Win XP přestal komunikovat

[TomasN80]

Zdravím! Nyní pracuji v nouzovém režimu, protože při spuštění Win XP obvyklým způsobem, naběhne plocha, nedojde k připojení do sítě (ikonky na straně hodin nenaběhnou), nelze otevřít word dokumenty, při snaze něco spustit přes nabídku START dojde k zamrznutí (myš běží, nabídka START zůstane zobrazena a systém nic nekoná, led HDD nebliká). Budu Vám velmi vděčný za radu, Tomáš.

Zde je log z RSIT..

Logfile of random's system information tool 1.07 (written by random/random)
Run by tomas pavelka at 2010-07-07 17:02:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 5 GB (14%) free of 37 GB
Total RAM: 1535 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:28, on 07/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Safe mode with network support

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Mozilla Firefox\firefox.exe
G:\Download\RSIT.exe
E:\Program Files\trend micro\tomas pavelka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] E:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] E:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [ICQ] "E:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Win32 USB2 Driver] winupdate.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Wireless Provider Server] wpsvr.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Win32 USB2.0 Driver] 386.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Win32 Configuration] videosd32.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SAmail] E:\Documents and Settings\tomas pavelka\Plocha\e-mail from#ahlem_3ishk@yahoo.fr.htm (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Win32 USB2 Driver] winupdate.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Win32 USB2 Driver] winupdate.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: D-Link AirPlus.lnk = ?
O8 - Extra context menu item: Blokovat všechny obrázky ze stejného serveru - E:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Hledat - E:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Otevřít všechny odkazy na této stránce... - E:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Přidat do seznamu blokovaných reklam - E:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Send To &Bluetooth - E:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zvýraznit - E:\Program Files\Avant Browser\Highlight.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - E:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - E:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.cz
O16 - DPF: {11111111-1111-1111-1111-111111111111} - ms-its:mhtml:file://C:\ss.MHT!http://sexpicsworld.com/ebook.chm::/loader.exe
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/ ... module.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{28AB331B-BD4F-40F0-9F0E-C271FADC6F0B}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - E:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - E:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - E:\Program Files\iolo\common\lib\ioloServiceManager.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - G:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe
O23 - Service: OracleServiceXE - Oracle Corporation - g:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE
O23 - Service: OracleXEClrAgent - Unknown owner - G:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe
O23 - Service: OracleXETNSListener - Unknown owner - G:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - E:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - E:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 9500 bytes

======Scheduled tasks folder======

E:\WINDOWS\tasks\1-Click Maintenance.job
E:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-879983540-725345543-1003Core.job
E:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-879983540-725345543-1003UA.job
E:\WINDOWS\tasks\User_Feed_Synchronization-{545BF149-EEB3-47D9-B1F5-8FD23C7D32B5}.job
E:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-01-06 335872]
"DAEMON Tools"=E:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920]
"SunJavaUpdateSched"=E:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280]
"PWRISOVM.EXE"=E:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
"avast5"=E:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"updateMgr"=E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2005-10-24 307200]
"ICQ"=E:\Program Files\ICQ7.0\ICQ.exe [2010-06-08 133368]

E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - E:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
D-Link AirPlus.lnk - E:\Program Files\D-Link AirPlus\AirPlus.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2004-01-06 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ICQLite\ICQLite.exe"="E:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"G:\3dsmax6\3dsmax.exe"="G:\3dsmax6\3dsmax.exe:*:Enabled:3ds max application"
"E:\Program Files\UnrealTournament\System\UnrealTournament.exe"="E:\Program Files\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:MFC-Anwendung HLSW"
"G:\Install_Soft\NFK070\NFK.exe"="G:\Install_Soft\NFK070\NFK.exe:*:Enabled:NFK"
"E:\Program Files\EA Games\Need For Speed Underground\Speed.exe"="E:\Program Files\EA Games\Need For Speed Underground\Speed.exe:*:Enabled:Speed"
"E:\Program Files\Westwood\Sun\PATCHGET.DAT"="E:\Program Files\Westwood\Sun\PATCHGET.DAT:*:Enabled:patchgrabber"
"E:\Program Files\Westwood\Sun\Game.exe"="E:\Program Files\Westwood\Sun\Game.exe:*:Enabled:Main executable for Tiberian Sun"
"E:\games\games\AOE2AOK\empires2.EXE"="E:\games\games\AOE2AOK\empires2.EXE:*:Enabled:Age of Empires II"
"G:\Gamesy_instal\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="G:\Gamesy_instal\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"E:\Program Files\LimeWire\LimeWire.exe"="E:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"E:\WINDOWS\system32\dpvsetup.exe"="E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"E:\Program Files\DC++\DCPlusPlus.exe"="E:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"G:\Install_Soft\CZDC++\CZDCPlusPlus.exe"="G:\Install_Soft\CZDC++\CZDCPlusPlus.exe:*:Enabled:CZDC++"
"E:\Program Files\MSN Messenger\msnmsgr.exe"="E:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"E:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="E:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\Microsoft Games\Age of Empires II\empires2.EXE"="E:\Program Files\Microsoft Games\Age of Empires II\empires2.EXE:*:Enabled:Age of Empires II"
"E:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe"="E:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk"
"E:\Program Files\Winamp Remote\bin\Orb.exe"="E:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"E:\Program Files\Winamp Remote\bin\OrbTray.exe"="E:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"E:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="E:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\Bonjour\mDNSResponder.exe"="E:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\ICQ6\ICQ.exe"="E:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"E:\Casino\bwin Casino\casino.exe"="E:\Casino\bwin Casino\casino.exe:*:Enabled:casino"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"E:\Program Files\ICQ6.5\ICQ.exe"="E:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"E:\Program Files\Java\jre6\bin\javaw.exe"="E:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Program Files\Java\jre6\bin\java.exe"="E:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Program Files\Java\jdk1.5.0_03\jre\bin\java.exe"="E:\Program Files\Java\jdk1.5.0_03\jre\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\MSN Messenger\msnmsgr.exe"="E:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\Autorun.exe


======File associations======

.js - edit - "E:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open - NOTEPAD.EXE %1
.reg - open - NOTEPAD.EXE %1
.scr - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2010-07-07 17:02:19 ----D---- E:\Program Files\trend micro
2010-07-07 17:02:18 ----D---- E:\rsit
2010-07-07 12:44:28 ----SHD---- E:\WINDOWS\CSC
2010-07-07 12:44:16 ----A---- E:\WINDOWS\ntbtlog.txt
2010-06-18 11:13:26 ----A---- E:\WINDOWS\system32\javaws.exe
2010-06-18 11:13:26 ----A---- E:\WINDOWS\system32\javaw.exe
2010-06-18 11:13:26 ----A---- E:\WINDOWS\system32\java.exe
2010-06-18 10:58:50 ----DC---- E:\WINDOWS\$NtUninstallKB942288-v3$
2010-06-18 10:58:10 ----D---- E:\Program Files\Microsoft SQL Server
2010-06-18 10:57:56 ----D---- E:\Program Files\Microsoft Synchronization Services
2010-06-18 10:57:55 ----D---- E:\Program Files\Microsoft SQL Server Compact Edition
2010-06-18 10:54:25 ----D---- E:\Program Files\Microsoft Visual Studio 9.0
2010-06-18 10:53:59 ----D---- E:\Program Files\Microsoft SDKs
2010-06-15 15:03:12 ----D---- E:\Program Files\MSECache
2010-06-10 15:09:16 ----A---- E:\log.txt
2010-06-09 03:06:00 ----HDC---- E:\WINDOWS\$NtUninstallKB980218$
2010-06-09 03:05:54 ----HDC---- E:\WINDOWS\$NtUninstallKB980195$
2010-06-09 03:05:46 ----HDC---- E:\WINDOWS\$NtUninstallKB979559$
2010-06-09 03:02:14 ----HDC---- E:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-09 03:02:00 ----HDC---- E:\WINDOWS\$NtUninstallKB979482$
2010-06-09 03:01:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975562$

======List of files/folders modified in the last 1 months======

2010-07-07 17:02:19 ----AD---- E:\Program Files
2010-07-07 16:48:16 ----D---- E:\Program Files\Mozilla Firefox
2010-07-07 15:54:00 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-07-07 15:48:34 ----D---- E:\WINDOWS\Temp
2010-07-07 15:39:10 ----D---- E:\WINDOWS\Prefetch
2010-07-07 15:22:38 ----D---- E:\WINDOWS\system32
2010-07-07 15:21:35 ----D---- E:\WINDOWS\system32\config
2010-07-07 15:20:51 ----D---- E:\WINDOWS\system32\wbem
2010-07-07 15:20:49 ----D---- E:\WINDOWS\Registration
2010-07-07 15:19:56 ----SHD---- E:\WINDOWS\Installer
2010-07-07 15:19:56 ----SHD---- E:\Config.Msi
2010-07-07 15:19:56 ----RSD---- E:\WINDOWS\Fonts
2010-07-07 15:19:00 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-07-07 15:18:57 ----HD---- E:\WINDOWS\inf
2010-07-07 15:18:57 ----D---- E:\WINDOWS
2010-07-07 15:18:12 ----D---- E:\WINDOWS\system32\drivers
2010-07-07 15:16:32 ----D---- E:\WINDOWS\WinSxS
2010-07-07 15:12:52 ----D---- E:\Documents and Settings\tomas pavelka\Data aplikací\ChessBase
2010-07-03 14:46:53 ----D---- E:\Documents and Settings\tomas pavelka\Data aplikací\Skype
2010-06-25 15:58:39 ----D---- E:\Program Files\bwin
2010-06-23 03:11:55 ----RSD---- E:\WINDOWS\assembly
2010-06-23 03:09:23 ----D---- E:\WINDOWS\Microsoft.NET
2010-06-18 18:17:11 ----D---- E:\Documents and Settings\tomas pavelka\Data aplikací\vlc
2010-06-18 11:16:56 ----D---- E:\Program Files\Common Files\Microsoft Shared
2010-06-18 11:16:44 ----D---- E:\WINDOWS\system32\1033
2010-06-18 11:16:31 ----D---- E:\Program Files\Microsoft.NET
2010-06-18 11:13:24 ----D---- E:\Program Files\Java
2010-06-18 11:04:41 ----D---- E:\WINDOWS\system32\CatRoot2
2010-06-18 10:59:31 ----A---- E:\WINDOWS\imsins.BAK
2010-06-18 10:59:26 ----D---- E:\WINDOWS\system32\mui
2010-06-18 10:59:24 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-06-18 10:58:05 ----D---- E:\Temp
2010-06-18 10:58:01 ----SD---- E:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-06-18 10:56:49 ----SD---- E:\Documents and Settings\tomas pavelka\Data aplikací\Microsoft
2010-06-15 15:03:48 ----D---- E:\Program Files\Microsoft Office
2010-06-13 17:13:34 ----A---- E:\WINDOWS\ChssBase.ini
2010-06-13 08:42:35 ----D---- E:\Program Files\ICQ7.0
2010-06-12 14:46:03 ----D---- E:\Program Files\PokerStars.NET
2010-06-12 12:37:34 ----A---- E:\WINDOWS\NeroDigital.ini
2010-06-11 03:04:07 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2010-06-09 03:05:53 ----HD---- E:\WINDOWS\$hf_mig$
2010-06-09 03:01:01 ----D---- E:\Program Files\Internet Explorer
2010-06-09 03:00:49 ----D---- E:\WINDOWS\ie7updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 SSHDRV65;SSHDRV65; \??\E:\WINDOWS\System32\drivers\SSHDRV65.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; E:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R3 AIRPLUS;D-Link AirPlus Wireless Adapter; E:\WINDOWS\System32\DRIVERS\airplus.sys [2003-09-08 255360]
R3 dtscsi;dtscsi; E:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-24 223128]
R3 NVENET;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\System32\DRIVERS\NVENET.sys [2004-01-29 93764]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
S1 AmdK7;Ovladač procesoru AMD K7; E:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
S1 aswSP;aswSP; E:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
S1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
S1 SCDEmu;SCDEmu; E:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
S2 aslm75;aslm75; \??\E:\WINDOWS\system32\drivers\aslm75.sys []
S2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
S2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
S2 BTSERIAL;Bluetooth Serial Driver; \??\E:\WINDOWS\system32\drivers\btserial.sys []
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\E:\WINDOWS\system32\drivers\btslbcsp.sys []
S2 CdaC15BA;CdaC15BA; \??\E:\WINDOWS\System32\drivers\CDAC15BA.SYS []
S2 NPF;NetGroup Packet Filter Driver; E:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
S3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
S3 ati2mtag;ati2mtag; E:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-01-06 647680]
S3 Bridge;Most MAC; E:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; E:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 btaudio;Bluetooth Audio Device; E:\WINDOWS\system32\drivers\btaudio.sys [2005-03-29 400256]
S3 BTDriver;Bluetooth Virtual Communications Driver; E:\WINDOWS\system32\DRIVERS\btport.sys [2005-03-29 30299]
S3 BthEnum;Služba Bluetooth Enumerator; E:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); E:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; E:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; E:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTKRNL;Bluetooth Bus Enumerator; E:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-03-29 1340698]
S3 BTWDNDIS;Bluetooth LAN Access Server; E:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-03-29 148040]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; E:\WINDOWS\System32\Drivers\btwusb.sys [2005-03-29 55448]
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctljystk;Game port pro zařízení Creative SB Live!; E:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 Edspport;EDSP Port Driver; E:\WINDOWS\System32\DRIVERS\es56tpi.sys [2001-10-24 347550]
S3 emu10k;Creative SB Live! (WDM); E:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
S3 emu10k1;Creative Interface Manager Driver (WDM); E:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
S3 HidUsb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; E:\WINDOWS\system32\drivers\nvax.sys [2004-03-03 40832]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; E:\WINDOWS\system32\drivers\nvapu.sys [2004-03-03 320640]
S3 PAC207;VideoCAM GE111; E:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); E:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 sfman;Creative SoundFont Manager Driver (WDM); E:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); E:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 w800bus;Sony Ericsson W800 driver (WDM); E:\WINDOWS\system32\DRIVERS\w800bus.sys [2005-05-24 52384]
S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\w800mdfl.sys [2005-05-24 6096]
S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; E:\WINDOWS\system32\DRIVERS\w800mdm.sys [2005-05-24 87424]
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; E:\WINDOWS\system32\DRIVERS\w800mgmt.sys [2005-05-24 79216]
S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; E:\WINDOWS\system32\DRIVERS\w800obex.sys [2005-05-24 77040]
S3 Wdf01000;Wdf01000; E:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Apple Mobile Device;Apple Mobile Device; E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
S2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\System32\Ati2evxx.exe [2004-01-06 397312]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2004-01-06 516096]
S2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 Bonjour Service;Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
S2 BthServ;Bluetooth Support Service; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 btwdins;Bluetooth Service; E:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe [2005-03-29 254007]
S2 C-DillaCdaC11BA;C-DillaCdaC11BA; E:\WINDOWS\System32\drivers\CDAC11BA.EXE [2004-07-20 54784]
S2 ioloFileInfoList;iolo FileInfoList Service; E:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S2 ioloSystemService;iolo System Service; E:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376]
S2 OracleServiceXE;OracleServiceXE; g:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [2006-02-02 59064320]
S2 OracleXETNSListener;OracleXETNSListener; G:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-02 204800]
S2 STI Simulator;STI Simulator; E:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S2 UMWdf;Windows User Mode Driver Framework; E:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-22 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; e:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; e:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Macromedia Licensing Service;Macromedia Licensing Service; E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2005-03-28 68096]
S3 OracleMTSRecoveryService;OracleMTSRecoveryService; G:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [2006-02-02 57616]
S3 OracleXEClrAgent;OracleXEClrAgent; G:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [2006-02-02 45056]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; e:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; g:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [2006-02-02 102400]
S4 Poxaabp2;Poxaabp2; E:\WINDOWS\system32\drivers\hidparse.sys [2008-04-13 24960]

-----------------EOF-----------------

[Caroprd111]

Zdravím


Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[TomasN80]

Provedeno..

Zde je OTL.txt..

OTL logfile created on: 07/07/2010 19:45:12 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = E:\Documents and Settings\tomas pavelka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: MM/dd/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): E:\pagefile.sys 384 768 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 1,92 Gb Total Space | 0,38 Gb Free Space | 19,75% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
Drive E: | 35,80 Gb Total Space | 4,94 Gb Free Space | 13,78% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 38,72 Gb Total Space | 2,09 Gb Free Space | 5,41% Space Free | Partition Type: NTFS
Drive H: | 2,00 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 3,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: TOMAS
Current User Name: tomas pavelka
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/07 19:42:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\tomas pavelka\Plocha\OTL.exe
PRC - [2010/04/04 13:45:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/07/07 19:42:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\tomas pavelka\Plocha\OTL.exe
MOD - [2008/04/14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (Rasptmg)
SRV - File not found [Auto | Stopped] -- E:\Program Files\iolo\common\lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - File not found [Auto | Stopped] -- E:\Program Files\iolo\common\lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - File not found [Disabled | Stopped] -- E:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/05/06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- E:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- E:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Stopped] -- E:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- E:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/11/11 10:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- E:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/07/29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- e:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/03/22 16:49:56 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2006/02/02 01:51:06 | 000,045,056 | ---- | M] () [On_Demand | Stopped] -- G:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe -- (OracleXEClrAgent)
SRV - [2006/02/02 01:49:14 | 000,204,800 | ---- | M] () [Auto | Stopped] -- G:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE -- (OracleXETNSListener)
SRV - [2006/02/02 01:47:28 | 000,057,616 | ---- | M] (Oracle Corporation) [On_Demand | Stopped] -- G:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe -- (OracleMTSRecoveryService)
SRV - [2006/02/02 01:44:06 | 000,102,400 | ---- | M] () [Disabled | Stopped] -- g:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe -- (OracleJobSchedulerXE)
SRV - [2006/02/02 01:43:44 | 059,064,320 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- g:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE -- (OracleServiceXE)
SRV - [2005/03/29 16:20:28 | 000,254,007 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- E:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2005/03/28 09:38:27 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2005/01/14 10:32:38 | 000,053,248 | ---- | M] () [Auto | Stopped] -- E:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
SRV - [2004/07/20 20:51:28 | 000,054,784 | ---- | M] (Macrovision) [Auto | Stopped] -- E:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)


========== Driver Services (SafeList) ==========

DRV - [2010/05/06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- E:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- E:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- E:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/05/06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- E:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- E:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- E:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/03/15 12:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- E:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/09/15 08:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/09/15 08:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/09/15 08:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/09/15 08:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/03/01 19:51:15 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- E:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/02/14 16:48:36 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- E:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/12/24 18:19:26 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- E:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2005/12/24 18:05:44 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2005/11/03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- E:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/08/10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- E:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005/05/24 16:01:16 | 000,077,040 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005/05/24 16:00:56 | 000,079,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005/05/24 16:00:46 | 000,087,424 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005/05/24 16:00:44 | 000,006,096 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005/05/24 16:00:37 | 000,052,384 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005/04/08 11:46:18 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\PFC027.sys -- (PAC207)
DRV - [2005/03/29 16:59:02 | 000,400,256 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2005/03/29 16:49:44 | 000,055,448 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/03/29 16:10:42 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Stopped] -- E:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2005/03/29 16:10:38 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Stopped] -- E:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2005/03/29 16:09:38 | 001,340,698 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2005/03/29 16:07:38 | 000,030,299 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2005/03/29 16:04:12 | 000,148,040 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2004/09/26 13:10:37 | 000,120,320 | ---- | M] () [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\SSHDRV65.sys -- (SSHDRV65)
DRV - [2004/08/04 07:29:54 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/20 20:51:29 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Stopped] -- E:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2004/03/03 21:30:54 | 000,005,504 | ---- | M] (Ahead Software AG) [Kernel | Boot | Stopped] -- E:\WINDOWS\System32\DRIVERS\imagedrv.sys -- (Imagedrv)
DRV - [2004/03/03 14:02:00 | 000,320,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2004/03/03 14:02:00 | 000,040,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2004/01/29 01:45:50 | 000,093,764 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2004/01/13 12:36:00 | 000,063,744 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- E:\WINDOWS\System32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004/01/06 16:03:40 | 000,647,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/10/29 13:02:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- E:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/09/08 10:06:36 | 000,255,360 | R--- | M] (D-Link) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)
DRV - [2001/10/24 13:53:06 | 000,347,550 | ---- | M] (ESS Technology, Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\es56tpi.sys -- (Edspport)
DRV - [2001/08/18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 20:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 20:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 20:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 20:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [1997/04/22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | Auto | Stopped] -- E:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-117609710-879983540-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-117609710-879983540-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-117609710-879983540-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-117609710-879983540-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-117609710-879983540-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.0
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.5
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.6
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {F645A8C9-E969-42D9-B3F3-F325537222FD}:1.1.6
FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.2
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.0&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2010/07/07 15:16:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2010/07/07 15:18:19 | 000,000,000 | ---D | M]

[2008/06/21 13:43:14 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Extensions
[2010/07/07 16:38:31 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions
[2010/02/11 09:32:00 | 000,000,000 | ---D | M] (Image Zoom) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010/07/07 16:38:09 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/02/11 09:32:00 | 000,000,000 | ---D | M] (PDF Download) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/02/11 09:32:25 | 000,000,000 | ---D | M] (Html Validator) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2009/03/08 13:00:13 | 000,000,000 | ---D | M] (ColorZilla) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2010/02/11 09:32:00 | 000,000,000 | ---D | M] (Firefox Showcase) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2010/05/25 06:31:06 | 000,000,000 | ---D | M] (Live HTTP Headers) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010/02/11 09:32:19 | 000,000,000 | ---D | M] (Adblock Plus) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/02/11 09:31:40 | 000,000,000 | ---D | M] (QuickRestart) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{F645A8C9-E969-42D9-B3F3-F325537222FD}
[2010/03/27 11:41:11 | 000,000,000 | ---D | M] (Download Manager Tweak) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/02/11 09:32:18 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\firebug@software.joehewitt.com
[2010/02/11 09:32:02 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\firegestures@xuldev.org
[2010/02/11 09:31:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\tabscope@xuldev.org
[2004/10/24 13:15:16 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Sunbird\Profiles\7hxgeh6c.default\extensions
[2004/10/24 13:15:16 | 000,000,000 | ---D | M] (Sunbird (default)) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Sunbird\Profiles\7hxgeh6c.default\extensions\{8af2d0a7-e394-4de2-ae55-2dae532a7a9b}
[2010/07/07 16:48:12 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-1.xml
[2010/02/19 12:02:18 | 000,000,961 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-10.xml
[2010/03/27 11:37:22 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-11.xml
[2010/03/28 11:45:11 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-12.xml
[2009/04/23 12:03:55 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-2.xml
[2009/04/29 20:00:07 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-3.xml
[2009/06/14 19:36:37 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-4.xml
[2009/08/05 17:45:16 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-5.xml
[2009/09/13 09:14:09 | 000,000,950 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-6.xml
[2009/10/29 10:52:12 | 000,000,961 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-7.xml
[2009/11/08 15:49:00 | 000,000,961 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-8.xml
[2009/12/17 09:59:52 | 000,000,961 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin-9.xml
[2008/07/10 14:07:28 | 000,000,944 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\searchplugins\icqplugin.xml
[2010/07/02 21:54:22 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2010/07/07 15:18:19 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/06/01 13:22:18 | 000,874,008 | ---- | M] (ParallelGraphics) -- E:\Program Files\Mozilla Firefox\plugins\npCortona.dll
[2007/12/19 14:57:38 | 000,310,272 | ---- | M] () -- E:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2004/01/14 04:09:25 | 000,176,176 | ---- | M] () -- E:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/03/27 11:36:54 | 000,000,638 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/03/27 11:36:54 | 000,001,687 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/03/27 11:36:54 | 000,001,367 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/03/27 11:36:54 | 000,000,654 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/03/27 11:36:54 | 000,001,179 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2001/10/25 16:00:00 | 000,000,737 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\Toolbar\WebBrowser: (Zango) - {E1BACF55-35E1-4E47-9247-2D48660E5545} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [avast5] E:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [DAEMON Tools] E:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [PWRISOVM.EXE] E:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKU\.DEFAULT..\Run: [ALUAlert] E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\.DEFAULT..\Run: [Microsoft Update] File not found
O4 - HKU\.DEFAULT..\Run: [SAmail] E:\Documents and Settings\tomas pavelka\Plocha\e-mail from#ahlem_3ishk@yahoo.fr.htm File not found
O4 - HKU\.DEFAULT..\Run: [Win32 Configuration] File not found
O4 - HKU\.DEFAULT..\Run: [Win32 USB2 Driver] File not found
O4 - HKU\.DEFAULT..\Run: [Win32 USB2.0 Driver] File not found
O4 - HKU\.DEFAULT..\Run: [Wireless Provider Server] File not found
O4 - HKU\S-1-5-18..\Run: [ALUAlert] E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\S-1-5-18..\Run: [Microsoft Update] File not found
O4 - HKU\S-1-5-18..\Run: [SAmail] E:\Documents and Settings\tomas pavelka\Plocha\e-mail from#ahlem_3ishk@yahoo.fr.htm File not found
O4 - HKU\S-1-5-18..\Run: [Win32 Configuration] File not found
O4 - HKU\S-1-5-18..\Run: [Win32 USB2 Driver] File not found
O4 - HKU\S-1-5-18..\Run: [Win32 USB2.0 Driver] File not found
O4 - HKU\S-1-5-18..\Run: [Wireless Provider Server] File not found
O4 - HKU\S-1-5-21-117609710-879983540-725345543-1003..\Run: [ICQ] E:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-117609710-879983540-725345543-1003..\Run: [updateMgr] E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\RunOnce: [Win32 Configuration] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Win32 USB2 Driver] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Win32 USB2.0 Driver] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Wireless Provider Server] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Win32 Configuration] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Win32 USB2 Driver] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Win32 USB2.0 Driver] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Wireless Provider Server] File not found
O4 - Startup: E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = E:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\D-Link AirPlus.lnk = E:\Program Files\D-Link AirPlus\AIRPLUS.EXE (D-Link)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-117609710-879983540-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - E:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Reg Error: Value error. File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - E:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {11111111-1111-1111-1111-111111111111} ms-its:mhtml:file://C:\ss.MHT!http://sexpicsworld.com/ebook.chm::/loader.exe (Reg Error: Key error.)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/ ... module.exe (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://E:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://E:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.48.31.69 217.197.144.4
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - E:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - CLSID or File not found.
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/17 18:57:15 | 000,000,095 | ---- | M] () - G:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2007/11/08 07:44:04 | 000,054,272 | R--- | M] (Microsoft Corporation) - H:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2003/07/24 03:26:21 | 000,000,027 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setupSNK.exe -- [2004/08/17 15:49:28 | 000,028,672 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe -- [2007/11/08 07:44:04 | 000,054,272 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - E:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: aux - E:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.ac3acm - ac3acm.acm File not found
Drivers32: msacm.iac2 - E:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - E:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - lameACM.acm File not found
Drivers32: msacm.sl_anet - E:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - E:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - E:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - E:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - E:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - E:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.VIFP - E:\WINDOWS\System32\VFCodec.dll ()
Drivers32: VIDC.XVID - E:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - E:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 30 Days ==========

File not found -- E:\Documents and Settings\tomas pavelka\Plocha\CFNM Scene - the case of being forcibly jerked
[2010/07/07 19:42:47 | 000,574,976 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\tomas pavelka\Plocha\OTL.exe
[2010/07/07 17:02:19 | 000,000,000 | ---D | C] -- E:\Program Files\trend micro
[2010/07/07 17:02:18 | 000,000,000 | ---D | C] -- E:\rsit
[2010/07/07 15:19:20 | 000,000,000 | ---D | C] -- E:\Documents and Settings\tomas pavelka\Ukol 22
[2010/07/07 15:19:20 | 000,000,000 | ---D | C] -- E:\Documents and Settings\tomas pavelka\Ukol 11
[2010/07/07 12:44:28 | 000,000,000 | -HSD | C] -- E:\WINDOWS\CSC
[2010/06/18 11:13:26 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- E:\WINDOWS\System32\javaws.exe
[2010/06/18 11:13:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- E:\WINDOWS\System32\javaw.exe
[2010/06/18 11:13:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- E:\WINDOWS\System32\java.exe
[2010/06/18 10:58:10 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft SQL Server
[2010/06/18 10:57:56 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Synchronization Services
[2010/06/18 10:57:55 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft SQL Server Compact Edition
[2010/06/18 10:56:31 | 000,000,000 | ---D | C] -- E:\Documents and Settings\tomas pavelka\Dokumenty\Visual Studio 2008
[2010/06/18 10:54:25 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Visual Studio 9.0
[2010/06/18 10:53:59 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft SDKs
[2010/06/15 15:03:12 | 000,000,000 | ---D | C] -- E:\Program Files\MSECache
[8 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[3 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- E:\Documents and Settings\tomas pavelka\Plocha\CFNM Scene - the case of being forcibly jerked
[2010/07/07 19:42:48 | 000,574,976 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\tomas pavelka\Plocha\OTL.exe
[2010/07/07 16:37:10 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2010/07/07 16:34:00 | 000,000,482 | -H-- | M] () -- E:\WINDOWS\tasks\User_Feed_Synchronization-{545BF149-EEB3-47D9-B1F5-8FD23C7D32B5}.job
[2010/07/07 16:09:00 | 000,001,058 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-879983540-725345543-1003UA.job
[2010/07/07 15:27:09 | 000,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2010/07/07 15:22:45 | 000,221,632 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/07 12:41:18 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2010/07/02 17:15:00 | 000,000,406 | ---- | M] () -- E:\WINDOWS\tasks\1-Click Maintenance.job
[2010/07/02 17:09:00 | 000,001,006 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-879983540-725345543-1003Core.job
[2010/07/02 15:53:47 | 000,054,156 | -H-- | M] () -- E:\WINDOWS\QTFont.qfn
[2010/07/02 10:50:57 | 000,000,260 | ---- | M] () -- E:\WINDOWS\tasks\WGASetup.job
[2010/06/30 21:00:56 | 000,053,336 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010/06/23 03:04:49 | 000,509,558 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2010/06/23 03:04:49 | 000,503,174 | ---- | M] () -- E:\WINDOWS\System32\perfh005.dat
[2010/06/23 03:04:49 | 000,117,784 | ---- | M] () -- E:\WINDOWS\System32\perfc005.dat
[2010/06/23 03:04:49 | 000,105,876 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[2010/06/18 10:59:31 | 000,001,374 | ---- | M] () -- E:\WINDOWS\imsins.BAK
[2010/06/15 19:14:03 | 002,131,414 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Plocha\Systém objednávání letenek1.bmp
[2010/06/15 18:42:26 | 000,000,309 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\.umleditor
[2010/06/15 17:47:42 | 001,385,358 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Plocha\Monča schema.bmp
[2010/06/14 13:51:04 | 000,076,313 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Plocha\Monča schema.JPG
[2010/06/13 23:53:05 | 016,084,992 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\ntuser.dat
[2010/06/13 22:48:31 | 000,002,283 | ---- | M] () -- E:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010/06/13 17:13:34 | 000,000,266 | ---- | M] () -- E:\WINDOWS\ChssBase.ini
[2010/06/13 00:43:51 | 000,000,178 | -HS- | M] () -- E:\Documents and Settings\tomas pavelka\ntuser.ini
[2010/06/12 13:29:15 | 000,141,824 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/12 12:37:34 | 000,000,116 | ---- | M] () -- E:\WINDOWS\NeroDigital.ini
[2010/06/11 03:04:07 | 001,025,780 | ---- | M] () -- E:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/10 21:09:55 | 002,186,377 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Plocha\OBOP2 - final.pdf
[2010/06/10 16:41:56 | 000,039,936 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\POZNÁMKY.doc
[2010/06/10 08:53:17 | 000,001,319 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Serial.class
[2010/06/10 08:53:15 | 000,000,702 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Serial.java
[2010/06/10 08:52:08 | 000,000,609 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Person.class
[2010/06/10 08:51:59 | 000,000,444 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Person.java
[2010/06/09 22:44:35 | 000,000,881 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Znak.class
[2010/06/09 22:44:33 | 000,000,608 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Znak.java
[2010/06/09 16:12:59 | 000,001,169 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Zkus.class
[2010/06/09 16:12:58 | 000,000,696 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Zkus.java
[2010/06/09 10:54:21 | 000,001,626 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Retezce.class
[2010/06/09 10:54:20 | 000,001,538 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Retezce.java
[2010/06/09 10:31:49 | 000,002,756 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\PropertiesExample.class
[2010/06/09 10:31:48 | 000,002,359 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\PropertiesExample.java
[2010/06/09 10:18:29 | 000,000,079 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Moje.properties
[2010/06/09 09:04:25 | 000,001,739 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Parameters.class
[2010/06/09 09:04:24 | 000,001,959 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Parameters.java
[2010/06/08 20:50:13 | 000,002,054 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Files.class
[2010/06/08 20:50:12 | 000,001,693 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Files.java
[2010/06/08 20:40:10 | 000,001,468 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Tokenizer.class
[2010/06/08 20:40:08 | 000,001,557 | ---- | M] () -- E:\Documents and Settings\tomas pavelka\Tokenizer.java
[8 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[3 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/15 19:14:03 | 002,131,414 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Plocha\Systém objednávání letenek1.bmp
[2010/06/15 18:42:26 | 000,000,309 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\.umleditor
[2010/06/13 23:53:03 | 016,084,992 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\ntuser.dat
[2010/06/13 21:39:31 | 000,076,313 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Plocha\Monča schema.JPG
[2010/06/13 21:30:49 | 001,385,358 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Plocha\Monča schema.bmp
[2010/06/10 21:09:55 | 002,186,377 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Plocha\OBOP2 - final.pdf
[2010/06/10 08:53:17 | 000,001,319 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Serial.class
[2010/06/10 08:52:08 | 000,000,609 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Person.class
[2010/06/10 08:50:29 | 000,000,444 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Person.java
[2010/06/10 08:50:07 | 000,000,065 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\seri.txt
[2010/06/10 08:46:53 | 000,000,702 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Serial.java
[2010/06/09 22:44:35 | 000,000,881 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Znak.class
[2010/06/09 22:41:25 | 000,000,608 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Znak.java
[2010/06/09 13:46:16 | 000,001,169 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Zkus.class
[2010/06/09 13:43:16 | 000,000,696 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Zkus.java
[2010/06/09 10:50:37 | 000,001,626 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Retezce.class
[2010/06/09 10:45:10 | 000,001,538 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Retezce.java
[2010/06/08 22:35:18 | 000,000,079 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Moje.properties
[2010/06/08 22:35:16 | 000,002,756 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\PropertiesExample.class
[2010/06/08 20:45:57 | 000,000,054 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\novy2.txt
[2010/06/08 19:07:27 | 000,039,936 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\POZNÁMKY.doc
[2010/06/08 15:50:07 | 000,002,359 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\PropertiesExample.java
[2010/06/08 15:50:07 | 000,002,054 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Files.class
[2010/06/08 15:50:07 | 000,001,959 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Parameters.java
[2010/06/08 15:50:07 | 000,001,739 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Parameters.class
[2010/06/08 15:50:07 | 000,001,693 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Files.java
[2010/06/08 15:50:07 | 000,001,557 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Tokenizer.java
[2010/06/08 15:50:07 | 000,001,468 | ---- | C] () -- E:\Documents and Settings\tomas pavelka\Tokenizer.class
[2009/12/20 20:52:50 | 000,000,038 | ---- | C] () -- E:\WINDOWS\avisplitter.ini
[2009/12/20 20:52:43 | 000,205,824 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2009/12/20 20:52:42 | 003,596,288 | ---- | C] () -- E:\WINDOWS\System32\qt-dx331.dll
[2009/12/20 20:52:33 | 000,085,504 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2009/12/20 20:52:33 | 000,000,547 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- E:\WINDOWS\System32\pthreadVC.dll
[2009/05/01 21:20:03 | 000,077,824 | ---- | C] () -- E:\WINDOWS\System32\CDVPreviewEx.dll
[2008/08/09 10:32:38 | 000,074,703 | ---- | C] () -- E:\WINDOWS\System32\mfc45.dll
[2008/05/19 13:11:33 | 000,000,118 | ---- | C] () -- E:\WINDOWS\System32\MRT.INI
[2008/04/08 18:18:08 | 000,139,264 | ---- | C] () -- E:\WINDOWS\System32\BladeEnc.dll
[2006/03/12 13:58:20 | 000,069,632 | ---- | C] () -- E:\WINDOWS\System32\xmltok.dll
[2006/03/12 13:58:20 | 000,036,864 | ---- | C] () -- E:\WINDOWS\System32\xmlparse.dll
[2006/02/18 14:27:52 | 000,009,728 | ---- | C] () -- E:\WINDOWS\System32\BASSMOD.dll
[2005/12/24 18:19:26 | 000,223,128 | ---- | C] () -- E:\WINDOWS\System32\drivers\dtscsi.sys
[2005/12/24 18:05:44 | 000,664,064 | ---- | C] () -- E:\WINDOWS\System32\drivers\sptd.sys
[2005/12/24 18:05:44 | 000,096,384 | ---- | C] () -- E:\WINDOWS\System32\drivers\sptd1149.sys
[2005/12/24 03:23:13 | 000,010,240 | ---- | C] () -- E:\WINDOWS\System32\vidx16.dll
[2005/10/14 12:56:50 | 000,921,600 | ---- | C] () -- E:\WINDOWS\System32\VorbisEnc.dll
[2005/10/14 12:56:50 | 000,881,664 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2005/10/14 12:56:50 | 000,237,568 | ---- | C] () -- E:\WINDOWS\System32\OggDS.dll
[2005/10/14 12:56:50 | 000,188,416 | ---- | C] () -- E:\WINDOWS\System32\vorbis.dll
[2005/10/14 12:56:50 | 000,178,176 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2005/10/14 12:56:50 | 000,045,056 | ---- | C] () -- E:\WINDOWS\System32\ogg.dll
[2005/08/25 11:57:45 | 000,000,148 | ---- | C] () -- E:\WINDOWS\thtitanc.INI
[2005/04/08 11:46:18 | 000,162,176 | ---- | C] () -- E:\WINDOWS\System32\drivers\PFC027.sys
[2005/03/29 16:16:12 | 000,086,016 | ---- | C] () -- E:\WINDOWS\System32\btprn2k.dll
[2005/01/25 16:15:42 | 000,010,240 | ---- | C] () -- E:\WINDOWS\System32\PA207USD.DLL
[2004/12/29 15:23:52 | 000,000,000 | ---- | C] () -- E:\WINDOWS\iPlayer.INI
[2004/12/25 18:21:25 | 000,000,062 | ---- | C] () -- E:\WINDOWS\Wininit.ini
[2004/11/27 18:42:02 | 000,001,403 | ---- | C] () -- E:\WINDOWS\MQPreset.ini
[2004/11/27 18:42:02 | 000,000,383 | ---- | C] () -- E:\WINDOWS\Multique.ini
[2004/11/01 20:13:38 | 000,000,598 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2004/10/31 11:31:41 | 000,431,104 | ---- | C] () -- E:\WINDOWS\System32\VFCodec.dll
[2004/10/29 20:00:33 | 000,000,301 | ---- | C] () -- E:\WINDOWS\cdplayer.ini
[2004/10/24 20:25:47 | 000,000,116 | ---- | C] () -- E:\WINDOWS\NeroDigital.ini
[2004/10/18 14:00:36 | 000,197,120 | ---- | C] () -- E:\WINDOWS\patchw32.dll
[2004/10/17 14:37:34 | 000,000,026 | ---- | C] () -- E:\WINDOWS\buffygame.INI
[2004/10/12 19:43:04 | 000,000,718 | ---- | C] () -- E:\WINDOWS\wcx_ftp.ini
[2004/10/10 13:29:16 | 000,003,140 | ---- | C] () -- E:\WINDOWS\wincmd.ini
[2004/10/07 18:38:58 | 000,008,024 | ---- | C] () -- E:\WINDOWS\System32\mcimsfle.dll
[2004/09/27 20:45:45 | 000,000,143 | ---- | C] () -- E:\WINDOWS\HERECOME.INI
[2004/09/27 20:44:07 | 000,000,084 | ---- | C] () -- E:\WINDOWS\FFIELDS.INI
[2004/09/27 20:29:12 | 000,000,290 | ---- | C] () -- E:\WINDOWS\Gelules.ini
[2004/09/27 20:28:20 | 000,000,052 | ---- | C] () -- E:\WINDOWS\ENTPACK.INI
[2004/09/27 15:10:26 | 000,000,132 | ---- | C] () -- E:\WINDOWS\boxworld.ini
[2004/09/27 09:25:56 | 000,000,020 | ---- | C] () -- E:\WINDOWS\level.ini
[2004/09/26 13:10:37 | 000,120,320 | ---- | C] () -- E:\WINDOWS\System32\drivers\SSHDRV65.sys
[2004/09/09 17:37:06 | 000,000,436 | ---- | C] () -- E:\WINDOWS\Marias.ini
[2004/08/22 14:59:12 | 000,000,266 | ---- | C] () -- E:\WINDOWS\ChssBase.ini
[2004/07/10 22:01:41 | 000,043,520 | ---- | C] () -- E:\WINDOWS\System32\CmdLineExt03.dll
[2004/07/10 20:32:06 | 000,363,520 | ---- | C] () -- E:\WINDOWS\System32\psisdecd.dll
[2004/07/10 20:16:11 | 000,006,272 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASLM75.SYS
[2004/07/10 20:11:49 | 000,003,265 | ---- | C] () -- E:\WINDOWS\Ascd_tmp.ini
[2004/07/10 20:11:45 | 000,005,824 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2004/07/10 19:23:12 | 000,014,336 | ---- | C] () -- E:\WINDOWS\System32\msdmo(2).dll
[2004/01/27 13:13:54 | 000,421,888 | ---- | C] () -- E:\WINDOWS\System32\OpenQuicktimeLib.dll
[2004/01/06 16:01:46 | 000,086,016 | ---- | C] () -- E:\WINDOWS\System32\ati2evxx.dll
[2003/10/08 23:48:38 | 000,056,832 | ---- | C] () -- E:\WINDOWS\System32\iyvu9_32.dll
[2003/09/09 23:37:16 | 000,057,344 | ---- | C] () -- E:\WINDOWS\System32\avisynth_c.dll
[2003/04/09 15:38:04 | 000,005,664 | ---- | C] () -- E:\WINDOWS\System32\OUTLPERF.INI
[2002/05/15 23:29:04 | 000,000,607 | ---- | C] () -- E:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 18:18:00 | 000,000,597 | ---- | C] () -- E:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- E:\WINDOWS\System32\lcppn21.dll
[2001/09/17 13:20:02 | 000,009,216 | ---- | C] () -- E:\WINDOWS\System32\cpuinf32.dll
[1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\MSRTEDIT.DLL

[TomasN80]

..a pokračování..


========== LOP Check ==========

[2010/05/23 12:10:37 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2009/01/28 18:02:56 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Apowersoft
[2004/07/20 20:50:51 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010/01/22 17:16:44 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\ICQ
[2009/03/07 12:50:02 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Installations
[2008/12/28 09:28:28 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\iolo
[2005/10/12 11:57:37 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Locktime
[2004/11/18 19:01:08 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\NFS Underground
[2009/03/07 15:31:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008/02/20 22:48:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\TEMP
[2006/08/29 12:06:34 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2005/06/16 18:18:40 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\Viewpoint
[2008/08/09 10:33:44 | 000,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Data aplikací\iolo
[2006/01/23 21:07:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\AutoUpdate
[2006/01/11 18:23:11 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Avant Browser
[2006/02/28 12:03:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Camfrog
[2006/05/16 17:41:49 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\CamfrogWEB
[2010/07/07 15:12:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ChessBase
[2009/05/01 21:20:29 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\CSOdessa
[2009/01/28 13:05:55 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Desktopicon
[2009/10/31 00:15:20 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Dev-Cpp
[2008/05/11 15:05:50 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\DMCache
[2009/03/31 14:27:13 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\FileZilla
[2009/11/08 23:51:39 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\gtk-2.0
[2010/05/09 13:01:21 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ICQ
[2004/10/10 14:13:16 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ICQLite
[2008/08/09 10:36:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\iolo
[2006/01/23 21:07:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Kamerzysta
[2005/12/24 02:56:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Leadertech
[2005/10/12 12:03:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Locktime
[2006/05/24 22:15:30 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\My Battle for Middle-earth(tm) II Files
[2009/03/07 15:34:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Nokia
[2008/03/15 20:37:18 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Opera
[2009/03/07 15:34:45 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\PC Suite
[2004/11/27 19:48:54 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\SBSoft
[2009/10/02 13:43:19 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ShoppingReport
[2008/04/15 20:35:12 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Sony Setup
[2008/03/23 02:50:31 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Styler
[2005/03/28 10:33:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ThumbsPlus
[2007/03/03 21:15:01 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Thunderbird
[2006/08/29 12:07:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\TuneUp Software
[2009/08/23 01:20:45 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\uTorrent
[2008/03/23 02:56:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ViStart
[2010/04/16 21:57:10 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Wireshark
[2010/07/02 17:15:00 | 000,000,406 | ---- | M] () -- E:\WINDOWS\Tasks\1-Click Maintenance.job
[2010/07/07 16:34:00 | 000,000,482 | -H-- | M] () -- E:\WINDOWS\Tasks\User_Feed_Synchronization-{545BF149-EEB3-47D9-B1F5-8FD23C7D32B5}.job
[2010/07/02 10:50:57 | 000,000,260 | ---- | M] () -- E:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = E:\WINDOWS\system32\ctfmon.exe -- [2008/04/14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"updateMgr" = "E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 -- [2005/10/24 16:53:40 | 000,307,200 | ---- | M] (Adobe Systems Incorporated)
"ICQ" = "E:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4 -- [2010/06/08 13:39:01 | 000,133,368 | ---- | M] (ICQ, LLC.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008/06/27 13:53:39 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Adobe
[2007/01/16 14:12:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\AdobeUM
[2004/12/25 15:58:18 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Ahead
[2008/04/24 12:23:24 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Apple Computer
[2006/01/23 21:07:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\AutoUpdate
[2006/01/11 18:23:11 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Avant Browser
[2006/02/28 12:03:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Camfrog
[2006/05/16 17:41:49 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\CamfrogWEB
[2010/07/07 15:12:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ChessBase
[2009/05/01 21:20:29 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\CSOdessa
[2004/12/29 19:21:27 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\CyberLink
[2009/01/28 13:05:55 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Desktopicon
[2009/10/31 00:15:20 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Dev-Cpp
[2008/05/11 15:05:50 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\DMCache
[2010/05/26 12:29:33 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\dvdcss
[2010/03/26 11:58:35 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\FastStone
[2009/03/31 14:27:13 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\FileZilla
[2008/06/28 18:47:39 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Google
[2009/11/08 23:51:39 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\gtk-2.0
[2004/07/10 19:25:28 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Help
[2010/05/09 13:01:21 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ICQ
[2004/10/10 14:13:16 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ICQLite
[2004/07/10 20:05:03 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Identities
[2008/03/23 12:26:43 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\InstallShield
[2008/08/09 10:36:36 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\iolo
[2006/01/23 21:07:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Kamerzysta
[2009/03/08 14:10:17 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Lavasoft
[2005/12/24 02:56:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Leadertech
[2005/10/12 12:03:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Locktime
[2006/05/19 21:04:31 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Macromedia
[2008/03/23 11:18:48 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Media Player Classic
[2010/06/18 10:56:49 | 000,000,000 | --SD | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Microsoft
[2004/11/01 20:06:35 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Microsoft Web Folders
[2008/06/21 13:43:14 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Mozilla
[2009/05/17 12:29:30 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\MSN6
[2006/05/24 22:15:30 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\My Battle for Middle-earth(tm) II Files
[2009/03/07 15:34:38 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Nokia
[2008/03/15 20:37:18 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Opera
[2009/03/07 15:34:45 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\PC Suite
[2007/01/09 16:22:26 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Reallusion
[2004/11/27 19:48:54 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\SBSoft
[2009/10/02 13:43:19 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ShoppingReport
[2010/07/03 14:46:53 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Skype
[2008/04/15 20:35:12 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Sony Setup
[2008/03/23 02:50:31 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Styler
[2006/01/06 16:54:35 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Sun
[2004/07/10 20:11:07 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Symantec
[2005/01/22 00:23:51 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Talkback
[2005/03/28 10:33:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ThumbsPlus
[2007/03/03 21:15:01 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Thunderbird
[2006/08/29 12:07:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\TuneUp Software
[2009/08/23 01:20:45 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\uTorrent
[2008/03/23 02:56:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\ViStart
[2010/06/18 18:17:11 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\vlc
[2010/03/26 22:04:04 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\vlc(2)
[2009/08/23 12:20:37 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\WinRAR
[2010/04/16 21:57:10 | 000,000,000 | ---D | M] -- E:\Documents and Settings\tomas pavelka\Data aplikací\Wireshark

< %APPDATA%\*.exe /s >
[2008/09/10 10:07:48 | 000,047,104 | ---- | M] (AD ON Multimedia Advertising GmbH) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Desktopicon\eBayShortcuts.exe
[2008/06/19 17:27:23 | 044,378,888 | ---- | M] (iolo technologies, LLC ) -- E:\Documents and Settings\tomas pavelka\Data aplikací\iolo\Installers\SystemMechanicPro.exe
[2006/05/19 20:59:23 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
[2008/04/15 20:46:01 | 052,770,576 | ---- | M] (Microsoft Corporation) -- E:\Documents and Settings\tomas pavelka\Data aplikací\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe


< MD5 for: AGP440.SYS >
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\$NtServicePackUninstall$\sp3.cab:AGP440.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- E:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- E:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- E:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\$NtServicePackUninstall$\sp3.cab:atapi.sys
[2002/09/20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:atapi.sys
[2002/08/29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- E:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- E:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- E:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\$NtServicePackUninstall$\sp3.cab:cdrom.sys
[2002/09/20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- E:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- E:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- E:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004/08/18 00:49:03 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- E:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008/04/14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- E:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008/04/14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008/04/14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- E:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008/04/14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- E:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008/04/14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- E:\WINDOWS\system32\eventlog.dll
[2004/08/18 00:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- E:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008/04/14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- E:\WINDOWS\explorer.exe
[2008/04/14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- E:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2007/06/13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- E:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 15:23:40 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- E:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\$NtServicePackUninstall$\sp3.cab:hal.dll
[2002/09/20 20:17:54 | 010,174,968 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:hal.dll
[2008/04/13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- E:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008/04/13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2008/04/13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- E:\WINDOWS\system32\HAL.DLL
[2004/08/04 07:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- E:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\$NtServicePackUninstall$\sp3.cab:Changer.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004/10/24 17:41:06 | 022,286,602 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:Changer.sys
[2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- E:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
[2004/08/04 08:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- E:\WINDOWS\$NtServicePackUninstall$\changer.sys

< MD5 for: ISAPNP.SYS >
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\$NtServicePackUninstall$\sp3.cab:isapnp.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2010/03/26 10:49:37 | 023,890,583 | ---- | M] () .cab file -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:isapnp.sys
[2001/10/25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- E:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008/04/14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- E:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008/04/14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008/04/14 04:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- E:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004/08/18 00:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- E:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008/04/14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- E:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008/04/14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008/04/14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- E:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- E:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- E:\WINDOWS\system32\drivers\ndis.sys
[2004/08/04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- E:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/02/06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- E:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- E:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/18 00:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- E:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- E:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008/04/14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- E:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2004/01/13 12:36:00 | 000,063,744 | ---- | M] (NVIDIA Corporation) MD5=06F86506555644CBA020CD2CFFE28668 -- E:\WINDOWS\system32\drivers\nvatabus.sys

< MD5 for: SCECLI.DLL >
[2004/08/18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- E:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- E:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008/04/14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- E:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004/08/18 00:49:27 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- E:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008/04/14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- E:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008/04/14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008/04/14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- E:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- E:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008/04/14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- E:\WINDOWS\system32\svchost.exe
[2004/08/18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- E:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008/06/20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- E:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006/01/13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- E:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2005/05/25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- E:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007/10/30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- E:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/06/20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- E:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007/10/30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- E:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- E:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- E:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/04/13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- E:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- E:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- E:\WINDOWS\system32\drivers\tcpip.sys
[2008/06/20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- E:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- E:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008/04/14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- E:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008/04/14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- E:\WINDOWS\system32\userinit.exe
[2004/08/18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- E:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- E:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- E:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008/04/14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- E:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004/08/18 00:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- E:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008/04/14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- E:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008/04/14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- E:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008/04/14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- E:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[8 E:\WINDOWS\system32\*.tmp files -> E:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2005/12/24 18:19:26 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- E:\WINDOWS\system32\drivers\dtscsi.sys
[2005/12/24 18:05:44 | 000,664,064 | ---- | M] () Unable to obtain MD5 -- E:\WINDOWS\system32\drivers\sptd.sys
[2010/03/27 15:18:03 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- E:\WINDOWS\system32\drivers\sptd1149.sys

< %systemroot%\System32\config\*.sav >
[2002/01/01 02:19:51 | 000,094,208 | ---- | M] () -- E:\WINDOWS\system32\config\default.sav
[2002/01/01 02:19:51 | 000,630,784 | ---- | M] () -- E:\WINDOWS\system32\config\software.sav
[2002/01/01 02:19:51 | 000,409,600 | ---- | M] () -- E:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[8 E:\WINDOWS\system32\*.tmp files -> E:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010/07/07 15:22:45 | 000,221,632 | ---- | M] () -- E:\WINDOWS\system32\FNTCACHE.DAT
[2010/07/07 12:41:18 | 000,002,206 | ---- | M] () -- E:\WINDOWS\system32\wpa.dbl
[8 E:\WINDOWS\system32\*.tmp files -> E:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> E:\Documents and Settings\All Users\Data aplikací\TEMP:1126A2CB
< End of report >

[TomasN80]

A zde je Extras.txt..

OTL Extras logfile created on: 07/07/2010 19:45:12 - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = E:\Documents and Settings\tomas pavelka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: MM/dd/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): E:\pagefile.sys 384 768 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 1,92 Gb Total Space | 0,38 Gb Free Space | 19,75% Space Free | Partition Type: FAT32
D: Drive not present or media not loaded
Drive E: | 35,80 Gb Total Space | 4,94 Gb Free Space | 13,78% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 38,72 Gb Total Space | 2,09 Gb Free Space | 5,41% Space Free | Partition Type: NTFS
Drive H: | 2,00 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 3,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: TOMAS
Current User Name: tomas pavelka
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.js [@ = jsfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-117609710-879983540-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "E:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "E:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "E:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [edit] -- "E:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "E:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"E:\Program Files\MSN Messenger\msnmsgr.exe" = E:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- File not found
"E:\Program Files\ICQ7.0\ICQ.exe" = E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"E:\Program Files\ICQ7.0\aolload.exe" = E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\Program Files\ICQLite\ICQLite.exe" = E:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- File not found
"G:\3dsmax6\3dsmax.exe" = G:\3dsmax6\3dsmax.exe:*:Enabled:3ds max application -- (Discreet, a division of Autodesk, Inc.)
"E:\Program Files\UnrealTournament\System\UnrealTournament.exe" = E:\Program Files\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament -- File not found
"E:\Program Files\HLSW\hlsw.exe" = E:\Program Files\HLSW\hlsw.exe:*:Enabled:MFC-Anwendung HLSW -- ()
"G:\Install_Soft\NFK070\NFK.exe" = G:\Install_Soft\NFK070\NFK.exe:*:Enabled:NFK -- File not found
"E:\Program Files\EA Games\Need For Speed Underground\Speed.exe" = E:\Program Files\EA Games\Need For Speed Underground\Speed.exe:*:Enabled:Speed -- File not found
"E:\Program Files\Westwood\Sun\PATCHGET.DAT" = E:\Program Files\Westwood\Sun\PATCHGET.DAT:*:Enabled:patchgrabber -- File not found
"E:\Program Files\Westwood\Sun\Game.exe" = E:\Program Files\Westwood\Sun\Game.exe:*:Enabled:Main executable for Tiberian Sun -- File not found
"E:\games\games\AOE2AOK\empires2.EXE" = E:\games\games\AOE2AOK\empires2.EXE:*:Enabled:Age of Empires II -- File not found
"G:\Gamesy_instal\EA GAMES\The Battle for Middle-earth (tm)\game.dat" = G:\Gamesy_instal\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm) -- File not found
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- File not found
"E:\Program Files\LimeWire\LimeWire.exe" = E:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"E:\WINDOWS\system32\dpvsetup.exe" = E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\Program Files\DC++\DCPlusPlus.exe" = E:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++ -- ()
"G:\Install_Soft\CZDC++\CZDCPlusPlus.exe" = G:\Install_Soft\CZDC++\CZDCPlusPlus.exe:*:Enabled:CZDC++ -- File not found
"E:\Program Files\MSN Messenger\msnmsgr.exe" = E:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- File not found
"E:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat" = E:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II -- (Electronic Arts Inc.)
"E:\Program Files\Microsoft Games\Age of Empires II\empires2.EXE" = E:\Program Files\Microsoft Games\Age of Empires II\empires2.EXE:*:Enabled:Age of Empires II -- File not found
"E:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe" = E:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk -- File not found
"E:\Program Files\Winamp Remote\bin\Orb.exe" = E:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- File not found
"E:\Program Files\Winamp Remote\bin\OrbTray.exe" = E:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- File not found
"E:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" = E:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- File not found
"E:\Program Files\ICQ6\ICQ.exe" = E:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"E:\Casino\bwin Casino\casino.exe" = E:\Casino\bwin Casino\casino.exe:*:Enabled:casino -- File not found
"E:\Program Files\uTorrent\utorrent.exe" = E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Program Files\ICQ6.5\ICQ.exe" = E:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"E:\Program Files\Java\jre6\bin\javaw.exe" = E:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"E:\Program Files\Java\jre6\bin\java.exe" = E:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"E:\Program Files\Java\jdk1.5.0_03\jre\bin\java.exe" = E:\Program Files\Java\jdk1.5.0_03\jre\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"E:\Program Files\ICQ7.0\ICQ.exe" = E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"E:\Program Files\ICQ7.0\aolload.exe" = E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = VideoCAM GE111
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{10C1A383-5FB9-4868-859C-E64F6822E9C8}" = Sony Ericsson Mobile Phone Monitor
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{183B7569-90FB-4C56-9761-0EEB002CAB83}" = Adobe Camera Raw 4.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20B83B31-09C4-4F0E-9774-EF8A12A0A527}" = Adobe Device Central CS3
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 16
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{2F84AD97-6952-4801-A20B-7C8DD1E9A301}" = CapMan
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0150030}" = J2SE Development Kit 5.0 Update 3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3675CF90-85D3-4DC2-85C9-C169BBCD2B2D}" = Sony Ericsson OCS
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{41C3C974-EC5E-494C-AFE6-E31D92E2E6CB}" = Adobe Version Cue CS3 Client
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{4DF98D0B-637E-42B4-B9D6-EB7693D2FBF8}" = Adobe ExtendScript Toolkit 2
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{626F32D6-007C-41D5-8157-9509AB1428BE}" = Unreal II
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68CF6DD2-8BA3-4A70-81D8-7CC5F24C9BA2}" = Adobe Bridge CS3
"{69E6A869-8B59-4619-A9E9-58DDFA7C05B8}" = 3ds max 6
"{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}" = Oracle Data Provider for .NET Help
"{70D9854A-CEF5-4BCF-B37A-0AA1AB0A83CF}" = Internet Chess
"{733D84D6-AAFD-4368-A1D0-F2734F6B9082}" = Adobe Help Viewer CS3
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software
"{7F3A2319-79CF-4701-95FB-034E99281808}" = Adobe Bridge Start Meeting
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8BC84ECC-EA87-49C0-93C0-2B5DF62745CD}" = Adobe Asset Services CS3
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{93ED8388-3C43-4D49-8081-03A0BE7D4E2F}_is1" = Poker Tournament Supervisor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.7
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}" = Cortona3D Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.77
"{CDC74FE6-5224-11D6-B27F-00E0181A6FA8}" = D-Link AirPlus
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1C59F81-66FD-4E8E-B9F7-F4B2442D5222}" = Adobe Update Manager CS3
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{ECF6CB25-95A7-403F-89C2-F72E44EFE0CB}" = PC Suite
"{EE3B5E58-587F-4728-9216-1001A818E536}" = Tukanas Poker Tournament Timer
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}" = Oracle Database 10g Express Edition
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"3D Exploration" = 3D Exploration
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.10 beta
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BlueJ_is1" = BlueJ 2.1.3
"bwin" = bwin Poker (remove only)
"CCleaner" = CCleaner
"CdaC13Ba" = SafeCast Shared Components
"ClocX" = ClocX (1.5b2)
"CM5500" = Chessmaster 5500 1.0.2
"Color Linez" = Color Linez
"DC++" = DC++ (remove only)
"Defraggler" = Defraggler (remove only)
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DiskCleaner" = Disk Cleaner (remove only)
"DivX Player" = DivX Player
"EAX Unified" = EAX Unified
"Elasto Mania" = Elasto Mania
"Expekt Poker" = Expekt Poker
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"HTMLKit_is1" = HTML-Kit
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IFA-book" = IFA-book
"InstallShield_{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = VideoCAM GE111
"InstallShield_{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}" = Oracle Database 10g Express Edition
"iOpus Password Recovery XP" = iOpus Password Recovery XP
"IrfanView" = IrfanView (remove only)
"JCreator LE_is1" = JCreator LE 3.50
"Kill Winamp_is1" = KillWinamp 1.60
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.5.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Sunbird (0.2a.)" = Mozilla Sunbird (0.2a.)
"Mozilla Thunderbird (1.5)" = Mozilla Thunderbird (1.5)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Multiquence v2.52" = Multiquence v2.52
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PowerISO" = PowerISO
"Process Modeler_is1" = Process Modeler 0.51 Alpha
"ShockwaveFlash" = Macromedia Flash Player 8
"ShoppingReport" = ShopperReports
"ShrinkTo5Basic" = ShrinkTo5Basic
"Slovnik_is1" = Slovnik verze 3.5
"SMath_is1" = SMath v4
"Swift 3D Version 1.00" = Swift 3D Version 1.00
"ThumbsPlus7" = ThumbsPlus version 7.0
"Tinynice MP3Recorder_is1" = Tinynice MP3Recorder 1.00 Beta
"TopStyle (Version 3)" = TopStyle (Version 3)
"Totalcmd" = Total Commander (Remove or Repair)
"upnito.sk Manager_is1" = upnito.sk Manager 1.08
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Weather Services" = Weather Services
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"Wireshark" = Wireshark 1.3.3
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 10/16/2007 10:49:31 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 10/16/2007 10:49:32 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 06/04/2008 21:21:18 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 06/05/2008 2:34:21 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 01/09/2009 9:14:43 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 01/20/2009 17:52:41 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 01/27/2009 9:39:08 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 11/06/2009 16:07:11 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 11/09/2009 14:59:02 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

Error - 05/09/2010 9:01:13 | Computer Name = TOMAS | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 06/09/2010 21:18:35 | Computer Name = TOMAS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb982168,
P2 1029, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
1935.

Error - 06/13/2010 15:19:09 | Computer Name = TOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace mspaint.exe, verze 5.1.2600.5918, chybující modul
comctl32.dll, verze 6.0.2900.5512, adresa chyby 0x00024f0d.

Error - 06/13/2010 15:19:16 | Computer Name = TOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 06/13/2010 15:19:50 | Computer Name = TOMAS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mspaint.exe, verze 5.1.2600.5918, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 06/15/2010 8:51:56 | Computer Name = TOMAS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace i_view32.exe, verze 4.2.5.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 07/03/2010 7:44:25 | Computer Name = TOMAS | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 07/03/2010 7:51:55 | Computer Name = TOMAS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.545.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 07/03/2010 7:54:44 | Computer Name = TOMAS | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 07/03/2010 7:55:30 | Computer Name = TOMAS | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 07/03/2010 8:42:20 | Computer Name = TOMAS | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

[ NetLimiter Events ]
Error - 03/19/2008 13:06:36 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/20/2008 6:30:16 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/21/2008 12:24:34 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/22/2008 8:01:30 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/22/2008 20:53:58 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/22/2008 20:58:55 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/22/2008 21:04:56 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/22/2008 21:09:36 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/22/2008 21:13:28 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

Error - 03/22/2008 21:20:58 | Computer Name = TOMAS | Source = NetLimiter 2 | ID = 1000
Description =

[ System Events ]
Error - 07/07/2010 10:37:21 | Computer Name = TOMAS | Source = sfsync02 | ID = 262156
Description =

Error - 07/07/2010 10:37:37 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 07/07/2010 10:37:42 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 07/07/2010 10:38:45 | Computer Name = TOMAS | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AmdK7 aswSP aswTdi Fips Imagedrv SCDEmu

Error - 07/07/2010 11:01:53 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 07/07/2010 11:01:53 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 07/07/2010 13:42:46 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 07/07/2010 13:42:50 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 07/07/2010 13:57:42 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 07/07/2010 13:57:43 | Computer Name = TOMAS | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}


< End of report >

[Caroprd111]

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
SRV - File not found [On_Demand | Stopped] -- -- (Rasptmg)
SRV - File not found [Auto | Stopped] -- E:\Program Files\iolo\common\lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - File not found [Auto | Stopped] -- E:\Program Files\iolo\common\lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - File not found [Disabled | Stopped] -- E:\WINDOWS\System32\hidserv.dll -- (HidServ)
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.0
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.5
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.6
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {F645A8C9-E969-42D9-B3F3-F325537222FD}:1.1.6
FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.2
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
IE - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..\Toolbar\WebBrowser: (Zango) - {E1BACF55-35E1-4E47-9247-2D48660E5545} - Reg Error: Value error. File not found
O4 - HKU\.DEFAULT..\Run: [ALUAlert] E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\.DEFAULT..\Run: [Microsoft Update] File not found
O4 - HKU\.DEFAULT..\Run: [SAmail] E:\Documents and Settings\tomas pavelka\Plocha\e-mail from#ahlem_3ishk@yahoo.fr.htm File not found
O4 - HKU\.DEFAULT..\Run: [Win32 Configuration] File not found
O4 - HKU\.DEFAULT..\Run: [Win32 USB2 Driver] File not found
O4 - HKU\.DEFAULT..\Run: [Win32 USB2.0 Driver] File not found
O4 - HKU\.DEFAULT..\Run: [Wireless Provider Server] File not found
O4 - HKU\S-1-5-18..\Run: [ALUAlert] E:\Program Files\Symantec\LiveUpdate\ALUNotify.exe File not found
O4 - HKU\S-1-5-18..\Run: [Microsoft Update] File not found
O4 - HKU\S-1-5-18..\Run: [SAmail] E:\Documents and Settings\tomas pavelka\Plocha\e-mail from#ahlem_3ishk@yahoo.fr.htm File not found
O4 - HKU\S-1-5-18..\Run: [Win32 Configuration] File not found
O4 - HKU\S-1-5-18..\Run: [Win32 USB2 Driver] File not found
O4 - HKU\S-1-5-18..\Run: [Win32 USB2.0 Driver] File not found
O4 - HKU\S-1-5-18..\Run: [Wireless Provider Server] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Win32 Configuration] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Win32 USB2 Driver] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Win32 USB2.0 Driver] File not found
O4 - HKU\.DEFAULT..\RunOnce: [Wireless Provider Server] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Win32 Configuration] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Win32 USB2 Driver] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Win32 USB2.0 Driver] File not found
O4 - HKU\S-1-5-18..\RunOnce: [Wireless Provider Server] File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Reg Error: Value error. File not found
O15 - HKU\S-1-5-21-117609710-879983540-725345543-1003\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {11111111-1111-1111-1111-111111111111} ms-its:mhtml:file://C:\ss.MHT!http://sexpicsworld.com/ebook.chm::/loader.exe (Reg Error: Key error.)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/ ... module.exe (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://E:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://E:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - CLSID or File not found.
O33 - MountPoints2\H\Shell - "" = AutoRun
[8 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[3 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
[2008/02/20 22:48:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Data aplikací\TEMP
@Alternate Data Stream - 141 bytes -> E:\Documents and Settings\All Users\Data aplikací\TEMP:1126A2CB

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Klikněte na Opravit, PC se restartuje, log vložte sem.


Doporučuji odinstalovat DC++ a uTorrent.

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.

[TomasN80]

DC++ a uTorrent jsem tedy odinstaloval, původní obtíže zatím přetrvávají. Zde je log z OTL po opravě..

All processes killed
========== OTL ==========
Service Rasptmg stopped successfully!
Service Rasptmg deleted successfully!
Service ioloSystemService stopped successfully!
Service ioloSystemService deleted successfully!
File E:\Program Files\iolo\common\lib\ioloServiceManager.exe not found.
Service ioloFileInfoList stopped successfully!
Service ioloFileInfoList deleted successfully!
File E:\Program Files\iolo\common\lib\ioloServiceManager.exe not found.
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File E:\WINDOWS\System32\hidserv.dll not found.
Prefs.js: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 removed from extensions.enabledItems
Prefs.js: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2 removed from extensions.enabledItems
Prefs.js: firebug@software.joehewitt.com:1.5.0 removed from extensions.enabledItems
Prefs.js: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.5 removed from extensions.enabledItems
Prefs.js: firegestures@xuldev.org:1.5.6 removed from extensions.enabledItems
Prefs.js: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1 removed from extensions.enabledItems
Prefs.js: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4 removed from extensions.enabledItems
Prefs.js: jqs@sun.com:1.0 removed from extensions.enabledItems
Prefs.js: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1 removed from extensions.enabledItems
Prefs.js: {F645A8C9-E969-42D9-B3F3-F325537222FD}:1.1.6 removed from extensions.enabledItems
Prefs.js: tabscope@xuldev.org:0.3 removed from extensions.enabledItems
Prefs.js: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.2 removed from extensions.enabledItems
Prefs.js: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: "http://search.icq.com/search/afe_result ... 2.0.0.0&q=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-117609710-879983540-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-117609710-879983540-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-117609710-879983540-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-117609710-879983540-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E1BACF55-35E1-4E47-9247-2D48660E5545} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1BACF55-35E1-4E47-9247-2D48660E5545}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\ALUAlert deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Update deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SAmail deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Win32 Configuration deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Win32 USB2 Driver deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Win32 USB2.0 Driver deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Wireless Provider Server deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ALUAlert not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft Update not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SAmail not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Win32 Configuration not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Win32 USB2 Driver not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Win32 USB2.0 Driver not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Wireless Provider Server not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Win32 Configuration deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Win32 USB2 Driver deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Win32 USB2.0 Driver deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Wireless Provider Server deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Win32 Configuration not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Win32 USB2 Driver not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Win32 USB2.0 Driver not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Wireless Provider Server not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCA281CA-C863-46ef-9331-5C8D4460577F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCA281CA-C863-46ef-9331-5C8D4460577F}\ not found.
Registry value HKEY_USERS\S-1-5-21-117609710-879983540-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Starting removal of ActiveX control {11111111-1111-1111-1111-111111111111}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{11111111-1111-1111-1111-111111111111}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{11111111-1111-1111-1111-111111111111}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-111111111111}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{11111111-1111-1111-1111-111111111111}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-111111111111}\ not found.
Starting removal of ActiveX control {2357B3CF-7F8D-4451-8D81-FD6097610AEE}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2357B3CF-7F8D-4451-8D81-FD6097610AEE}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2357B3CF-7F8D-4451-8D81-FD6097610AEE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2357B3CF-7F8D-4451-8D81-FD6097610AEE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2357B3CF-7F8D-4451-8D81-FD6097610AEE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2357B3CF-7F8D-4451-8D81-FD6097610AEE}\ not found.
File Animation Java Classes file://E:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://E:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\Web Event Logger deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
E:\WINDOWS\System32\CONFIG.TMP deleted successfully.
E:\WINDOWS\System32\SET6369.tmp deleted successfully.
E:\WINDOWS\System32\SET636E.tmp deleted successfully.
E:\WINDOWS\System32\SET6375.tmp deleted successfully.
E:\WINDOWS\System32\SET637E.tmp deleted successfully.
E:\WINDOWS\System32\SET6380.tmp deleted successfully.
E:\WINDOWS\System32\SET6383.tmp deleted successfully.
E:\WINDOWS\System32\setb5.tmp deleted successfully.
E:\WINDOWS\005932_.tmp deleted successfully.
E:\WINDOWS\007195_.tmp deleted successfully.
E:\WINDOWS\007252_.tmp deleted successfully.
E:\Documents and Settings\All Users\Data aplikací\TEMP folder moved successfully.
Unable to delete ADS E:\Documents and Settings\All Users\Data aplikací\TEMP:1126A2CB .
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 908455 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 126983593 bytes

User: tomas pavelka
->Temp folder emptied: 1328430640 bytes
->Temporary Internet Files folder emptied: 602206730 bytes
->Java cache emptied: 48345486 bytes
->FireFox cache emptied: 346466645 bytes
->Apple Safari cache emptied: 25555602 bytes
->Flash cache emptied: 74738 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8317976 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 76923044 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 45525 bytes
RecycleBin emptied: 498114 bytes

Total Files Cleaned = 2 446,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: tomas pavelka
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.7.1 log created on 07072010_203900

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Caroprd111]

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Vložte do PC všechny flash disky, které používáte.
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

[TomasN80]

..tak snad jsem to provedl správně, zde je log..

ComboFix 10-07-06.05 - tomas pavelka 07/07/2010 21:53:14.1.1 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.1248 [GMT 2:00]
Spuštěný z: e:\documents and settings\tomas pavelka\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\documents and settings\tomas pavelka\Plocha\CFNM Scene - the case of being forcibly jerked
e:\documents and settings\tomas pavelka\Plocha\CFNM Scene - the case of being forcibly jerked
e:\program files\ShoppingReport
e:\program files\ShoppingReport\Uninst.exe
E:\Thumbs.db
e:\windows\system\BCBSMP35.BPL
G:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WINDOWS_UPDATE


((((((((((((((((((((((((( Soubory vytvořené od 2010-06-07 do 2010-07-07 )))))))))))))))))))))))))))))))
.

2010-07-07 19:48 . 2010-07-07 19:48 -------- d-----w- E:\32788R22FWJFW
2010-07-07 18:39 . 2010-07-07 18:39 -------- d-----w- E:\_OTL
2010-07-07 15:02 . 2010-07-07 15:02 -------- d-----w- e:\program files\trend micro
2010-07-07 15:02 . 2010-07-07 15:02 -------- d-----w- E:\rsit
2010-07-07 13:20 . 2010-07-07 13:20 -------- d-----w- e:\windows\system32\wbem\Repository
2010-07-07 13:19 . 2010-07-07 13:19 -------- d-----w- e:\documents and settings\tomas pavelka\Ukol 22
2010-07-07 13:19 . 2010-07-07 13:19 -------- d-----w- e:\documents and settings\tomas pavelka\Ukol 11
2010-06-18 08:58 . 2010-07-07 13:18 -------- d-----w- e:\program files\Microsoft SQL Server
2010-06-18 08:57 . 2010-06-18 08:57 -------- d-----w- e:\program files\Microsoft Synchronization Services
2010-06-18 08:57 . 2010-06-18 08:57 -------- d-----w- e:\program files\Microsoft SQL Server Compact Edition
2010-06-18 08:54 . 2010-07-07 13:19 -------- d-----w- e:\program files\Microsoft Visual Studio 9.0
2010-06-18 08:53 . 2010-06-18 08:53 -------- d-----w- e:\program files\Microsoft SDKs
2010-06-15 13:03 . 2010-06-15 13:03 -------- d-----w- e:\program files\MSECache

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-07 13:18 . 2008-10-06 16:57 -------- d-----w- e:\program files\Microsoft.NET
2010-06-25 13:58 . 2008-07-09 11:18 -------- d-----w- e:\program files\bwin
2010-06-23 01:04 . 2001-10-25 14:00 503174 ----a-w- e:\windows\system32\perfh005.dat
2010-06-23 01:04 . 2001-10-25 14:00 117784 ----a-w- e:\windows\system32\perfc005.dat
2010-06-18 09:13 . 2005-10-12 10:58 -------- d-----w- e:\program files\Java
2010-06-13 06:42 . 2010-01-22 15:13 -------- d-----w- e:\program files\ICQ7.0
2010-06-12 12:46 . 2009-04-25 12:36 -------- d-----w- e:\program files\PokerStars.NET
2010-05-27 13:18 . 2010-05-27 13:18 -------- d-----w- e:\program files\Chami
2010-05-24 07:41 . 2007-10-06 07:02 -------- d-----w- e:\program files\Alwil Software
2010-05-20 13:46 . 2010-05-20 13:46 -------- d-----w- e:\program files\Common Files\ParallelGraphics
2010-05-06 20:59 . 2007-10-06 07:02 38848 ----a-w- e:\windows\system32\avastSS.scr
2010-05-06 20:59 . 2007-10-06 07:02 165032 ----a-w- e:\windows\system32\aswBoot.exe
2010-05-06 20:39 . 2007-10-06 07:02 46672 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2010-05-06 20:39 . 2008-04-22 14:04 164048 ----a-w- e:\windows\system32\drivers\aswSP.sys
2010-05-06 20:34 . 2007-10-06 07:02 23376 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2010-05-06 20:33 . 2007-10-06 07:02 100432 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2010-05-06 20:33 . 2007-10-06 07:02 94800 ----a-w- e:\windows\system32\drivers\aswmon.sys
2010-05-06 20:33 . 2008-04-22 14:04 19024 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2010-05-06 20:33 . 2007-10-06 07:02 28880 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2010-05-04 17:18 . 2004-08-23 18:35 832512 ----a-w- e:\windows\system32\wininet.dll
2010-05-04 17:18 . 2004-08-17 22:49 78336 ----a-w- e:\windows\system32\ieencode.dll
2010-05-04 17:18 . 2001-10-25 14:00 17408 ------w- e:\windows\system32\corpol.dll
2010-05-02 08:09 . 2002-09-20 17:41 1851264 ----a-w- e:\windows\system32\win32k.sys
2010-04-20 05:32 . 2001-10-25 14:00 285696 ----a-w- e:\windows\system32\atmfd.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="e:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-10-24 307200]
"ICQ"="e:\program files\ICQ7.0\ICQ.exe" [2010-06-08 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="e:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-01-06 335872]
"DAEMON Tools"="e:\program files\DAEMON Tools\daemon.exe" [2005-11-08 128920]
"SunJavaUpdateSched"="e:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]
"PWRISOVM.EXE"="e:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"QuickTime Task"="e:\program files\QuickTime\qttask.exe" [2008-03-28 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\System32\ctfmon.exe" [2008-04-14 15360]

e:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - e:\program files\MSI\BToes Bluetooth Software\BTTray.exe [2005-3-29 569405]
D-Link AirPlus.lnk - e:\program files\D-Link AirPlus\AirPlus.exe [2004-9-28 262144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"g:\\3dsmax6\\3dsmax.exe"=
"e:\\Program Files\\HLSW\\hlsw.exe"=
"e:\\WINDOWS\\system32\\dpvsetup.exe"=
"e:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"e:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"e:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"e:\\Program Files\\Java\\jdk1.5.0_03\\jre\\bin\\java.exe"=
"e:\\Program Files\\ICQ7.0\\ICQ.exe"=
"e:\\Program Files\\ICQ7.0\\aolload.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 SSHDRV65;SSHDRV65;e:\windows\system32\drivers\SSHDRV65.sys [09/26/2004 13:10 120320]
S1 aswSP;aswSP;e:\windows\system32\drivers\aswSP.sys [04/22/2008 16:04 164048]
S2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [04/22/2008 16:04 19024]
S2 NPF;NetGroup Packet Filter Driver;e:\windows\system32\drivers\npf.sys [10/20/2009 20:19 50704]
S2 OracleServiceXE;OracleServiceXE;g:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE --> g:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [?]
S2 OracleXETNSListener;OracleXETNSListener;g:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE [02/02/2006 1:49 204800]
S3 PAC207;VideoCAM GE111;e:\windows\system32\drivers\PFC027.sys [04/08/2005 11:46 162176]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE;g:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE --> g:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [?]
S4 sptd;sptd;e:\windows\system32\drivers\sptd.sys [12/24/2005 18:05 664064]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-07 e:\windows\Tasks\User_Feed_Synchronization-{545BF149-EEB3-47D9-B1F5-8FD23C7D32B5}.job
- e:\windows\system32\msfeedssync.exe [2007-08-13 17:36]

2010-07-02 e:\windows\Tasks\WGASetup.job
- e:\windows\system32\KB905474\wgasetup.exe [2010-03-28 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mSearch Bar =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Blokovat všechny obrázky ze stejného serveru - e:\program files\Avant Browser\AddAllToADBlackList.htm
IE: E&xportovat do aplikace Microsoft Office Excel - e:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Hledat - e:\program files\Avant Browser\Search.htm
IE: Otevřít všechny odkazy na této stránce... - e:\program files\Avant Browser\OpenAllLinks.htm
IE: Přidat do seznamu blokovaných reklam - e:\program files\Avant Browser\AddToADBlackList.htm
IE: Send To &Bluetooth - e:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
IE: Zvýraznit - e:\program files\Avant Browser\Highlight.htm
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - e:\program files\PokerStars.NET\PokerStarsUpdate.exe
TCP: {28AB331B-BD4F-40F0-9F0E-C271FADC6F0B} = 192.168.0.1
FF - ProfilePath - e:\documents and settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - component: e:\documents and settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: e:\documents and settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: e:\documents and settings\tomas pavelka\Data aplikací\Mozilla\Firefox\Profiles\6vtk4mei.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
FF - plugin: e:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: e:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
e:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Asociace souborů -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-RunOnce-<NO NAME> - (no file)
AddRemove-Totalcmd - c:\totalcmd\tcuninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-07 22:02
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-117609710-879983540-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):8e,91,47,96,1a,b6,b7,ce,90,62,7a,d9,7b,d1,28,b9,e3,7a,6c,4f,83,
fb,a8,a2,e8,1c,2d,18,b4,f8,f9,1b,fe,61,e9,23,ef,8c,d2,23,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{cacfce95-da65-4011-a917-5cb58bc4fd48}]
@Denied: (Full) (Everyone)
"Model"=dword:00000083
"Therad"=dword:0000001a
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(836)
e:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-07-07 22:10:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-07 20:10

Před spuštěním: Volných bajtů: 14 339 833 856
Po spuštění: Volných bajtů: 14 164 680 704

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
e:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 5665F005C23E6CE933A9933EB75DBE2A

[Caroprd111]

Jak se chová PC

[TomasN80]

V normálním spuštění potíže stále přetrvávají, některé aplikace se spustí, ale třeba klasický prohlížeč nebo malování (programy OS) nebo ovl. panely - přidat programy, - pořád bez odezvy. No prohlížeč asi za 5 minut částečně naběhl a signalizoval, že prohledává, po 10-ti min, bez činnosti HDD, jsem provedl restart PC do nouzového režimu. IE nebo FireFox v normálním režimu vůbec nenaběhnou. Ikonky u hodin již se zobrazují, ale připojení k síti se rovněž nedaří a ikonka připojení k síti se nezobrazuje.

[Caroprd111]

Odinstalujte všechny emulátory virtuálních mechanik.

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

• Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
• zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

• Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Start > Spustit (Win + R)

• Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

• Klikněte na OK

• Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

[TomasN80]

Dobrý den, odinstaloval jsem tedy virtuální mechaniky, ale při pokusu o spuštění SPTD z plochy se mi zobrazí varovné okénko s popiskem "You must reboot after previous operation.", tím končí jakákoli činnost, mám pokračovat tím Defogerem?

[Caroprd111]

Ano, pokračujte.

[TomasN80]

Omlouvám se za odpověď se zpožděním, byl jsem mimo domov, zde je log z MBR

tealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvatabus.sys
kernel: MBR read successfully
user & kernel MBR OK

..a zde je log z GMER..

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-09 20:11:06
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: E:\DOCUME~1\TOMASP~1\LOCALS~1\Temp\fgldipow.sys


---- Kernel code sections - GMER 1.0.15 ----

? E:\DOCUME~1\TOMASP~1\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- User code sections - GMER 1.0.15 ----

.text E:\Program Files\Mozilla Firefox\plugin-container.exe[480] USER32.dll!TrackPopupMenu 7E3B531E 5 Bytes JMP 104505FE E:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text E:\Program Files\Mozilla Firefox\firefox.exe[1668] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 E:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272c2caf0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x6A 0x3C 0x39 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000272c2caf0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 E:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE5 0xCB 0x44 0xE0 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x67 0xCD 0xD7 0xDF ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x2C 0x27 0x5D 0xD1 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x15 0x09 0x1D 0x7A ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xDE 0xD4 0x33 0xCB ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xED 0x26 0x69 0xC7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 E:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE5 0xCB 0x44 0xE0 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x67 0xCD 0xD7 0xDF ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x2C 0x27 0x5D 0xD1 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x15 0x09 0x1D 0x7A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0xDE 0xD4 0x33 0xCB ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xED 0x26 0x69 0xC7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0x8E 0x91 0x47 0x96 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{cacfce95-da65-4011-a917-5cb58bc4fd48}@Model 131
Reg HKLM\SOFTWARE\Classes\CLSID\{cacfce95-da65-4011-a917-5cb58bc4fd48}@Therad 26

---- EOF - GMER 1.0.15 ----