de-b324-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca80634e-f215-11de-b326-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca80634f-f215-11de-b326-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d346d7b2-2e73-11df-9952-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ef367217-f13f-11de-b325-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ef367219-f13f-11de-b325-0018f3a98425}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


======List of files/folders created in the last 1 months======

2010-07-02 18:34:53 ----D---- C:\Program Files\trend micro
2010-07-02 18:34:52 ----D---- C:\rsit
2010-07-02 15:06:57 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-07-02 13:10:40 ----SHD---- C:\Config.Msi
2010-07-01 22:08:34 ----D---- C:\Program Files\SystemRequirementsLab
2010-07-01 14:50:47 ----D---- C:\Program Files\Rockstar Games
2010-07-01 14:50:31 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-07-01 14:50:31 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-07-01 14:50:29 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-07-01 14:50:28 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-07-01 14:50:25 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-07-01 14:50:25 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-07-01 14:50:24 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-07-01 14:50:22 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-07-01 14:50:20 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-07-01 14:50:18 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-07-01 14:50:16 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-07-01 14:50:16 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-07-01 14:50:14 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-07-01 14:50:12 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-07-01 14:50:08 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-07-01 14:50:08 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-07-01 14:50:06 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-07-01 14:50:04 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-07-01 14:50:01 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-07-01 14:50:01 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-07-01 14:49:59 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-07-01 14:49:08 ----D---- C:\WINDOWS\Logs
2010-06-30 22:24:40 ----D---- C:\Program Files\Winamp Detect
2010-06-30 22:24:28 ----D---- C:\Program Files\Winamp Toolbar
2010-06-30 22:24:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
2010-06-30 22:23:59 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-06-30 22:23:59 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-06-30 22:23:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-06-30 22:23:58 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-06-30 22:23:51 ----D---- C:\Program Files\Winamp
2010-06-30 22:23:51 ----D---- C:\Documents and Settings\Patrik\Data aplikací\Winamp
2010-06-29 16:22:17 ----N---- C:\WINDOWS\Setup1.exe
2010-06-29 16:22:15 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-06-28 20:05:17 ----D---- C:\Program Files\SRS - Street Racing Syndicate
2010-06-26 23:41:14 ----D---- C:\Program Files\Common Files\DirectX
2010-06-26 23:29:42 ----D---- C:\Program Files\EA GAMES
2010-06-18 18:24:07 ----D---- C:\Program Files\FreeCall.com
2010-06-18 10:36:56 ----D---- C:\Program Files\mp3DirectCut
2010-06-15 22:30:48 ----A---- C:\WINDOWS\game.ini
2010-06-15 10:43:13 ----D---- C:\Documents and Settings\Patrik\Data aplikací\Auslogics
2010-06-14 22:09:50 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-06-14 22:00:59 ----D---- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools Lite
2010-06-14 21:59:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-06-11 17:25:21 ----D---- C:\Program Files\XfireXO
2010-06-11 17:24:58 ----D---- C:\Documents and Settings\Patrik\Data aplikací\Xfire
2010-06-11 17:24:50 ----D---- C:\Program Files\Xfire
2010-06-09 16:38:51 ----D---- C:\Documents and Settings\Patrik\Data aplikací\Publish Providers
2010-06-09 16:21:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2010-06-09 16:17:20 ----D---- C:\Program Files\MSBuild
2010-06-09 16:14:36 ----D---- C:\WINDOWS\system32\XPSViewer
2010-06-09 16:13:48 ----D---- C:\Program Files\Reference Assemblies
2010-06-09 16:12:51 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-06-09 16:12:08 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-06-06 22:56:42 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-06-06 22:56:42 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-06-06 22:56:40 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-06-06 22:56:40 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-06-06 22:56:37 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-06-06 22:56:34 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-06-06 22:56:25 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-06-06 22:56:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-06-06 22:56:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-06-06 22:56:12 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-06-06 22:56:12 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-06-06 22:56:12 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-06-06 22:56:11 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-06-06 22:56:11 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-06-06 22:56:11 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-06-06 22:56:11 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-06-06 22:56:10 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-06-06 22:56:10 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-06-06 22:56:10 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-06-06 22:56:10 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-06-06 22:56:09 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-06-06 22:56:00 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-06-06 22:56:00 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-06-06 22:56:00 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-06-06 22:55:59 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-06-06 22:55:59 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-06-06 22:55:59 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-06-06 22:55:57 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-06-06 22:55:02 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-06-06 22:55:00 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-06-06 22:15:15 ----SHD---- C:\WINDOWS\ftpcache
2010-06-04 06:47:35 ----D---- C:\Program Files\Common Files\Eye 312
2010-06-04 06:47:35 ----A---- C:\WINDOWS\system32\Remover.ini
2010-06-04 06:47:35 ----A---- C:\WINDOWS\system32\Remove.exe
2010-06-04 06:47:32 ----A---- C:\WINDOWS\system32\SP7302.ini
2010-06-04 06:47:31 ----D---- C:\Program Files\Common Files\Pac7302
2010-06-04 06:47:31 ----A---- C:\WINDOWS\system32\P7302USD.dll

======List of files/folders modified in the last 1 months======

2010-07-02 18:34:53 ----RD---- C:\Program Files
2010-07-02 18:14:03 ----D---- C:\WINDOWS\Temp
2010-07-02 18:14:03 ----D---- C:\WINDOWS\system32
2010-07-02 15:07:50 ----D---- C:\WINDOWS\Prefetch
2010-07-02 15:07:32 ----D---- C:\WINDOWS\system32\drivers
2010-07-02 15:07:24 ----SHD---- C:\WINDOWS\Installer
2010-07-02 15:07:22 ----D---- C:\WINDOWS\WinSxS
2010-07-02 15:06:58 ----D---- C:\WINDOWS
2010-07-02 15:06:45 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-07-02 14:35:35 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-07-02 14:17:52 ----D---- C:\Program Files\WinFlip
2010-07-02 14:13:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-02 13:13:02 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-02 13:11:18 ----HD---- C:\WINDOWS\inf
2010-07-02 12:45:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-02 12:38:15 ----D---- C:\WINDOWS\Minidump
2010-07-01 15:12:27 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-01 14:50:34 ----D---- C:\WINDOWS\system32\DirectX
2010-07-01 14:49:34 ----RSD---- C:\WINDOWS\assembly
2010-06-30 18:21:51 ----D---- C:\Documents and Settings\Patrik\Data aplikací\Adobe
2010-06-28 20:07:34 ----D---- C:\Program Files\GameSpy Arcade
2010-06-26 23:41:14 ----D---- C:\Program Files\Common Files
2010-06-26 12:32:15 ----D---- C:\Documents and Settings\Patrik\Data aplikací\vlc
2010-06-21 20:03:35 ----D---- C:\Program Files\Opera 10 Beta
2010-06-20 15:11:21 ----RSD---- C:\WINDOWS\Fonts
2010-06-19 21:30:47 ----D---- C:\WINDOWS\system32\VIRepair
2010-06-19 21:18:22 ----SD---- C:\WINDOWS\Tasks
2010-06-18 18:39:07 ----D---- C:\WINDOWS\system32\config
2010-06-14 22:02:27 ----D---- C:\Documents and Settings\Patrik\Data aplikací\Skype
2010-06-09 16:38:43 ----D---- C:\Documents and Settings\Patrik\Data aplikací\Sony
2010-06-09 16:17:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-09 16:14:35 ----D---- C:\WINDOWS\system32\en-US
2010-06-09 16:13:11 ----D---- C:\WINDOWS\system32\spool
2010-06-09 16:12:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-09 16:12:34 ----A---- C:\WINDOWS\imsins.BAK
2010-06-06 22:56:03 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-06 22:54:59 ----D---- C:\WINDOWS\system32\LogFiles
2010-06-05 16:08:36 ----D---- C:\Documents and Settings\Patrik\Data aplikací\skypePM
2010-06-05 14:22:05 ----A---- C:\WINDOWS\win.ini
2010-06-04 06:46:27 ----D---- C:\WINDOWS\twain_32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-11-16 50704]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-27 246272]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-12-05 2782208]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2002-09-23 9600]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-05-23 245248]
S3 ajug7b3e;ajug7b3e; C:\WINDOWS\system32\drivers\ajug7b3e.sys []
S3 ALSysIO;ALSysIO; \??\C:\DOCUME~1\Patrik\LOCALS~1\Temp\ALSysIO.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
S3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-05 495616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-10-27 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-31 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-05-12 632792]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-11 75064]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-01-14 242048]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-09-28 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-18 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[Caroprd111]

Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Stáhněte a spusťte http://eric.71.mespages.googlepages.com/ToolBarSD.exe

• Vyberte si jazyk a stiskněte příslušné písmeno - Enter.
• Potvrďte okno kliknutím na "OK".
• Zvolte možnost 2 - Enter
• Po dokončení skenu na Vás vyskočí log, ten sem zkopírujte.

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

• Spusťte, poté klikněte na Deletion.
• Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[P@tRiCk_]

Sem asi uplně blbej nebo nwm...

1) Tam mi naskočil nějakej error nebo co to je http://img812.imageshack.us/img812/248/screen04n.jpg

2) Hlasí jako vir (nejde stáhnou)

3)Nwm jestly mám dát prohledat nebo opravit nebo co... //EDIT: Pardon prohledat pracuji na tom

[Caroprd111]

1) Zkuste to v nouzovém režimu

2) Dočasně vypněte antivir, je to falešná detekce.

3) Dejte Prohledat, je to napsané v předchozím návodu.

[P@tRiCk_]

Omlouvám se ale nevejde se mi to sem ani po jednom tak download

http://www.ulozto.cz/5244360/extras.txt
http://www.ulozto.cz/5244363/otl.txt

Du na bod 2 potom reset a bod 1

[Caroprd111]

Rozdělte, prosím, logy do více příspěvků.

[P@tRiCk_]

############################## | UsbFix 7.015 | [Deletion]

User: Patrik (Administrator) # POKOJ [ ]
Updated 01/07/10 by El Desaparecido / C_XX
Started at 20:13:53 | 02/07/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18702

Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.83886674 [(!) Disabled | Updated]
RAM -> 1023 Mb
C:\ (%systemdrive%) -> Fixed drive # 37 Gb (2 Mb free - 6%) [] # NTFS
D:\ -> Fixed drive # 37 Gb (21 Mb free - 56%) [] # NTFS
E:\ -> CD-ROM
P:\ -> CD-ROM

################## | Files # Infected Folders |

Deleted ! C:\DOCUME~1\Patrik\LOCALS~1\Temp\AutoRun.exe

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{3ff50580-fa18-11de-b337-0018f3a98425}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{92df2777-c491-11de-b2ba-0018f3a98425}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{a0e07d19-050b-11df-b349-0018f3a98425}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{baf538b6-f0a7-11de-b324-0018f3a98425}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ca80634e-f215-11de-b326-0018f3a98425}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d346d7b2-2e73-11df-9952-0018f3a98425}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ef367217-f13f-11de-b325-0018f3a98425}

################## | Listing |

[29/10/2009 - 09:09:24 | A | 0] C:\AUTOEXEC.BAT
[03/11/2009 - 21:10:28 | RSH | 223] C:\boot.ini
[23/09/2002 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[02/07/2010 - 19:41:44 | SHD ] C:\Config.Msi
[29/10/2009 - 09:09:24 | A | 0] C:\CONFIG.SYS
[30/10/2009 - 16:54:08 | D ] C:\Documents and Settings
[14/11/2009 - 15:58:51 | D ] C:\Downloads
[30/11/2009 - 23:20:15 | A | 140887] C:\Godem.amx
[29/10/2009 - 09:09:24 | RASH | 0] C:\IO.SYS
[06/02/2010 - 23:01:59 | AH | 796] C:\IPH.PH
[29/10/2009 - 11:11:56 | D ] C:\JM
[29/10/2009 - 09:09:24 | RASH | 0] C:\MSDOS.SYS
[29/10/2009 - 10:03:40 | RHD ] C:\MSOCache
[05/01/2002 - 03:38:38 | A | 54784] C:\msvci70.dll
[29/10/2009 - 09:37:28 | RASH | 47564] C:\NTDETECT.COM
[29/10/2009 - 09:37:28 | RASH | 250048] C:\ntldr
[24/01/2010 - 19:46:12 | AH | 558] C:\os357577.bin
[23/05/2010 - 18:24:39 | A | 921632] C:\PA7302.DAT
[02/07/2010 - 14:14:36 | ASH | 1610612736] C:\pagefile.sys
[02/07/2010 - 18:34:53 | RD ] C:\Program Files
[02/07/2010 - 20:21:11 | SHD ] C:\RECYCLER
[21/11/2009 - 11:42:09 | A | 8252] C:\REGIST~2.amx
[02/07/2010 - 18:35:35 | D ] C:\rsit
[15/11/2009 - 16:56:54 | A | 175026] C:\sigpic1_2.gif
[12/08/2007 - 07:59:28 | A | 375054] C:\Splash.bmp
[21/03/2010 - 11:14:50 | SHD ] C:\System Volume Information
[02/07/2010 - 19:11:08 | A | 673] C:\TB.txt
[14/11/2009 - 15:43:20 | D ] C:\Team17
[01/03/2010 - 23:29:37 | D ] C:\Temp
[02/07/2010 - 19:11:51 | D ] C:\ToolBar SD
[20/12/2009 - 21:37:08 | D ] C:\totalcmd
[06/06/2010 - 20:48:21 | H | 81173] C:\treeinfo.wc
[30/06/2010 - 18:26:43 | A | 7] C:\tw0001.dat
[02/07/2010 - 20:21:11 | D ] C:\UsbFix
[02/07/2010 - 20:21:11 | A | 916] C:\UsbFix.txt
[26/05/2010 - 17:42:02 | D ] C:\VTPFiles
[02/07/2010 - 15:06:58 | D ] C:\WINDOWS
[31/07/2009 - 10:53:16 | A | 26112] D:\!!!!POZOR!!!!.doc
[19/01/2010 - 23:57:01 | A | 345178112] D:\(psp) World Series Of Poker.iso.iso
[05/12/2009 - 10:42:43 | A | 2179] D:\.recently-used.xbel
[02/02/2010 - 18:41:30 | D ] D:\.thumbnails
[21/05/2010 - 16:52:03 | A | 131072] D:\Adobe photoshop CS 3 cz full version by steven.rar
[21/05/2010 - 19:00:22 | D ] D:\Adobe Photoshop CS3
[21/05/2010 - 18:59:41 | A | 426212728] D:\Adobe Photoshop CS3 Extended Full(Lentiny).rar
[26/05/2010 - 17:01:05 | D ] D:\aTube Catcher 2.0
[07/04/2010 - 22:11:19 | D ] D:\Auslogics Disk Defrag
[11/12/2009 - 19:28:28 | A | 16457] D:\backup_2009-12-11-1828.sql.gz
[12/05/2010 - 16:00:39 | A | 7978] D:\backup_2010-05-12-1600.sql.gz
[15/05/2010 - 22:10:50 | A | 21815] D:\backup_2010-05-15-2210.sql.gz
[16/05/2010 - 12:42:32 | A | 23000] D:\backup_2010-05-16-1241.sql.gz
[18/05/2010 - 19:22:42 | A | 32131] D:\backup_2010-05-18-1922.sql.gz
[12/05/2010 - 15:50:10 | D ] D:\chat
[12/05/2010 - 15:48:59 | A | 100622] D:\chat.zip
[13/05/2010 - 16:06:46 | D ] D:\Clip Extractor
[02/02/2010 - 18:41:30 | SD ] D:\Cookies
[15/06/2010 - 10:55:39 | A | 302548481] D:\Counter-Strike 1.6 full.exe
[02/04/2002 - 12:09:06 | A | 3897] D:\ctimne.txt
[23/08/2009 - 01:02:47 | D ] D:\d02ce901a2dba4148b
[06/06/2010 - 23:27:24 | D ] D:\DAEMON Tools Lite
[28/05/2010 - 22:15:16 | D ] D:\Dark Signs
[26/05/2010 - 23:07:03 | D ] D:\Data
[20/06/2004 - 18:29:00 | A | 806] D:\ddraw.lib
[22/06/2009 - 14:58:06 | A | 20480] D:\directsound.dll
[22/06/2009 - 14:59:08 | A | 1536] D:\directsound.lib
[12/05/2010 - 16:11:02 | D ] D:\Documents and Settings
[28/05/2010 - 22:12:43 | D ] D:\Dogfight
[02/02/2010 - 18:42:02 | SD ] D:\Dokumenty
[07/11/2007 - 08:00:40 | A | 17734] D:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17734] D:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 10134] D:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17734] D:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 17734] D:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 118] D:\eula.1041.txt
[07/11/2007 - 08:00:40 | A | 17734] D:\eula.1042.txt
[07/11/2007 - 08:00:40 | A | 17734] D:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 17734] D:\eula.3082.txt
[17/08/2009 - 18:40:23 | D ] D:\Foto
[15/06/2010 - 12:12:06 | SD ] D:\FreeRapid-0.83u1
[07/11/2007 - 08:00:40 | A | 1110] D:\globdata.ini
[25/06/2010 - 09:19:56 | D ] D:\GTA San Andreas
[04/05/2010 - 22:47:51 | D ] D:\GTA Vice City
[07/11/2007 - 08:03:18 | A | 562688] D:\install.exe
[07/11/2007 - 08:00:40 | A | 843] D:\install.ini
[07/11/2007 - 08:03:18 | A | 76304] D:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 96272] D:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 91152] D:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 97296] D:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 95248] D:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 81424] D:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 79888] D:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 75792] D:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 96272] D:\install.res.3082.dll
[28/05/2010 - 16:42:05 | A | 4811755] D:\Marpo Ja, Sam a moje druhy ja.mp3
[30/07/2009 - 20:14:44 | A | 1902592] D:\MHDsim2009demo.exe
[28/07/2009 - 08:37:14 | A | 3262] D:\MHDsim2009demo.ico
[19/03/2010 - 23:34:50 | D ] D:\MP3
[02/02/2010 - 18:41:30 | RD ] D:\Nabídka Start
[11/12/2009 - 20:24:23 | A | 3058] D:\Nový objekt - Textový dokument.txt
[21/02/2010 - 17:29:00 | D ] D:\Object Desktop
[02/02/2010 - 18:41:31 | SD ] D:\Oblíbené položky
[19/05/2010 - 16:28:44 | D ] D:\other
[26/05/2010 - 23:07:03 | D ] D:\Ovladace
[02/02/2010 - 18:41:21 | D ] D:\Patrik
[04/05/2010 - 23:05:05 | D ] D:\Program
[02/07/2010 - 13:42:04 | D ] D:\Program Files
[29/10/2009 - 09:48:35 | D ] D:\Programy
[24/05/2010 - 21:09:41 | D ] D:\ProgSense
[02/07/2010 - 20:21:11 | SHD ] D:\RECYCLER
[22/05/2010 - 08:12:44 | D ] D:\Registry Mechanic
[26/05/2010 - 23:09:58 | A | 76] D:\Save.dvk
[06/06/2010 - 23:01:47 | D ] D:\Screenshot Utility
[11/11/2007 - 14:43:48 | A | 143872] D:\send.dll
[29/10/2009 - 12:42:47 | SHD ] D:\System Volume Information
[28/12/2009 - 00:44:57 | A | 855638016] D:\Tekken 6
[26/05/2010 - 23:07:33 | D ] D:\Textures
[18/06/2010 - 18:44:47 | D ] D:\totalcmd
[26/05/2010 - 23:07:53 | A | 102355] D:\Uninstal.exe
[25/05/2010 - 16:44:53 | D ] D:\UserBar Generator 2.2
[02/02/2010 - 18:41:31 | SD ] D:\UserData
[07/11/2007 - 08:00:40 | A | 5686] D:\vcredist.bmp
[07/11/2007 - 08:09:22 | A | 1442522] D:\VC_RED.cab
[07/11/2007 - 08:12:28 | A | 232960] D:\VC_RED.MSI
[15/11/2009 - 16:30:12 | A | 226989803] D:\worms_mayhem_demo.exe
[26/05/2010 - 23:07:53 | D ] D:\Zvuky
[28/05/2010 - 17:48:35 | A | 761236238] D:\[PSP]Tekken.Dark.Resurrection.[EUR].[Rip-1G].-.
2)
[www.ESPALPSP.com].rar

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_POKOJ.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

[P@tRiCk_]

Exstras:

OTL Extras logfile created on: 2.7.2010 19:36:26 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Patrik\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 298,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,16 Gb Total Space | 2,11 Gb Free Space | 5,69% Space Free | Partition Type: NTFS
Drive D: | 37,37 Gb Total Space | 20,99 Gb Free Space | 56,18% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POKOJ
Current User Name: Patrik
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera 10 Beta\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera 10 Beta\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera 10 Beta\opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4805:TCP" = 4805:TCP:*:Enabled:eufbhvcx
"21034:TCP" = 21034:TCP:*:Enabled:BitComet 21034 TCP
"21034:UDP" = 21034:UDP:*:Enabled:BitComet 21034 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Průzkumník Windows -- (Microsoft Corporation)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\Team17\Worms Armageddon\WA.exe" = C:\Program Files\Team17\Worms Armageddon\WA.exe:*:Enabled:Worms Armageddon -- File not found
"C:\Program Files\Team17\Worms World Party\wwp.exe" = C:\Program Files\Team17\Worms World Party\wwp.exe:*:Enabled:Worms World Party -- File not found
"C:\Program Files\Codemasters\Worms 4 Mayhem Demo\Worms 4 Mayhem Demo.exe" = C:\Program Files\Codemasters\Worms 4 Mayhem Demo\Worms 4 Mayhem Demo.exe:*:Enabled:Worms 4 Mayhem Demo -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Team17 Software Ltd\WormsFortsDemo\WF.exe" = C:\Program Files\Team17 Software Ltd\WormsFortsDemo\WF.exe:*:Enabled:WF -- ()
"C:\Documents and Settings\Majša\Plocha\ss\bin\Worms3D.exe" = C:\Documents and Settings\Majša\Plocha\ss\bin\Worms3D.exe:*:Enabled:Worms3D -- File not found
"C:\Program Files\Codemasters\Worms 4 Mayhem Online Demo\Worms 4 Mayhem Online Demo.exe" = C:\Program Files\Codemasters\Worms 4 Mayhem Online Demo\Worms 4 Mayhem Online Demo.exe:*:Enabled:Worms 4 Mayhem -- (Team 17 Ltd)
"C:\Program Files\Opera 10 Beta\opera.exe" = C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Team17\Worms 3D\bin\worms3d.exe" = C:\Program Files\Team17\Worms 3D\bin\worms3d.exe:*:Enabled:worms3d -- File not found
"C:\Documents and Settings\Patrik\Plocha\aministrace\samp\7777\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\aministrace\samp\7777\samp-server.exe:*:Enabled:samp-server -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"C:\Documents and Settings\Patrik\Plocha\Nová složka (11)\Mouse\nethostfs.exe" = C:\Documents and Settings\Patrik\Plocha\Nová složka (11)\Mouse\nethostfs.exe:*:Enabled:nethostfs -- File not found
"C:\Documents and Settings\Patrik\Plocha\samp03\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp03\samp-server.exe:*:Enabled:SA-MP dedicated server -- ()
"C:\Documents and Settings\Patrik\Plocha\samp02x\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp02x\samp-server.exe:*:Enabled:samp-server -- ()
"C:\Documents and Settings\Patrik\Plocha\samp01b\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp01b\samp-server.exe:*:Enabled:samp-server -- ()
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Documents and Settings\Patrik\Plocha\samp022\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp022\samp-server.exe:*:Enabled:samp-server -- ()
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- File not found
"C:\Program Files\Atari\Locomotion\Loco.exe" = C:\Program Files\Atari\Locomotion\Loco.exe:*:Enabled:Chris Sawyer's Locomotion -- File not found
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"D:\hl.exe" = D:\hl.exe:*:Disabled:Half-Life Launcher -- File not found
"D:\cstrike.exe" = D:\cstrike.exe:*:Enabled:Counter-Strike Launcher -- File not found
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" = C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall -- (FreeCall)
"D:\totalcmd\TOTALCMD.EXE" = D:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe" = C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe:*:Enabled:SRS -- ()
"C:\Program Files\EA GAMES\Need for Speed Underground 2\trainer.exe.exe" = C:\Program Files\EA GAMES\Need for Speed Underground 2\trainer.exe.exe:*:Enabled:trainer.exe -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01818DDE-1A58-46CF-BB4C-D69C20AAB165}" = Bing Bar Platform
"{021C8090-9D2E-4F41-841B-8006A25D63A8}" = Zoner GIF Animator 4
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05F18103-35D7-88FC-E41C-2B6105C9E033}" = CCC Help Norwegian
"{06546F8A-F2B5-69F1-080B-374509AA8C3B}" = CCC Help Greek
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{132EF9F0-A96D-27B6-67A3-E81C3E5F8576}" = Catalyst Control Center Localization Korean
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1ABCC88E-CBCC-5A17-6F43-0E032C733BAE}" = CCC Help Spanish
"{1AE9BF4A-EF1A-6CC8-4D2D-480347ACFE46}" = Catalyst Control Center Localization Norwegian
"{1B54FF9E-5FDD-11DE-8B01-005056C00008}" = Paragon Total Defrag™ 2010
"{1CA307EB-F74D-C74E-DAC3-B0B6121FF581}" = Catalyst Control Center Graphics Full Existing
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23E797E9-F852-4AEA-93F0-772ED2B9D9F9}" = OpenOffice.org 3.1
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27AED848-C83A-C94B-620E-7B74A30F786A}" = Catalyst Control Center Localization Czech
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{31F3889F-90C6-8B14-A361-652CE60B3A1E}" = Catalyst Control Center Core Implementation
"{3246F956-0B45-DFB6-7CA2-533AB35ABEEA}" = Catalyst Control Center Localization Chinese Traditional
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{37A3E046-C553-7934-8B15-A3F67C115CA4}" = CCC Help German
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39EF67BB-8F3F-6F21-69B5-41776F0D194E}" = CCC Help English
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{3E4CAF22-6F06-12F8-B8D1-2D31CFF99D70}" = Catalyst Control Center Localization Chinese Standard
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40B6D0B4-301A-4020-869F-2E3936E02299}" = WebMate
"{4186F24E-80BB-74D7-5517-7BF5D33DADA9}" = Catalyst Control Center Localization Greek
"{41CF17AE-EB24-4C6F-3FC8-274D721B5102}" = Catalyst Control Center Graphics Full New
"{43318564-9CA8-5277-5A43-E3B86C3D8E36}" = CCC Help Korean
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{49F2D177-A8CA-CA4D-83F9-5323949A4CC1}" = Catalyst Control Center Graphics Light
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{4FFB8AAF-8964-4D0D-5A65-8101EB86E2A1}" = CCC Help Russian
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5619E613-0394-41C1-BC62-DCF82764CA87}" = SkinStudio 7
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B491CD3-688C-05AE-B3C7-5E2D06DB7738}" = CCC Help Italian
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E18AA11-C9EA-43C8-87DD-6B1C3053822C}_is1" = StNotepad 1.2
"{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack
"{5EE8E184-E883-98AA-BC02-CEC6C8055EED}" = Catalyst Control Center Localization Italian
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{643128C4-BC6C-7EDE-2638-6895CBA6BA77}" = Catalyst Control Center Localization Russian
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6E360A45-D461-46F0-8350-D9DED903B2A5}" = ViewonLog
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{6EA3A8A6-4B6B-4288-B8FB-3EB11A403ED3}" = Eye 312
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75DAA247-4F76-8087-4EC9-6D156637FD77}" = Catalyst Control Center Localization German
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{841310AB-DB5E-44EA-6BDA-4B4204C254B9}" = Catalyst Control Center Localization Portuguese
"{85BF2CCF-CC15-6072-8227-7B2B35164468}" = Catalyst Control Center Localization Danish
"{85C3AFFF-1B8E-68AC-8A0E-B96C08F33462}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Trial
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ED953E9-1A2E-3A57-4EAE-B1840E5B0DE7}" = CCC Help French
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{90db7dd1-f72f-4993-80fc-809a359cded1}" = Nero 9 Essentials
"{92CE9F9B-BF5F-0D8A-C6F0-F698A1DD6E56}" = CCC Help Chinese Traditional
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96CA958F-AF6D-B0BB-4A38-7D43A5C4891A}" = CCC Help Portuguese
"{9A124E03-2218-C11C-F5E3-047B92996B7B}" = Catalyst Control Center Localization French
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CFADBDE-B78A-7974-49EF-564BC821BD4C}" = CCC Help Finnish
"{9DC967F9-407E-ACB1-BACA-5E5C2F62520C}" = CCC Help Thai
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A061647B-74D5-41DD-BA22-38396058E46D}" = WormsFortsDemo
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3A29CE1-D2F7-A20B-50B8-A2D5F3E4279F}" = ccc-core-static
"{A4B126FC-169F-F425-7A2E-97179ACE6F55}" = Catalyst Control Center Localization Polish
"{A71154FF-187F-F415-DC22-97410EE80E53}" = ccc-utility
"{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"{A93A6C5B-3628-9657-0A71-83843C3E9850}" = Catalyst Control Center Graphics Previews Common
"{AA206E17-C432-06BE-8233-A8BAF590A669}" = CCC Help Swedish
"{AB198FE7-8D29-15A9-1D56-B7FBC3B0BF17}" = CCC Help Hungarian
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AD7DC653-1E4B-85BA-CE6F-E26B46154084}" = Catalyst Control Center Localization Swedish
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B54C1516-DD50-9743-3DB4-EA64CBF87A77}" = CCC Help Dutch
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BF5CFD2D-D057-4A98-962F-3FEE6F4580EF}" = CrazyTalk Avatar Creator
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C1B85E31-1E45-474D-F2D5-10A6ACFF9CA9}" = Catalyst Control Center Localization Finnish
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4B56EBE-6C53-4346-8F73-E380C123F4EF}" = WWP Demo
"{C8838D06-D7DB-4CB0-BF13-7191D2D84C42}" = Gadget Extractor
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CCE34518-56E3-30EC-646E-4B19F138F4F7}" = Catalyst Control Center Localization Spanish
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D107BB7A-2BFD-4B87-3189-F72C10D8C67B}" = CCC Help Polish
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DACE5D7D-D727-0F58-D5EE-9AC03C289C64}" = CCC Help Danish
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC51C5A8-4C81-46D1-941C-1B00AC609919}" = Worms 4 Mayhem Online Demo
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE74F709-9B36-784F-7E3C-DB6048FF6F73}" = Catalyst Control Center Localization Hungarian
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E1000009-9F1D-3F73-6061-E7A928EF4D13}" = Catalyst Control Center Localization Dutch
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E904FF11-4B3A-0485-38BC-59A8A7F06862}" = CCC Help Czech
"{EB7F845C-73F1-F18D-9C97-38F5D631F5B3}" = Catalyst Control Center Localization Japanese
"{ED340366-F336-420D-8867-88643836D900}" = Worms 4 Mayhem Demo
"{EE708A89-4C6B-F864-3423-D45EA978CB6C}" = Catalyst Control Center Localization Thai
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D7BB7F-9865-B3A0-7210-A45132AD89A1}" = ccc-core-preinstall
"{F1ED3023-5AE2-AE97-D7AA-1803C6BA4BD5}" = Skins
"{F20F0936-689D-938E-992E-6F56C683FD71}" = Catalyst Control Center Localization Turkish
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F83BDB1B-48A9-B95A-8A00-47C59A8637FE}" = CCC Help Japanese
"{F86B4C7B-B846-4039-878D-6CC8F8D3370E}_is1" = SRS - Street Racing Syndicate
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF79D051-7FF2-A618-6175-74D7A7ECDCC6}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Advanced GIF Animator_is1" = Advanced GIF Animator 3.0
"AIM Search" = AIM Search
"AIM Toolbar" = AIM Toolbar
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Any Video Converter Professional_is1" = Any Video Converter Professional 2.7.9
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver (Omega 3.8.442)
"aTube Catcher" = aTube Catcher
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Banner Maker Pro 6_is1" = Banner Maker Pro Version 6
"BSPlayer1" = BSPlayer
"Clip Extractor_is1" = Clip Extractor 2.2.0.9
"Clock" = Clock 2.3
"CometBird (3.6)" = CometBird (3.6)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"Dark Signs" = Dark Signs 0.96.1
"Easy Gif Animator Extension" = Easy Gif Animator Extension
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"Exact Audio Copy" = Exact Audio Copy 0.99pb4
"Fences" = Fences
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Free Desktop Clock_is1" = Free Desktop Clock 2.2
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"FreeCall_is1" = FreeCall
"GameSpy Arcade" = GameSpy Arcade
"IconCool GIF Animator v5.8x" = IconCool GIF Animator v5.8x
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"Max_EN Toolbar" = Max_EN Toolbar
"MHD Simulator 2009 - DEMO VERSION 0.5" = MHD Simulator 2009 - DEMO VERSION 0.5
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MTA: Race for San Andreas" = MTA: Race for San Andreas 1.1.1
"MTA:SA" = MTA:SA v1.0.4
"MultiRes (remove only)" = MultiRes (remove only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"Picasa 3" = Picasa 3
"Plane Arcade" = Plane Arcade
"ProgSense_is1" = ProgSense
"PSP Video 9" = PSP Video 9 5.04
"PSPad editor_is1" = PSPad editor
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"RealPlayer 12.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 9.0
"SAMP Generator" = SAMP Generator
"San Andreas Tools" = San Andreas Tools
"Sanny Builder 3_is1" = Sanny Builder 3.04
"Screenshot Utility_is1" = Screenshot Utility version 1.0
"Seven Remix XP" = Seven Remix XP 2.4
"Seven Transformation Pack" = Seven Transformation Pack 4.0
"SkinStudio 7" = SkinStudio 7
"Softonic_English_TC Toolbar" = Softonic_English_TC Toolbar
"Softonic_VLC_EN Toolbar" = Softonic_VLC_EN Toolbar
"Software Informer_is1" = Software Informer 1.0 BETA
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpeedFan" = SpeedFan (remove only)
"STANDARD" = Microsoft Office Standard 2007
"Super Mario Bros_is1" = Super Mario Bros 2.0
"System Monitor_is1" = System Monitor 1.5.1
"TightVNC_is1" = TightVNC 1.3.9
"Totalcmd" = Total Commander (Remove or Repair)
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uninstall_is1" = Uninstall 1.0.0.1
"UserBar Generator_is1" = UserBar Generator 1.2
"VLC media player" = VLC media player 1.0.3
"VobSub" = VobSub v2.23 (Remove Only)
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Worms for Pocket PC" = Worms for Pocket PC
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"YouTube Downloader App" = YouTube Downloader App 2.03
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

[P@tRiCk_]

Exstras 2:


========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 2.0.9032 RC4
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2.7.2010 8:18:52 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)


Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: Zařízení připojené k systému nefunguje.
(0x8007001f)

Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: Zařízení připojené k systému nefunguje.
(0x8007001f)

Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)


Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)


Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:18:57 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:18:57 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:26:10 | Computer Name = POKOJ | Source = Application Error | ID = 1000
Description = Chybující aplikace winflip.exe, verze 0.0.0.0, chybující modul winflip.exe,
verze 0.0.0.0, adresa chyby 0x0000521c.

[ System Events ]
Error - 2.7.2010 6:39:35 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Image Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 6:39:35 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Universal Server byla ukončena s následující chybou: %%126

Error - 2.7.2010 6:39:35 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Center Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 6:40:11 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.

Error - 2.7.2010 6:41:02 | Computer Name = POKOJ | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 2.7.2010 8:16:04 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Image Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 8:16:04 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Universal Server byla ukončena s následující chybou: %%126

Error - 2.7.2010 8:16:04 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Center Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 8:16:23 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.

Error - 2.7.2010 8:17:15 | Computer Name = POKOJ | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}


< End of report >

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera 10 Beta\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera 10 Beta\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera 10 Beta\opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4805:TCP" = 4805:TCP:*:Enabled:eufbhvcx
"21034:TCP" = 21034:TCP:*:Enabled:BitComet 21034 TCP
"21034:UDP" = 21034:UDP:*:Enabled:BitComet 21034 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Průzkumník Windows -- (Microsoft Corporation)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\Team17\Worms Armageddon\WA.exe" = C:\Program Files\Team17\Worms Armageddon\WA.exe:*:Enabled:Worms Armageddon -- File not found
"C:\Program Files\Team17\Worms World Party\wwp.exe" = C:\Program Files\Team17\Worms World Party\wwp.exe:*:Enabled:Worms World Party -- File not found
"C:\Program Files\Codemasters\Worms 4 Mayhem Demo\Worms 4 Mayhem Demo.exe" = C:\Program Files\Codemasters\Worms 4 Mayhem Demo\Worms 4 Mayhem Demo.exe:*:Enabled:Worms 4 Mayhem Demo -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Team17 Software Ltd\WormsFortsDemo\WF.exe" = C:\Program Files\Team17 Software Ltd\WormsFortsDemo\WF.exe:*:Enabled:WF -- ()
"C:\Documents and Settings\Majša\Plocha\ss\bin\Worms3D.exe" = C:\Documents and Settings\Majša\Plocha\ss\bin\Worms3D.exe:*:Enabled:Worms3D -- File not found
"C:\Program Files\Codemasters\Worms 4 Mayhem Online Demo\Worms 4 Mayhem Online Demo.exe" = C:\Program Files\Codemasters\Worms 4 Mayhem Online Demo\Worms 4 Mayhem Online Demo.exe:*:Enabled:Worms 4 Mayhem -- (Team 17 Ltd)
"C:\Program Files\Opera 10 Beta\opera.exe" = C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Team17\Worms 3D\bin\worms3d.exe" = C:\Program Files\Team17\Worms 3D\bin\worms3d.exe:*:Enabled:worms3d -- File not found
"C:\Documents and Settings\Patrik\Plocha\aministrace\samp\7777\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\aministrace\samp\7777\samp-server.exe:*:Enabled:samp-server -- File not found
"C:\Documents and Settings\Patrik\Plocha\Nová složka (11)\Mouse\nethostfs.exe" = C:\Documents and Settings\Patrik\Plocha\Nová složka (11)\Mouse\nethostfs.exe:*:Enabled:nethostfs -- File not found
"C:\Documents and Settings\Patrik\Plocha\samp03\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp03\samp-server.exe:*:Enabled:SA-MP dedicated server -- ()
"C:\Documents and Settings\Patrik\Plocha\samp02x\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp02x\samp-server.exe:*:Enabled:samp-server -- ()
"C:\Documents and Settings\Patrik\Plocha\samp01b\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp01b\samp-server.exe:*:Enabled:samp-server -- ()
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Documents and Settings\Patrik\Plocha\samp022\samp-server.exe" = C:\Documents and Settings\Patrik\Plocha\samp022\samp-server.exe:*:Enabled:samp-server -- ()
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- File not found
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- File not found
"C:\Program Files\Atari\Locomotion\Loco.exe" = C:\Program Files\Atari\Locomotion\Loco.exe:*:Enabled:Chris Sawyer's Locomotion -- File not found
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\hl.exe" = D:\hl.exe:*:Disabled:Half-Life Launcher -- File not found
"D:\cstrike.exe" = D:\cstrike.exe:*:Enabled:Counter-Strike Launcher -- File not found
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" = C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall -- (FreeCall)
"D:\totalcmd\TOTALCMD.EXE" = D:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe" = C:\Program Files\SRS - Street Racing Syndicate\Bin\SRS.exe:*:Enabled:SRS -- ()
"C:\Program Files\EA GAMES\Need for Speed Underground 2\trainer.exe.exe" = C:\Program Files\EA GAMES\Need for Speed Underground 2\trainer.exe.exe:*:Enabled:trainer.exe -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01818DDE-1A58-46CF-BB4C-D69C20AAB165}" = Bing Bar Platform
"{021C8090-9D2E-4F41-841B-8006A25D63A8}" = Zoner GIF Animator 4
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05F18103-35D7-88FC-E41C-2B6105C9E033}" = CCC Help Norwegian
"{06546F8A-F2B5-69F1-080B-374509AA8C3B}" = CCC Help Greek
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{132EF9F0-A96D-27B6-67A3-E81C3E5F8576}" = Catalyst Control Center Localization Korean
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1ABCC88E-CBCC-5A17-6F43-0E032C733BAE}" = CCC Help Spanish
"{1AE9BF4A-EF1A-6CC8-4D2D-480347ACFE46}" = Catalyst Control Center Localization Norwegian
"{1B54FF9E-5FDD-11DE-8B01-005056C00008}" = Paragon Total Defrag™ 2010
"{1CA307EB-F74D-C74E-DAC3-B0B6121FF581}" = Catalyst Control Center Graphics Full Existing
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23E797E9-F852-4AEA-93F0-772ED2B9D9F9}" = OpenOffice.org 3.1
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27AED848-C83A-C94B-620E-7B74A30F786A}" = Catalyst Control Center Localization Czech
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}" = Zoner GIF Animator 5
"{31F3889F-90C6-8B14-A361-652CE60B3A1E}" = Catalyst Control Center Core Implementation
"{3246F956-0B45-DFB6-7CA2-533AB35ABEEA}" = Catalyst Control Center Localization Chinese Traditional
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{37A3E046-C553-7934-8B15-A3F67C115CA4}" = CCC Help German
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39EF67BB-8F3F-6F21-69B5-41776F0D194E}" = CCC Help English
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{3E4CAF22-6F06-12F8-B8D1-2D31CFF99D70}" = Catalyst Control Center Localization Chinese Standard
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40B6D0B4-301A-4020-869F-2E3936E02299}" = WebMate
"{4186F24E-80BB-74D7-5517-7BF5D33DADA9}" = Catalyst Control Center Localization Greek
"{41CF17AE-EB24-4C6F-3FC8-274D721B5102}" = Catalyst Control Center Graphics Full New
"{43318564-9CA8-5277-5A43-E3B86C3D8E36}" = CCC Help Korean
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{49F2D177-A8CA-CA4D-83F9-5323949A4CC1}" = Catalyst Control Center Graphics Light
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{4FFB8AAF-8964-4D0D-5A65-8101EB86E2A1}" = CCC Help Russian
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5619E613-0394-41C1-BC62-DCF82764CA87}" = SkinStudio 7
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B491CD3-688C-05AE-B3C7-5E2D06DB7738}" = CCC Help Italian
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E18AA11-C9EA-43C8-87DD-6B1C3053822C}_is1" = StNotepad 1.2
"{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack
"{5EE8E184-E883-98AA-BC02-CEC6C8055EED}" = Catalyst Control Center Localization Italian
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{643128C4-BC6C-7EDE-2638-6895CBA6BA77}" = Catalyst Control Center Localization Russian
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6E360A45-D461-46F0-8350-D9DED903B2A5}" = ViewonLog
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{6EA3A8A6-4B6B-4288-B8FB-3EB11A403ED3}" = Eye 312
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75DAA247-4F76-8087-4EC9-6D156637FD77}" = Catalyst Control Center Localization German
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{841310AB-DB5E-44EA-6BDA-4B4204C254B9}" = Catalyst Control Center Localization Portuguese
"{85BF2CCF-CC15-6072-8227-7B2B35164468}" = Catalyst Control Center Localization Danish
"{85C3AFFF-1B8E-68AC-8A0E-B96C08F33462}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Trial
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ED953E9-1A2E-3A57-4EAE-B1840E5B0DE7}" = CCC Help French
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{90db7dd1-f72f-4993-80fc-809a359cded1}" = Nero 9 Essentials
"{92CE9F9B-BF5F-0D8A-C6F0-F698A1DD6E56}" = CCC Help Chinese Traditional
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96CA958F-AF6D-B0BB-4A38-7D43A5C4891A}" = CCC Help Portuguese
"{9A124E03-2218-C11C-F5E3-047B92996B7B}" = Catalyst Control Center Localization French
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CFADBDE-B78A-7974-49EF-564BC821BD4C}" = CCC Help Finnish
"{9DC967F9-407E-ACB1-BACA-5E5C2F62520C}" = CCC Help Thai
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A061647B-74D5-41DD-BA22-38396058E46D}" = WormsFortsDemo
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3A29CE1-D2F7-A20B-50B8-A2D5F3E4279F}" = ccc-core-static
"{A4B126FC-169F-F425-7A2E-97179ACE6F55}" = Catalyst Control Center Localization Polish
"{A71154FF-187F-F415-DC22-97410EE80E53}" = ccc-utility
"{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"{A93A6C5B-3628-9657-0A71-83843C3E9850}" = Catalyst Control Center Graphics Previews Common
"{AA206E17-C432-06BE-8233-A8BAF590A669}" = CCC Help Swedish
"{AB198FE7-8D29-15A9-1D56-B7FBC3B0BF17}" = CCC Help Hungarian
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AD7DC653-1E4B-85BA-CE6F-E26B46154084}" = Catalyst Control Center Localization Swedish
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B54C1516-DD50-9743-3DB4-EA64CBF87A77}" = CCC Help Dutch
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BF5CFD2D-D057-4A98-962F-3FEE6F4580EF}" = CrazyTalk Avatar Creator
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C1B85E31-1E45-474D-F2D5-10A6ACFF9CA9}" = Catalyst Control Center Localization Finnish
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}" = Uniblue DriverScanner 2009
"{C4B56EBE-6C53-4346-8F73-E380C123F4EF}" = WWP Demo
"{C8838D06-D7DB-4CB0-BF13-7191D2D84C42}" = Gadget Extractor
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CCE34518-56E3-30EC-646E-4B19F138F4F7}" = Catalyst Control Center Localization Spanish
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D107BB7A-2BFD-4B87-3189-F72C10D8C67B}" = CCC Help Polish
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DACE5D7D-D727-0F58-D5EE-9AC03C289C64}" = CCC Help Danish
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DC51C5A8-4C81-46D1-941C-1B00AC609919}" = Worms 4 Mayhem Online Demo
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE74F709-9B36-784F-7E3C-DB6048FF6F73}" = Catalyst Control Center Localization Hungarian
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E1000009-9F1D-3F73-6061-E7A928EF4D13}" = Catalyst Control Center Localization Dutch
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E904FF11-4B3A-0485-38BC-59A8A7F06862}" = CCC Help Czech
"{EB7F845C-73F1-F18D-9C97-38F5D631F5B3}" = Catalyst Control Center Localization Japanese
"{ED340366-F336-420D-8867-88643836D900}" = Worms 4 Mayhem Demo
"{EE708A89-4C6B-F864-3423-D45EA978CB6C}" = Catalyst Control Center Localization Thai
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D7BB7F-9865-B3A0-7210-A45132AD89A1}" = ccc-core-preinstall
"{F1ED3023-5AE2-AE97-D7AA-1803C6BA4BD5}" = Skins
"{F20F0936-689D-938E-992E-6F56C683FD71}" = Catalyst Control Center Localization Turkish
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F83BDB1B-48A9-B95A-8A00-47C59A8637FE}" = CCC Help Japanese
"{F86B4C7B-B846-4039-878D-6CC8F8D3370E}_is1" = SRS - Street Racing Syndicate
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF79D051-7FF2-A618-6175-74D7A7ECDCC6}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Advanced GIF Animator_is1" = Advanced GIF Animator 3.0
"AIM Search" = AIM Search
"AIM Toolbar" = AIM Toolbar
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Any Video Converter Professional_is1" = Any Video Converter Professional 2.7.9
"Ask Toolbar_is1" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver (Omega 3.8.442)
"aTube Catcher" = aTube Catcher
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Banner Maker Pro 6_is1" = Banner Maker Pro Version 6
"BSPlayer1" = BSPlayer
"Clip Extractor_is1" = Clip Extractor 2.2.0.9
"Clock" = Clock 2.3
"CometBird (3.6)" = CometBird (3.6)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"Dark Signs" = Dark Signs 0.96.1
"Easy Gif Animator Extension" = Easy Gif Animator Extension
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"Exact Audio Copy" = Exact Audio Copy 0.99pb4
"Fences" = Fences
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Free Desktop Clock_is1" = Free Desktop Clock 2.2
"Free Studio_is1" = Free Studio version 4.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"FreeCall_is1" = FreeCall
"GameSpy Arcade" = GameSpy Arcade
"IconCool GIF Animator v5.8x" = IconCool GIF Animator v5.8x
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"Max_EN Toolbar" = Max_EN Toolbar
"MHD Simulator 2009 - DEMO VERSION 0.5" = MHD Simulator 2009 - DEMO VERSION 0.5
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MTA: Race for San Andreas" = MTA: Race for San Andreas 1.1.1
"MTA:SA" = MTA:SA v1.0.4
"MultiRes (remove only)" = MultiRes (remove only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
"Pack Vista Inspirat 2" = Pack Vista Inspirat 2 1.0
"Picasa 3" = Picasa 3
"Plane Arcade" = Plane Arcade
"ProgSense_is1" = ProgSense
"PSP Video 9" = PSP Video 9 5.04
"PSPad editor_is1" = PSPad editor
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"RealPlayer 12.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 9.0
"SAMP Generator" = SAMP Generator
"San Andreas Tools" = San Andreas Tools
"Sanny Builder 3_is1" = Sanny Builder 3.04
"Screenshot Utility_is1" = Screenshot Utility version 1.0
"Seven Remix XP" = Seven Remix XP 2.4
"Seven Transformation Pack" = Seven Transformation Pack 4.0
"SkinStudio 7" = SkinStudio 7
"Softonic_English_TC Toolbar" = Softonic_English_TC Toolbar
"Softonic_VLC_EN Toolbar" = Softonic_VLC_EN Toolbar
"Software Informer_is1" = Software Informer 1.0 BETA
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpeedFan" = SpeedFan (remove only)
"STANDARD" = Microsoft Office Standard 2007
"Super Mario Bros_is1" = Super Mario Bros 2.0
"System Monitor_is1" = System Monitor 1.5.1
"TightVNC_is1" = TightVNC 1.3.9
"Totalcmd" = Total Commander (Remove or Repair)
"Uniblue DriverScanner 2009" = Uniblue DriverScanner 2009
"Uninstall_is1" = Uninstall 1.0.0.1
"UserBar Generator_is1" = UserBar Generator 1.2
"VLC media player" = VLC media player 1.0.3
"VobSub" = VobSub v2.23 (Remove Only)
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Worms for Pocket PC" = Worms for Pocket PC
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"YouTube Downloader App" = YouTube Downloader App 2.03
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 2.0.9032 RC4
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2.7.2010 8:18:52 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)


Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: Zařízení připojené k systému nefunguje.
(0x8007001f)

Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: Zařízení připojené k systému nefunguje.
(0x8007001f)

Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)


Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\\\\\\\\\\\\\\\\\\    > in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)


Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:18:56 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:18:57 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:18:57 | Computer Name = POKOJ | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\PATRIK\PLOCHA\OTHER\NEHORÁZNEJ
BORDEL\    > in the hash map cannot be updated. Context: Application, SystemIndex
Catalog Details: Zařízení připojené k systému nefunguje. (0x8007001f)

Error - 2.7.2010 8:26:10 | Computer Name = POKOJ | Source = Application Error | ID = 1000
Description = Chybující aplikace winflip.exe, verze 0.0.0.0, chybující modul winflip.exe,
verze 0.0.0.0, adresa chyby 0x0000521c.

[ System Events ]
Error - 2.7.2010 6:39:35 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Image Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 6:39:35 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Universal Server byla ukončena s následující chybou: %%126

Error - 2.7.2010 6:39:35 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Center Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 6:40:11 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.

Error - 2.7.2010 6:41:02 | Computer Name = POKOJ | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 2.7.2010 8:16:04 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Image Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 8:16:04 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Universal Server byla ukončena s následující chybou: %%126

Error - 2.7.2010 8:16:04 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7023
Description = Služba Center Driver byla ukončena s následující chybou: %%126

Error - 2.7.2010 8:16:23 | Computer Name = POKOJ | Source = Service Control Manager | ID = 7022
Description = Služba Načítání obrázků (WIA) přestala během spouštění reagovat.

Error - 2.7.2010 8:17:15 | Computer Name = POKOJ | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby BITS
s argumenty za účelem spuštění serveru: {4991D34B-80A1-4291-83B6-3328366B9097}


< End of report >

[P@tRiCk_]

OTL:

OTL logfile created on: 2.7.2010 19:36:26 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Patrik\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 298,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,16 Gb Total Space | 2,11 Gb Free Space | 5,69% Space Free | Partition Type: NTFS
Drive D: | 37,37 Gb Total Space | 20,99 Gb Free Space | 56,18% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POKOJ
Current User Name: Patrik
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.02 19:12:21 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
PRC - [2010.06.28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.06.16 11:57:22 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera 10 Beta\opera.exe
PRC - [2010.05.28 02:04:42 | 003,493,264 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010.05.14 13:06:05 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.05.12 15:08:22 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010.04.30 14:22:06 | 000,888,000 | ---- | M] (ProgSense) -- D:\ProgSense\ProgSense.exe
PRC - [2010.02.17 17:08:26 | 000,243,032 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe
PRC - [2010.01.14 22:05:26 | 000,242,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.01.12 22:02:46 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009.11.25 15:42:58 | 003,176,408 | ---- | M] (PC Tools) -- D:\Registry Mechanic\RegMech.exe
PRC - [2009.11.20 13:14:24 | 000,798,720 | ---- | M] (Lee-Soft.com) -- C:\Program Files\ViStart\ViStart.exe
PRC - [2009.11.07 18:56:24 | 000,438,272 | ---- | M] (Lee-Soft.com, Lee Matthew Chantrey) -- C:\Program Files\ViGlance\ViGlance.exe
PRC - [2009.10.27 11:27:00 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.10.15 21:58:44 | 000,356,352 | ---- | M] () -- C:\Program Files\TrueTransparency\TrueTransparency.exe
PRC - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.08.13 11:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2009.07.20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- D:\DAEMON Tools Lite\daemon.exe
PRC - [2009.02.04 17:52:34 | 000,389,120 | ---- | M] (Lee Matthew Chantrey ) -- C:\Program Files\ViSplore\ViSplore.exe
PRC - [2008.05.26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008.04.13 19:39:20 | 000,049,152 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\Pac7302\Monitor.exe
PRC - [2006.10.01 17:50:28 | 000,334,848 | ---- | M] () -- C:\Program Files\Free Desktop Clock\DesktopClock.exe
PRC - [2006.06.23 05:21:24 | 000,847,872 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2006.01.21 18:41:56 | 000,114,688 | ---- | M] () -- C:\Program Files\Vista Rainbar\Rainbar.exe
PRC - [2004.08.17 16:49:24 | 001,438,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001.12.24 14:24:12 | 000,344,064 | ---- | M] (QSX Software Group) -- D:\Screenshot Utility\ScreenshotUtility.exe


========== Modules (SafeList) ==========

MOD - [2010.07.02 19:12:21 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
MOD - [2010.05.28 02:04:58 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_42784.dll
MOD - [2010.05.14 13:06:06 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2009.10.15 21:58:14 | 000,009,728 | ---- | M] () -- C:\Program Files\TrueTransparency\TrueTransparencyHook.dll
MOD - [2004.08.17 16:49:22 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2004.08.17 16:48:02 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.04 00:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2001.03.27 12:50:34 | 000,293,376 | ---- | M] () -- D:\Screenshot Utility\HookProc.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.05.12 15:08:22 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.01.14 22:05:26 | 000,242,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.12.18 13:21:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.10.27 11:27:00 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2006.10.30 03:34:02 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)


========== Driver Services (SafeList) ==========

DRV - [2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.06.14 22:01:15 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.11.16 18:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2007.12.05 07:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.06.14 18:34:00 | 000,457,856 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2006.09.24 15:28:47 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.07.31 10:22:06 | 000,042,112 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2006.06.27 07:44:32 | 000,246,272 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006.05.23 09:56:00 | 000,245,248 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.05.18 20:50:38 | 000,119,808 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ahci8086.sys -- (ahci8086)
DRV - [2006.03.17 12:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006.02.07 13:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2005.03.09 16:53:00 | 000,042,496 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.10.27 16:21:36 | 000,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.09.16 18:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll ()
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic English TC Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Softonic English TC Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT20404 ... hSource=13"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: msntoolbar@msn.com:5.0
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: button@youtubeclipextractor.com:2.2.0.8
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"

FF - HKLM\software\mozilla\Firefox\extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\Firefox [2010.03.12 17:37:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.03.12 17:37:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.05.14 13:06:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010.05.31 15:07:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010.02.06 21:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Extensions
[2010.02.06 21:32:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.12.18 12:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\extensions
[2009.12.18 12:42:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.06.30 22:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions
[2010.06.30 22:24:37 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.05.26 17:01:41 | 000,000,000 | ---D | M] (Softonic English TC Toolbar) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}
[2010.06.11 17:25:19 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.06.06 22:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\DTToolbar@toolbarnet.com
[2010.03.12 23:17:48 | 000,001,834 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\bing.xml
[2010.04.21 12:12:48 | 000,000,941 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\conduit.xml
[2010.06.14 22:09:50 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\daemon-search.xml
[2010.05.26 16:38:11 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\qipsearch.xml

O1 HOSTS File: ([2002.09.23 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Softonic English TC Toolbar) - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Max EN Toolbar) - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Gif Animator Toolbar Helper) - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Softonic VLC EN Toolbar) - {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll (Conduit Ltd.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Softonic English TC Toolbar) - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Max EN Toolbar) - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Softonic VLC EN Toolbar) - {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Softonic English TC Toolbar) - {4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8} - C:\Program Files\Softonic_English_TC\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..\Toolbar\WebBrowser: (Max EN Toolbar) - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (Softonic English TC Toolbar) - {4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8} - C:\Program Files\Softonic_English_TC\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (Max EN Toolbar) - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\Toolbar\WebBrowser: (Softonic VLC EN Toolbar) - {E6570CD8-9978-4621-B1F9-6A62436F0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (Softonic English TC Toolbar) - {4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8} - C:\Program Files\Softonic_English_TC\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (Max EN Toolbar) - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\Toolbar\WebBrowser: (Softonic VLC EN Toolbar) - {E6570CD8-9978-4621-B1F9-6A62436F0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\ShellBrowser: (Max EN Toolbar) - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\ShellBrowser: (Softonic VLC EN Toolbar) - {E6570CD8-9978-4621-B1F9-6A62436F0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\WebBrowser: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\WebBrowser: (Max EN Toolbar) - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files\Max_EN\tbMax1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\..\Toolbar\WebBrowser: (Softonic VLC EN Toolbar) - {E6570CD8-9978-4621-B1F9-6A62436F0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)
O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007..\Run: [FreeCall] C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe (FreeCall)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007..\Run: [viwc] C:\WINDOWS\system32\viwc.exe ()
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [Calendar] D:\Documents and Settings\Patrik\Desktop iCal\Calendar.exe File not found
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [fsm] File not found
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [Google Update] C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [RegistryMechanic] D:\Registry Mechanic\RegMech.exe (PC Tools)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [SkinClock] C:\Program Files\Free Desktop Clock\DesktopClock.exe ()
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\ProgSense.lnk = D:\ProgSense\ProgSense.exe (ProgSense)
O4 - Startup: C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Screenshot Utility.lnk = D:\Screenshot Utility\ScreenshotUtility.exe (QSX Software Group)
O4 - Startup: C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = B1 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = B1 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-2077806209-725345543-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Download with YouTube Clip Extractor - {3e717667-c786-43d0-b809-b378938f6770} - D:\Clip Extractor\ClipExtractor.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..Trusted Domains: ([]msn in Tento počítač)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://C:\Program Files\Heroes of Hellas\Images\stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Heroes of Hellas\Images\armhelper.ocx (ArmHelper Control)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.29 09:09:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3ff50580-fa18-11de-b337-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{3ff50580-fa18-11de-b337-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{92df2777-c491-11de-b2ba-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{92df2777-c491-11de-b2ba-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{92df2778-c491-11de-b2ba-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{92df2778-c491-11de-b2ba-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{a0e07d19-050b-11df-b349-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e07d19-050b-11df-b349-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{a0e07d1a-050b-11df-b349-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e07d1a-050b-11df-b349-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{baf538b6-f0a7-11de-b324-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{baf538b6-f0a7-11de-b324-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ca80634e-f215-11de-b326-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ca80634e-f215-11de-b326-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ca80634f-f215-11de-b326-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ca80634f-f215-11de-b326-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{d346d7b2-2e73-11df-9952-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{d346d7b2-2e73-11df-9952-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ef367217-f13f-11de-b325-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ef367217-f13f-11de-b325-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{ef367219-f13f-11de-b325-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ef367219-f13f-11de-b325-0018f3a98425}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2004.08.17 16:49:18 | 014,615,040 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[P@tRiCk_]

OTL 2:

========== Files/Folders - Created Within 30 Days ==========

[2010.07.02 19:36:45 | 001,204,924 | ---- | C] (C_XX & El Desaparecido) -- C:\Documents and Settings\Patrik\Plocha\UsbFix.exe
[2010.07.02 19:12:18 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2010.07.02 19:09:57 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2010.07.02 18:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.07.02 18:34:52 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.02 15:07:32 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.07.02 15:07:32 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.07.02 15:07:31 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.07.02 15:07:30 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.07.02 15:07:29 | 000,100,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.07.02 15:07:29 | 000,094,544 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.07.02 15:07:28 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.07.02 15:06:58 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010.07.02 15:06:57 | 000,165,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.07.02 13:10:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.07.01 22:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010.07.01 22:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\SystemRequirementsLab
[2010.07.01 15:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Dokumenty\Bully Scholarship Edition
[2010.07.01 14:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.07.01 14:50:31 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010.07.01 14:50:31 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010.07.01 14:50:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010.07.01 14:50:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010.07.01 14:50:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010.07.01 14:50:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010.07.01 14:50:24 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010.07.01 14:50:22 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010.07.01 14:50:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010.07.01 14:50:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010.07.01 14:50:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010.07.01 14:50:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010.07.01 14:50:14 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010.07.01 14:50:12 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010.07.01 14:50:08 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010.07.01 14:50:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010.07.01 14:50:06 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010.07.01 14:50:04 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010.07.01 14:50:01 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010.07.01 14:50:01 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010.07.01 14:49:59 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010.07.01 14:49:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.06.30 22:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010.06.30 22:24:28 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Toolbar
[2010.06.30 22:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
[2010.06.30 22:23:59 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010.06.30 22:23:59 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010.06.30 22:23:58 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010.06.30 22:23:58 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010.06.30 22:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.06.30 22:23:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Data aplikací\Winamp
[2010.06.29 16:22:17 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010.06.29 16:22:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010.06.28 20:08:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Dokumenty\Street Racing Syndicate
[2010.06.28 20:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\SRS - Street Racing Syndicate
[2010.06.26 23:41:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\NFS Underground 2
[2010.06.26 23:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2010.06.26 23:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2010.06.26 18:09:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Dokumenty\NFS Carbon
[2010.06.21 16:33:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\ESET
[2010.06.18 18:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Plocha\news_cats
[2010.06.18 18:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\FreeCall.com
[2010.06.18 10:36:56 | 000,000,000 | ---D | C] -- C:\Program Files\mp3DirectCut
[2010.06.15 10:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Data aplikací\Auslogics
[2010.06.14 22:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010.06.14 22:00:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools Lite
[2010.06.14 21:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.06.14 12:52:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Plocha\NAZI
[2010.06.11 17:41:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\PunkBuster
[2010.06.11 17:30:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Data aplikací\Xfire
[2010.06.11 17:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\XfireXO
[2010.06.11 17:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010.06.11 17:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Data aplikací\Xfire
[2010.06.11 17:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010.06.09 16:38:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Data aplikací\Publish Providers
[2010.06.09 16:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Sony
[2010.06.09 16:21:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.06.09 16:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010.06.09 16:17:17 | 000,178,480 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.06.09 16:14:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010.06.09 16:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010.06.09 16:12:51 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2010.06.06 23:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Plocha\screeny
[2010.06.06 22:56:42 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010.06.06 22:56:42 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2010.06.06 22:56:40 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010.06.06 22:56:40 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010.06.06 22:56:37 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010.06.06 22:56:34 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2010.06.06 22:56:25 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010.06.06 22:56:19 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010.06.06 22:56:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010.06.06 22:56:12 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010.06.06 22:56:12 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010.06.06 22:56:12 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010.06.06 22:56:11 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010.06.06 22:56:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.06.06 22:56:11 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010.06.06 22:56:11 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010.06.06 22:56:10 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010.06.06 22:56:10 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010.06.06 22:56:10 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010.06.06 22:56:10 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010.06.06 22:56:09 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010.06.06 22:56:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010.06.06 22:56:00 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010.06.06 22:56:00 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010.06.06 22:55:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2010.06.06 22:55:59 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2010.06.06 22:55:59 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2010.06.06 22:55:57 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2010.06.06 22:55:12 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Patrik\Data aplikací\PnkBstrK.sys
[2010.06.06 22:15:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010.06.06 18:46:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Plocha\modifikace
[2010.06.05 13:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrik\Plocha\DSSA
[2010.06.04 06:47:35 | 000,048,128 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\Remove.exe
[2010.06.04 06:47:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Eye 312
[2010.06.04 06:47:32 | 000,129,024 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\SP7302.ax
[2010.06.04 06:47:31 | 000,014,336 | ---- | C] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\P7302USD.dll
[2010.06.04 06:47:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pac7302
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.02 19:36:49 | 001,204,924 | ---- | M] (C_XX & El Desaparecido) -- C:\Documents and Settings\Patrik\Plocha\UsbFix.exe
[2010.07.02 19:35:00 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9C10480B-93C6-4E37-91DA-96E8674D38DE}.job
[2010.07.02 19:30:02 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2077806209-725345543-1008UA.job
[2010.07.02 19:12:21 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrik\Plocha\OTL.exe
[2010.07.02 19:09:41 | 000,343,020 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\ToolBarSD.exe
[2010.07.02 18:34:48 | 000,824,681 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\RSIT.exe
[2010.07.02 18:21:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
[2010.07.02 15:38:02 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\Rockstar North 2.bmp
[2010.07.02 15:07:33 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.07.02 15:07:29 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.07.02 14:15:02 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
[2010.07.02 14:15:02 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
[2010.07.02 14:15:02 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
[2010.07.02 14:14:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.02 14:14:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.02 14:13:32 | 007,864,320 | -H-- | M] () -- C:\Documents and Settings\Patrik\NTUSER.DAT
[2010.07.02 14:13:32 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Patrik\ntuser.ini
[2010.07.02 12:51:38 | 000,001,407 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\samp.lnk
[2010.07.02 12:50:25 | 053,785,488 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\setup_av_free.exe
[2010.07.02 12:30:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-2077806209-725345543-1008Core.job
[2010.07.01 15:46:20 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\Bully.lnk
[2010.07.01 06:53:46 | 000,001,872 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Need for Speed Underground 2.lnk
[2010.06.30 22:24:40 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Winamp.lnk
[2010.06.30 18:26:43 | 000,000,007 | ---- | M] () -- C:\tw0001.dat
[2010.06.29 16:22:17 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010.06.29 16:22:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010.06.29 16:20:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\avastSS.scr
[2010.06.28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.06.28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.06.28 20:07:15 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\SRS - Street Racing Syndicate.lnk
[2010.06.26 21:18:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
[2010.06.26 12:09:46 | 000,219,128 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.26 10:59:10 | 000,138,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.23 19:31:46 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.21 20:03:37 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.06.21 16:26:40 | 000,070,992 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010.06.21 16:26:04 | 000,008,224 | ---- | M] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.21 14:27:12 | 001,576,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.18 18:44:42 | 000,000,486 | ---- | M] () -- C:\Documents and Settings\Patrik\Plocha\Total Commander.lnk
[2010.06.15 22:31:24 | 000,022,328 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\PnkBstrK.sys
[2010.06.15 22:30:49 | 000,000,277 | ---- | M] () -- C:\WINDOWS\game.ini
[2010.06.14 22:01:15 | 000,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.06.11 21:33:31 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
[2010.06.11 17:24:55 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Xfire.lnk
[2010.06.09 16:17:44 | 001,068,920 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.09 16:17:44 | 000,451,540 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.09 16:17:44 | 000,448,380 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.09 16:17:44 | 000,084,760 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.09 16:17:44 | 000,074,274 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.09 16:12:34 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.06.06 23:04:37 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Screenshot Utility.lnk
[2010.06.06 20:48:21 | 000,081,173 | -H-- | M] () -- C:\treeinfo.wc
[2010.06.06 12:46:50 | 000,730,312 | -H-- | M] () -- C:\Documents and Settings\Patrik\Local Settings\Data aplikací\IconCache.db
[2010.06.05 14:22:05 | 000,000,972 | ---- | M] () -- C:\WINDOWS\win.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.07.02 19:09:41 | 000,343,020 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\ToolBarSD.exe
[2010.07.02 18:34:46 | 000,824,681 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\RSIT.exe
[2010.07.02 15:38:01 | 003,932,214 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\Rockstar North 2.bmp
[2010.07.02 15:07:33 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.07.02 12:49:10 | 053,785,488 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\setup_av_free.exe
[2010.07.01 15:45:52 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\Bully.lnk
[2010.06.30 22:24:40 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Winamp.lnk
[2010.06.30 18:26:43 | 000,000,007 | ---- | C] () -- C:\tw0001.dat
[2010.06.28 20:07:15 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\Patrik\Plocha\SRS - Street Racing Syndicate.lnk
[2010.06.26 23:36:15 | 000,001,872 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Need for Speed Underground 2.lnk
[2010.06.21 20:03:37 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.06.15 22:30:48 | 000,000,277 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.06.14 22:01:14 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.06.11 17:50:23 | 000,219,128 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.11 17:24:55 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Xfire.lnk
[2010.06.11 13:27:54 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
[2010.06.11 13:27:51 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
[2010.06.06 23:01:55 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Patrik\Nabídka Start\Programy\Po spuštění\Screenshot Utility.lnk
[2010.06.06 22:55:12 | 000,138,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.06 22:55:02 | 000,219,128 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.06.06 22:55:00 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.06.06 20:48:21 | 000,081,173 | -H-- | C] () -- C:\treeinfo.wc
[2010.06.04 06:47:35 | 000,000,302 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2010.06.04 06:47:32 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[2010.05.28 02:04:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.05.14 13:08:05 | 000,000,079 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.05.14 13:01:49 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.04.07 22:18:08 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010.03.13 00:17:20 | 000,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2010.03.12 23:52:30 | 000,001,291 | ---- | C] () -- C:\WINDOWS\MultiTimer.ini
[2010.03.12 16:01:45 | 000,000,592 | ---- | C] () -- C:\WINDOWS\Calendar.INI
[2010.01.24 23:26:55 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\LtDlgRes14n.dll
[2009.11.16 18:33:38 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009.11.15 16:15:36 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2009.11.14 15:39:41 | 000,000,090 | ---- | C] () -- C:\WINDOWS\wa.INI
[2009.10.29 11:10:34 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.10.29 11:10:22 | 000,022,290 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.10.29 11:10:04 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.10.29 09:26:10 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002.09.23 14:00:00 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\msn26640.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[1993.07.23 20:31:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll

========== LOP Check ==========

[2010.02.06 23:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AIM
[2010.02.06 23:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AIM Toolbar
[2010.07.02 15:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.06.14 21:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.11.03 17:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverScanner
[2010.05.22 08:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.11.20 17:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.04.07 22:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\iolo
[2010.01.22 18:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\launcher
[2010.06.09 16:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.07.02 14:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.01.24 19:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2009.11.03 17:01:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2010.02.21 17:29:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{86F20894-D848-4D00-8462-4FFD718EB289}
[2010.01.16 01:02:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}
[2010.05.27 20:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\desksware
[2010.05.22 16:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\ESET
[2009.12.21 19:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\GHISLER
[2010.01.04 19:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\ICQ
[2010.05.13 15:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\OpenOffice.org
[2009.11.17 19:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\Opera
[2010.01.20 20:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\Stardock
[2010.05.27 19:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\ViGlance
[2010.05.27 09:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\ViSplore
[2010.05.27 09:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\ViStart
[2010.05.09 16:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\VitySoft
[2010.05.22 16:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\Windows Desktop Search
[2010.05.27 20:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\Windows Search
[2009.12.12 20:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danča\Data aplikací\Zoner
[2010.05.23 21:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dominik\Data aplikací\ESET
[2010.01.16 09:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dominik\Data aplikací\ICQ
[2010.01.02 11:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dominik\Data aplikací\Opera
[2010.01.16 09:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dominik\Data aplikací\Stardock
[2010.05.23 21:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dominik\Data aplikací\Windows Desktop Search
[2010.02.06 23:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\acccore
[2010.03.20 01:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AD ON Multimedia
[2010.02.08 23:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Any Video Converter Professional
[2010.06.15 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Auslogics
[2010.02.06 21:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\CometNetwork
[2010.06.06 22:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools Lite
[2010.03.12 16:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\desksware
[2010.03.13 01:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\eehl
[2010.05.22 08:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ESET
[2009.11.01 18:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\GHISLER
[2009.12.05 10:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\gtk-2.0
[2010.01.16 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2010.04.07 22:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\iolo
[2009.11.17 17:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Opera
[2010.05.24 21:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ProgSense
[2010.06.09 16:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Publish Providers
[2009.10.29 20:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\QIP
[2010.02.08 23:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Red Kawa
[2010.02.08 23:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Regensoft
[2010.05.21 23:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Registry Mechanic
[2010.01.24 18:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Software Informer
[2010.06.09 16:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony
[2010.02.08 22:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Setup
[2010.05.03 21:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2010.01.16 01:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Stardock
[2010.04.02 14:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\TS3Client
[2010.01.24 19:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Ulead Systems
[2010.01.10 15:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Uniblue
[2010.05.26 17:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ViGlance
[2010.05.26 17:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ViSplore
[2010.05.26 17:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ViStart
[2010.02.08 20:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\VitySoft
[2010.03.16 00:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\WeatherPulse
[2010.05.21 23:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Windows Desktop Search
[2010.05.22 00:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Windows Search
[2009.12.05 10:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Zoner
[2010.07.02 19:35:00 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9C10480B-93C6-4E37-91DA-96E8674D38DE}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 16:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.08.17 16:49:26 | 001,667,584 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.01.06 17:15:19 | 000,135,664 | ---- | M] (Google Inc.)
"QIP2005" = C:\Program Files\QIP\qip.exe -- [2009.08.13 11:43:54 | 003,276,288 | ---- | M] (The Author of QIP)
"fsm" =
"RegistryMechanic" = D:\Registry Mechanic\RegMech.exe /H -- [2009.11.25 15:42:58 | 003,176,408 | ---- | M] (PC Tools)
"SkinClock" = C:\Program Files\Free Desktop Clock\DesktopClock.exe -- [2006.10.01 17:50:28 | 000,334,848 | ---- | M] ()
"Calendar" = D:\Documents and Settings\Patrik\Desktop iCal\Calendar.exe -- File not found
"QuickTime Task" = "C:\Program Files\QuickTime\QTTask.exe" -atboottime -- [2009.11.11 00:08:18 | 000,417,792 | ---- | M] (Apple Inc.)
"DAEMON Tools Lite" = "D:\DAEMON Tools Lite\daemon.exe" -autorun -- [2009.04.23 15:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.02.06 23:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\acccore
[2010.03.20 01:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AccurateRip
[2010.03.20 01:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\AD ON Multimedia
[2010.06.30 18:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Adobe
[2010.02.08 23:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Any Video Converter Professional
[2010.02.08 22:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Apple Computer
[2009.10.29 10:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ATI
[2010.06.15 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Auslogics
[2010.02.06 21:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\CometNetwork
[2010.06.06 22:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\DAEMON Tools Lite
[2010.03.12 16:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\desksware
[2010.02.08 22:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\dvdcss
[2010.03.13 01:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\eehl
[2010.05.22 08:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ESET
[2009.11.01 18:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\GHISLER
[2009.12.05 10:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\gtk-2.0
[2010.01.24 19:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Help
[2010.01.16 11:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ICQ
[2009.10.29 10:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Identities
[2010.04.07 22:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\iolo
[2009.10.29 19:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Macromedia
[2010.05.21 23:45:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft
[2010.02.06 21:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla
[2009.11.05 17:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Nero
[2009.11.17 17:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Opera
[2010.05.24 21:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ProgSense
[2010.03.04 18:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\PSpad
[2010.06.09 16:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Publish Providers
[2009.10.29 20:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\QIP
[2010.05.14 13:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Real
[2010.02.08 23:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Red Kawa
[2010.02.08 23:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Regensoft
[2010.05.21 23:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Registry Mechanic
[2010.06.14 22:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Skype
[2010.06.05 16:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\skypePM
[2010.01.24 18:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Software Informer
[2010.06.09 16:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony
[2010.02.08 22:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sony Setup
[2010.05.03 21:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\SpinTop
[2010.01.16 01:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Stardock
[2010.02.07 22:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Sun
[2010.04.02 14:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\TS3Client
[2010.01.24 19:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Ulead Systems
[2010.01.10 15:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Uniblue
[2010.05.26 17:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ViGlance
[2010.05.26 17:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ViSplore
[2010.05.26 17:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\ViStart
[2010.02.08 20:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\VitySoft
[2010.06.26 12:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\vlc
[2010.03.16 00:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\WeatherPulse
[2010.06.30 22:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Winamp
[2010.05.21 23:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Windows Desktop Search
[2010.05.22 00:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Windows Search
[2010.03.12 12:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\WinRAR
[2010.07.02 13:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Xfire
[2009.12.05 10:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2008.01.15 13:32:26 | 000,088,576 | ---- | M] (AD ON Multimedia Advertising GmbH) -- C:\Documents and Settings\Patrik\Data aplikací\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe
[2010.03.03 20:08:18 | 000,487,336 | ---- | M] (iolo technologies, LLC) -- C:\Documents and Settings\Patrik\Data aplikací\iolo\IRestartStub.exe
[2010.02.08 22:37:59 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2010.06.09 16:10:05 | 052,770,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Patrik\Data aplikací\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe
[2010.02.08 22:35:53 | 032,494,896 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Patrik\Data aplikací\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
[2010.02.08 22:33:25 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Patrik\Data aplikací\Sony Setup\A34E95A5-C379-4746-B607-09AE7B36A102\WMFDist11-WindowsXP-x86-ENU.exe
[2010.02.02 23:14:29 | 007,052,368 | ---- | M] (ZONER software ) -- C:\Documents and Settings\Patrik\Data aplikací\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build06.exe
[2010.05.01 17:49:38 | 007,372,128 | ---- | M] (ZONER software ) -- C:\Documents and Settings\Patrik\Data aplikací\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build08.exe
[2010.06.09 17:51:24 | 007,377,592 | ---- | M] (ZONER software ) -- C:\Documents and Settings\Patrik\Data aplikací\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build09.exe


< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.09.23 14:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2002.09.23 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2002.09.23 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.23 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2002.09.23 14:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 16:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 16:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) MD5=4D32D7FFC2F583FE21EF0A4F99EABB12 -- C:\WINDOWS\system32\VITrans\explorer.exe
[2004.08.17 16:49:24 | 001,438,208 | ---- | M] (Microsoft Corporation) MD5=D528D77EAD3C7A52A4F17D45D2809E81 -- C:\WINDOWS\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2002.09.23 14:00:00 | 000,129,920 | ---- | M] (Microsoft Corporation) MD5=308709E92843DFF3A5CDCA069F6F5C61 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 23:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2002.09.23 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2002.09.23 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

[P@tRiCk_]

Naskočilo mi 2x to samé pardon

[P@tRiCk_]

< MD5 for: NDIS.SYS >
[2002.09.23 14:00:00 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.23 14:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
OLT 3:
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2002.09.23 14:00:00 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2002.09.23 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2002.09.23 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2002.09.23 14:00:00 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
[2002.09.23 14:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2002.09.23 14:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2002.09.23 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007.12.05 05:05:14 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2009.03.08 04:31:56 | 000,183,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[2009.12.17 06:53:54 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.14 22:01:15 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.10.29 09:58:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.10.29 09:58:51 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.10.29 09:58:51 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2007.12.05 05:05:14 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2009.03.08 04:31:56 | 000,183,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[2009.12.17 06:53:54 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.07.02 15:07:29 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2010.07.02 14:17:58 | 000,163,962 | ---- | M] () -- C:\WINDOWS\system32\INSTALL.LOG
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 263 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C9E1E431
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9DF0785A
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:08948D52
< End of report >

< MD5 for: [2002.09.23 14:00:00 | 000,011,776 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe

< MD5 for: [2002.09.23 14:00:00 | 000,012,800 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: [2002.09.23 14:00:00 | 000,022,016 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: [2002.09.23 14:00:00 | 000,035,840 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: [2002.09.23 14:00:00 | 000,045,568 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: [2002.09.23 14:00:00 | 000,047,488 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: [2002.09.23 14:00:00 | 000,049,152 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: [2002.09.23 14:00:00 | 000,053,248 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll

< MD5 for: [2002.09.23 14:00:00 | 000,075,264 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< MD5 for: [2002.09.23 14:00:00 | 000,086,912 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: [2002.09.23 14:00:00 | 000,129,920 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,129,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: [2002.09.23 14:00:00 | 000,167,552 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,167,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: [2002.09.23 14:00:00 | 000,179,200 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: [2002.09.23 14:00:00 | 000,332,928 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,332,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

< MD5 for: [2002.09.23 14:00:00 | 000,399,360 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: [2002.09.23 14:00:00 | 000,516,608 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: [2002.09.23 14:00:00 | 001,004,544 | ---- | M] (MICROSOFT CORPORATION) >
[2002.09.23 14:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: [2004.08.03 23:59:14 | 000,134,400 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.03 23:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: [2004.08.03 23:59:20 | 000,105,472 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\hal.dll

< MD5 for: [2004.08.03 23:59:44 | 000,095,360 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: [2004.08.03 23:59:54 | 000,049,536 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: [2004.08.04 00:00:14 | 000,008,192 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: [2004.08.04 00:07:42 | 000,042,368 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: [2004.08.04 00:14:30 | 000,182,912 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: [2004.08.04 00:14:42 | 000,359,040 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: [2004.08.17 16:49:04 | 000,060,416 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: [2004.08.17 16:49:08 | 000,055,808 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: [2004.08.17 16:49:14 | 000,407,040 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: [2004.08.17 16:49:18 | 000,184,832 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll

< MD5 for: [2004.08.17 16:49:22 | 000,082,944 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll

< MD5 for: [2004.08.17 16:49:24 | 000,013,312 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe

< MD5 for: [2004.08.17 16:49:24 | 000,974,848 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 16:49:24 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\VITrans\explorer.exe

< MD5 for: [2004.08.17 16:49:24 | 001,438,208 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:24 | 001,438,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

< MD5 for: [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe

< MD5 for: [2004.08.17 16:49:28 | 000,024,576 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userinit.exe

< MD5 for: [2004.08.17 16:49:28 | 000,050,688 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe

< MD5 for: [2004.08.17 16:49:28 | 000,502,272 | ---- | M] (MICROSOFT CORPORATION) >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys

< MD5 for: CDROM.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys

< MD5 for: HAL.DLL >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007.12.05 05:05:14 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2009.03.08 04:31:56 | 000,183,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[2009.12.17 06:53:54 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.14 22:01:15 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.10.29 09:58:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.10.29 09:58:51 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.10.29 09:58:51 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2007.12.05 05:05:14 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2009.03.08 04:31:56 | 000,183,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[2009.12.17 06:53:54 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.07.02 15:07:29 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2010.07.02 14:17:58 | 000,163,962 | ---- | M] () -- C:\WINDOWS\system32\INSTALL.LOG
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

[Caroprd111]

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1007\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll ()
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: - Reg Error: Key error. File not found
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
IE - HKU\S-1-5-21-1801674531-2077806209-725345543-1008\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic English TC Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2040441&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Softonic English TC Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2040441&SearchSource=13"

[2010.06.06 22:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\DTToolbar@toolbarnet.com
[2010.04.21 12:12:48 | 000,000,941 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\conduit.xml
[2010.06.14 22:09:50 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\daemon-search.xml
O4 - HKLM..\Run: [KernelFaultCheck] File not found
[2010.05.26 16:38:11 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\qipsearch.xml
O4 - HKLM..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe ()
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1007..\Run: [viwc] C:\WINDOWS\system32\viwc.exe ()
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [Calendar] D:\Documents and Settings\Patrik\Desktop iCal\Calendar.exe File not found
O4 - HKU\S-1-5-21-1801674531-2077806209-725345543-1008..\Run: [fsm] File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O15 - HKU\S-1-5-21-1801674531-2077806209-725345543-1003\..Trusted Domains: ([]msn in Tento počítač)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O33 - MountPoints2\{3ff50580-fa18-11de-b337-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{92df2777-c491-11de-b2ba-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{92df2778-c491-11de-b2ba-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e07d19-050b-11df-b349-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e07d1a-050b-11df-b349-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{baf538b6-f0a7-11de-b324-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ca80634e-f215-11de-b326-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ca80634f-f215-11de-b326-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{d346d7b2-2e73-11df-9952-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ef367217-f13f-11de-b325-0018f3a98425}\Shell - "" = AutoRun
O33 - MountPoints2\{ef367219-f13f-11de-b325-0018f3a98425}\Shell - "" = AutoRun
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

:Files
C/windows/Temp

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Klikněte na Opravit, PC se restartuje, log vložte sem.

[P@tRiCk_]

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1801674531-2077806209-725345543-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\Software\Microsoft\Internet Explorer\URLSearchHooks\\{C94E154B-1459-4A47-966B-4B843BEFC7DB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C94E154B-1459-4A47-966B-4B843BEFC7DB}\ deleted successfully.
C:\Program Files\AskSearch\bin\DefaultSearch.dll moved successfully.
HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1801674531-2077806209-725345543-1008\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
Prefs.js: "DAEMON Search" removed from browser.search.selectedEngine
Prefs.js: "DAEMON Search" removed from browser.search.selectedEngine
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "Softonic English TC Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Softonic English TC Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://search.conduit.com/?ctid=CT20404 ... hSource=13" removed from browser.startup.homepage
C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully.
C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully.
C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully.
C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\extensions\DTToolbar@toolbarnet.com folder moved successfully.
C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\daemon-search.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
C:\Documents and Settings\Patrik\Data aplikací\Mozilla\Firefox\Profiles\27rbcdvt.default\searchplugins\qipsearch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vilaunch deleted successfully.
C:\WINDOWS\system32\vilaunch.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1007\Software\Microsoft\Windows\CurrentVersion\Run\\viwc deleted successfully.
C:\WINDOWS\system32\viwc.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\Software\Microsoft\Windows\CurrentVersion\Run\\Calendar deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1008\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
Registry value HKEY_USERS\S-1-5-21-1801674531-2077806209-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ff50580-fa18-11de-b337-0018f3a98425}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3ff50580-fa18-11de-b337-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92df2777-c491-11de-b2ba-0018f3a98425}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92df2777-c491-11de-b2ba-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92df2778-c491-11de-b2ba-0018f3a98425}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92df2778-c491-11de-b2ba-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0e07d19-050b-11df-b349-0018f3a98425}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0e07d19-050b-11df-b349-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0e07d1a-050b-11df-b349-0018f3a98425}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0e07d1a-050b-11df-b349-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{baf538b6-f0a7-11de-b324-0018f3a98425}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{baf538b6-f0a7-11de-b324-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca80634e-f215-11de-b326-0018f3a98425}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ca80634e-f215-11de-b326-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca80634f-f215-11de-b326-0018f3a98425}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ca80634f-f215-11de-b326-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d346d7b2-2e73-11df-9952-0018f3a98425}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d346d7b2-2e73-11df-9952-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef367217-f13f-11de-b325-0018f3a98425}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef367217-f13f-11de-b325-0018f3a98425}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef367219-f13f-11de-b325-0018f3a98425}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef367219-f13f-11de-b325-0018f3a98425}\ not found.
C:\WINDOWS\002307_.tmp deleted successfully.
C:\WINDOWS\021C80909D2E4F41841B8006A25D63A8.TMP\WiseCustomCalla1.dll deleted successfully.
C:\WINDOWS\021C80909D2E4F41841B8006A25D63A8.TMP\WiseData.ini deleted successfully.
C:\WINDOWS\021C80909D2E4F41841B8006A25D63A8.TMP folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\System32\02.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
Invalid Switch: Temp
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Danča
->Temp folder emptied: 1456130474 bytes
->Temporary Internet Files folder emptied: 19904824 bytes
->Java cache emptied: 1860637 bytes
->FireFox cache emptied: 12504207 bytes
->Opera cache emptied: 107508213 bytes
->Flash cache emptied: 28257 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Dominik
->Temp folder emptied: 96638881 bytes
->Temporary Internet Files folder emptied: 66557403 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 819222 bytes
->Flash cache emptied: 97361 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Majša

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Patrik
->Temp folder emptied: 801493632 bytes
->Temporary Internet Files folder emptied: 10353114 bytes
->Java cache emptied: 1525157 bytes
->FireFox cache emptied: 80856443 bytes
->Google Chrome cache emptied: 95880440 bytes
->Opera cache emptied: 45842549 bytes
->Flash cache emptied: 209533 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2551225202 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 5 102,00 mb


[EMPTYFLASH]

User: All Users

User: Danča
->Flash cache emptied: 0 bytes

User: Default User

User: Dominik
->Flash cache emptied: 0 bytes

User: LocalService

User: Majša

User: NetworkService

User: Patrik
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.7.0 log created on 07022010_205533

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
C:\WINDOWS\temp\NOD2DD.tmp moved successfully.
C:\WINDOWS\temp\NOD2DF.tmp moved successfully.

Registry entries deleted on Reboot...