VIRY.CZ

Po kliknutí na odkaz na webu se objevila bezpečnostní analýza Mozilla Firefox
a zabezpečení systému Windows řeklo, že mám viry ve složce Sdílené dokumenty a že harddisk je zavirován těmito viry: Backdoor.Win32.Bifrose.cqqy Win32/Sality a Packed.Vuntid!gen2

Udělal jsem scan Avirou, ale ta nic nenašla. Tak jsem to oskenoval MWAV a ten Backdoor kromě jiného našel. Ovšem tento MWAV jsem měl už delší dobu a i po provedení aktualizace se mi načetla databáze 17.3.2009 /verze 11.0.37 DB/ . Stáhnul jsem si tedy z prvního odkazu na vašich stránkách nový MWAV a aktualizoval - objevila se mi databáze s datem 28 jul 2010. /verze 12.0.49 DB/ Další aktualizece provést nešla . Udělal jsem tedy sken s touto verzí. Našel obdobné viry jako stará verze MWAV mezi nimi i Backdoor. Bohužel tady jsem udělal chybu. Nevšimnul jsem si, že tato nová verze, na rozdíl od staré, může viry i mazat a stalo se.

výpis:
Object "kazaa Spyware/Adware" found in File System! Action Taken: Entries Removed.
Object "Spyware.NetScreenWatch Spyware/Adware" found in File System! Action Taken: File Deleted.
Object "User Account Control (Fake) Spyware/Adware" found in File System! Action Taken: File Deleted.
Object "PC Sweeper" found in File System! Action Taken: File Deleted.
Object "WinFixer/ErrorSafe Adware" found in File System! Action Taken: File Deleted.
Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.
Object "DiskKnight Adware" found in File System! Action Taken: Entries Removed.
Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
Object "Antivirus Sentry Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
Object "Orifice2K.plugin Trojan" found in File System! Action Taken: Entries Removed.

Pak jsem udělal sken ještě jednou starou verzí MWAV a ta našla ještě toto:

výpis:
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "CyberSitter Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Spyware.ExpressKeylog Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Potom jsem ještě zkusil novou verzi a ta pro změnu napsala toto:
výpis:

Object "User Account Control (Fake) Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "User Account Control (Fake) Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "User Account Control (Fake) Spyware/Adware" found in File System! Action Taken: No Action Taken.

Prosím o radu co dál. Děkuji.
P.S. Mimochodem ta novější verze MWAV nelze spustit bez vypnutého Ad-Aware /Ad-Watch -Live/, který jeden z procesů MWAV označuje jako Win32.Worm.Mabezat. Stará verze MWAV nemá s Ad-Awarem problém.

Zdravím

Dejte log z RSIT.

Tady to je:

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2010-09-14 17:48:04
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 164 GB (54%) free of 305 GB
Total RAM: 2047 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:12, on 14.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\user\Plocha\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2186473
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Movier-media Toolbar - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files\Movier-media\tbMov1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Movier-media Toolbar - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files\Movier-media\tbMov1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Movier-media Toolbar - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files\Movier-media\tbMov1.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 10252 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-1383384898-839522115-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-1383384898-839522115-1004.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{53A57D5A-365C-4A80-A419-DC8885684B15}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-06 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce10bf86-da68-441e-91fa-38336363e3cd}]
Movier-media Toolbar - C:\Program Files\Movier-media\tbMov1.dll [2010-09-03 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-06 279944]
{ce10bf86-da68-441e-91fa-38336363e3cd} - Movier-media Toolbar - C:\Program Files\Movier-media\tbMov1.dll [2010-09-03 2734688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\WINDOWS\CTHELPER.EXE [2006-08-17 17920]
"AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2010-09-03 864624]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
""= []
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2009-06-04 25600]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverUpdaterPro]
C:\Program Files\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe -t []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-22 2772992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lachesis]
C:\Program Files\Razer\Lachesis\razerhid.exe [2008-10-14 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ParetoLogic Anti-Virus PLUS]
C:\Program Files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.lnk -NM -hidesplash []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~1\Raptr\RaptrStub.exe [2009-10-09 43960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\razer]
C:\Program Files\Razer\Copperhead\razerhid.exe [2005-10-08 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2009-12-24 306088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-08-25 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2006-07-13 122880]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Documents and Settings\user\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\GAMES\Battlefield 2\BF2.exe"="C:\GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlatOut2\FlatOut2.exe"="C:\Program Files\FlatOut2\FlatOut2.exe:*:Disabled:FlatOut2"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe"="C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.10.game"="C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.10.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"C:\Program Files\Liquid.6\Program\RM.exe"="C:\Program Files\Liquid.6\Program\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Liquid.6\Program\Studiou.mod"="C:\Program Files\Liquid.6\Program\Studiou.mod:*:Enabled:Liquid"
"C:\Program Files\Raptr\RaptrBT.exe"="C:\Program Files\Raptr\RaptrBT.exe:*:Enabled:RaptrBT"
"C:\Program Files\Raptr\Raptr.exe"="C:\Program Files\Raptr\Raptr.exe:*:Enabled:Raptr Client"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Steam\SteamApps\common\mafia ii - public demo\launcher.exe"="C:\Program Files\Steam\SteamApps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-14 17:48:04 ----D---- C:\rsit
2010-09-14 17:48:04 ----D---- C:\Program Files\trend micro
2010-09-14 16:19:45 ----AD---- C:\WINDOWS\rundll16.exe
2010-09-14 16:19:45 ----AD---- C:\WINDOWS\logo1_.exe
2010-09-14 15:09:24 ----AD---- C:\WINDOWS\VDLL.DLL
2010-09-14 15:09:24 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-09-14 15:09:24 ----AD---- C:\WINDOWS\logo_1.exe
2010-09-14 14:54:04 ----D---- C:\Documents and Settings\user\Data aplikací\Download Manager
2010-09-14 08:47:09 ----D---- C:\Documents and Settings\user\Data aplikací\RealWorld
2010-09-14 08:46:56 ----D---- C:\Program Files\RealWorld Icon Editor
2010-09-12 12:10:14 ----D---- C:\Program Files\The KMPlayer
2010-09-06 18:32:21 ----D---- C:\Documents and Settings\user\Data aplikací\NVIDIA
2010-09-05 18:52:53 ----D---- C:\_RestoreRender
2010-09-05 18:52:53 ----D---- C:\_RestoreMedia
2010-09-05 18:52:53 ----D---- C:\_Restore
2010-09-05 18:52:30 ----D---- C:\_Backup
2010-09-04 18:52:30 ----D---- C:\Program Files\Liquid.6
2010-09-03 19:53:30 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-09-03 19:53:30 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-09-03 19:53:29 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-09-03 19:53:29 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-09-03 19:53:28 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-09-03 19:53:28 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-09-03 19:53:27 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-09-03 19:53:27 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-09-03 19:53:26 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-09-03 19:53:26 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-09-03 19:53:25 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-09-03 19:53:25 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-09-03 19:35:20 ----D---- C:\Program Files\Webteh
2010-09-03 10:24:12 ----D---- C:\Program Files\iPod
2010-09-02 14:03:17 ----D---- C:\WINDOWS\system32\Quicktime
2010-08-28 11:58:38 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2010-08-28 11:58:35 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2010-08-28 11:58:34 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2010-08-28 11:58:32 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2010-08-28 11:58:29 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2010-08-28 11:58:27 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2010-08-28 11:58:24 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2010-08-28 11:58:19 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-08-28 11:58:19 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2010-08-28 11:58:14 ----A---- C:\WINDOWS\system32\drivers\avc.sys
2010-08-28 11:58:12 ----A---- C:\WINDOWS\system32\drivers\61883.sys
2010-08-22 18:26:15 ----D---- C:\Documents and Settings\user\Data aplikací\Movier
2010-08-22 18:25:58 ----D---- C:\Program Files\Conduit
2010-08-22 18:25:57 ----D---- C:\Program Files\Movier-media
2010-08-22 18:25:53 ----D---- C:\Program Files\Movier

======List of files/folders modified in the last 1 months======

2010-09-14 17:48:11 ----D---- C:\WINDOWS\Prefetch
2010-09-14 17:48:04 ----RD---- C:\Program Files
2010-09-14 16:36:25 ----SD---- C:\WINDOWS\Tasks
2010-09-14 16:20:47 ----D---- C:\WINDOWS\Temp
2010-09-14 16:19:45 ----D---- C:\WINDOWS
2010-09-14 15:08:09 ----D---- C:\WINDOWS\system32
2010-09-14 14:35:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-14 14:33:54 ----D---- C:\WINDOWS\system32\config
2010-09-14 14:33:39 ----D---- C:\WINDOWS\system32\wbem
2010-09-14 14:33:39 ----D---- C:\WINDOWS\Registration
2010-09-14 14:33:28 ----SHD---- C:\WINDOWS\Installer
2010-09-14 14:33:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-14 13:56:00 ----SHD---- C:\System Volume Information
2010-09-14 13:54:38 ----D---- C:\WINDOWS\system32\NtmsData
2010-09-14 08:47:00 ----SD---- C:\Documents and Settings\user\Data aplikací\Microsoft
2010-09-13 22:07:37 ----D---- C:\Documents and Settings\user\Data aplikací\Mumble
2010-09-13 22:06:33 ----D---- C:\Program Files\Steam
2010-09-13 20:10:01 ----D---- C:\Documents and Settings\user\Data aplikací\OpenOffice.org2
2010-09-13 17:12:39 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-13 12:15:15 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-09-12 11:54:01 ----HD---- C:\WINDOWS\inf
2010-09-10 06:59:26 ----D---- C:\Program Files\Mozilla Firefox
2010-09-06 15:00:06 ----A---- C:\WINDOWS\ULead32.ini
2010-09-05 14:13:50 ----A---- C:\WINDOWS\VFO.INI
2010-09-04 18:57:16 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-03 19:53:50 ----D---- C:\Program Files\NVIDIA Corporation
2010-09-03 19:53:31 ----D---- C:\WINDOWS\system32\DirectX
2010-09-03 19:52:35 ----RSD---- C:\WINDOWS\assembly
2010-09-03 19:20:06 ----D---- C:\WINDOWS\Help
2010-09-03 10:24:52 ----D---- C:\Program Files\iTunes
2010-09-03 10:24:12 ----D---- C:\Program Files\Common Files\Apple
2010-09-03 10:22:09 ----D---- C:\Program Files\QuickTime
2010-09-03 10:20:55 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-02 15:03:20 ----D---- C:\Program Files\Common Files
2010-09-02 13:12:57 ----D---- C:\WINDOWS\Debug
2010-09-02 13:11:14 ----D---- C:\Program Files\CCleaner
2010-08-30 12:57:55 ----A---- C:\WINDOWS\emsoft.ini
2010-08-28 11:58:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-28 11:58:38 ----D---- C:\WINDOWS\system32\drivers
2010-08-21 15:56:20 ----D---- C:\Program Files\Common Files\Java
2010-08-21 15:55:51 ----D---- C:\Program Files\Java
2010-08-20 19:14:21 ----D---- C:\Documents and Settings\user\Data aplikací\ZoomBrowser EX
2010-08-18 10:44:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\ZoomBrowser

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-07-12 64288]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2007-11-26 20016]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2009-01-03 2911848]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 port_nt;port_nt; \??\c:\windows\system32\drivers\port_nt.sys []
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\WINDOWS\System32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2009-06-04 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2009-06-04 526232]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\WINDOWS\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\WINDOWS\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2009-06-04 14360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2009-06-04 158744]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2009-06-04 95768]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2009-06-04 1177624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-12 4609024]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-20 62592]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-20 19968]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2009-06-04 130072]
R3 Razerlow;Razer Copperhead Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CT20XUT;CT20XUT; C:\WINDOWS\system32\drivers\CT20XUT.SYS [2009-06-04 171032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2009-06-04 347080]
S3 CTEXFIFX;CTEXFIFX; C:\WINDOWS\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
S3 CTHWIUT;CTHWIUT; C:\WINDOWS\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys []
S3 GMSIPCI;GMSIPCI; \??\J:\Drivery\_MSI CD k MB oranzove\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-02-24 17480]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340); C:\WINDOWS\system32\drivers\WPRO_40_1340.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-19 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-09-03 1355928]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-07-07 75064]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-05-03 606720]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2009-01-03 304528]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-13 136176]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-26 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-07-08 79360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Doporučuji odinstalovat Spybot - Search & Destroy a Ad-Aware

Obrázek

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Následující soubor/y otestujte na http://www.virustotal.com/cs/
c:\windows\explorer.exe
c:\windows\system32\svchost.exe
c:\windows\system32\ctfmon.exe

(Soubor/y nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "File already submitted:" dejte Reanalyse. Výsledek analýzy sem v podobě odkazu vložte.)

http://www.virustotal.com/file-scan/rep ... 1284486485

http://www.virustotal.com/file-scan/rep ... 1284486800

Ok, ještě:
c:\windows\system32\ctfmon.exe

http://www.virustotal.com/file-scan/rep ... 1284487244

Jsou s PC nějaké problémy

Zatím se nezdá, že by PC fungoval hůř. Ale vzhledem k tomu, co se o těchto virech píše na webu, mám obavy, aby to tam nebylo. Problémy byly dnes jen s aktualizací MWAV a dva dny se mi neaktualizovala Avira. V minulosti jsem někdy měl pocit, že PC jakoby nechodil na administrátorských právech, ač je má.

Dá se nějak znovu vyvolat bezpečnostní analýza Mozilla Firefox a hláška zabezpečení systému Windows ? Když to totiž na mě vyskočilo, v první chvíli jsem myslel, že mi nátékají nějaké soubory do pc a zastavil jsem to. Pak už se to nedalo znovu rozjet. Ale udělal jsem si screen obrazovky a z toho jsem pak vyčetl /ale až dole drobným písmem/, že Windows Security v Mozille Firefox nabízelo vymazání hlášených virů.....ale už bylo pozdě. P.S. nevím, jak se sem na fórum dají poslat scereeny, jinak bych to na ukázku poslal.

O Backdoor.Win32.Bifrose.cqqy jsem na vebu našel jeden článek, který to popisuje jako falešnou hlášku - jestli to dobře chápu:
http://www.precisesecurity.com/hijacker ... -analysis/

Když vypnu Ad-Watch - Live, vyskočí hláška, že počítač je ohrožen. Asi bych to musel nahradit něčím jiným.

Na vir Win32/Sality jsem našel tento odkaz:
http://www.avg.com/cz-cs/67769
Mám to zkusit??

Aco ty hlášky MWAV ? :
Object "User Account Control (Fake) Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "User Account Control (Fake) Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "User Account Control (Fake) Spyware/Adware" found in File System! Action Taken: No Action Taken.

Ad-Adware odinstalujte, máte Aviru.

Program z odkazu zkuste a napište výsledek.

Hlášky MWAV jsou pouze neškodné zbytky.

Tak odkaz http://www.avg.com/cz-cs/67769 jsem zkusil. Test na Win32/Sality nenašel nic. Tak co teď?

Tak čím víc o tom čtu na webu a znovu jsem pečlivě prošel odkaz na http://www.precisesecurity.com/hijacker ... -analysis/, dělá to na mě dojem, že opravdu mohlo jít o falešnou hlášku, s cílem abych hned kliknul na opravu problémů s následnou nabídkou koupě falešného antiviráku. /tedy v podstatě tzv. phishing/. Takže snad vlastně OK, že se tak nestalo. Ale otázka teď zní, jak se dá zamezit těmto falešným Security Threat analýzám? A nemám tedy v PC nějakou jinou havěť, která tyto analýzy umožňuje??

Bránit se můžete pouze antivirem, firewallem a zdravým rozumem. PC můžeme ještě prověřit podle následujícího návodu.

Obrázek

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
autochk.exe
grpconv.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

OTL logfile created on: 15.9.2010 7:57:51 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\user\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 159,64 Gb Free Space | 53,56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 3,73 Gb Total Space | 3,64 Gb Free Space | 97,67% Space Free | Partition Type: FAT32

Computer Name: ALZA-574BF022DC
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.09.15 07:54:03 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
PRC - [2010.09.10 06:59:16 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.09.10 06:59:14 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.09.03 09:49:36 | 001,355,928 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.09.03 09:49:36 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.04.19 16:36:37 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010.01.14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.06.04 00:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\Ctxfihlp.exe
PRC - [2009.06.04 00:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTxfispi.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008.05.03 20:48:20 | 000,606,720 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.08.17 12:32:04 | 000,017,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
PRC - [2006.03.30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005.11.04 18:07:56 | 000,049,152 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
PRC - [2005.06.06 23:46:24 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
PRC - [2003.08.06 22:24:20 | 012,037,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

========== Modules (SafeList) ==========

MOD - [2010.09.15 07:54:03 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.08.17 12:32:04 | 000,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.03 09:49:36 | 001,355,928 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.07.08 12:48:32 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.04.19 16:36:37 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009.01.03 13:01:59 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.05.03 20:48:20 | 000,606,720 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2006.05.10 11:59:04 | 000,353,912 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\WINDOWS\System32\sfrem01.exe -- (sfrem01) SF FrontLine Drivers Auto Removal (v1)
SRV - [2006.03.30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WPRO_40_1340.sys -- (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- J:\Drivery\_MSI CD k MB oranzove\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2010.08.13 08:18:42 | 000,015,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010.07.12 10:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010.06.08 01:57:00 | 010,531,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.03.01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.04 02:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2009.06.04 02:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2009.06.04 02:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009.06.04 02:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2009.06.04 02:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009.06.04 02:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2009.06.04 02:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2009.06.04 02:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2009.06.04 02:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2009.06.04 02:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2009.06.04 02:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2009.06.04 02:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2009.06.04 02:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2009.06.04 02:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009.05.11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.01.03 13:01:59 | 002,911,848 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.13 20:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.13 20:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008.04.13 18:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.02.24 21:48:40 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007.12.14 09:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS)
DRV - [2007.10.12 17:33:00 | 004,609,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.08.08 12:04:16 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lachesis.sys -- (LachesisFltr)
DRV - [2006.11.20 02:35:26 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.11.20 02:35:24 | 000,062,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.10.18 16:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.05.10 10:39:38 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.05.10 10:20:28 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.08.12 11:11:10 | 000,019,020 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Razerlow.sys -- (Razerlow)
DRV - [2005.06.03 13:47:06 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.06.03 13:47:04 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.06.03 13:47:00 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.06.03 13:46:58 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.06.03 13:46:52 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.11.18 12:49:14 | 000,024,786 | ---- | M] (EUTRON) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.06.21 17:03:22 | 000,078,976 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004.03.10 17:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.04.19 01:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003.03.02 18:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)
DRV - [2000.10.24 01:00:00 | 000,003,608 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\port_nt.sys -- (port_nt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2186473
IE - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\..\URLSearchHook: {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files\Movier-media\tbMov1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "About:Blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.10 06:59:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.10 06:59:18 | 000,000,000 | ---D | M]

[2008.09.19 21:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Mozilla\Extensions
[2010.09.14 15:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\extensions
[2010.06.28 15:41:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.01 18:03:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.09.11 11:47:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\searchplugins\icqplugin-1.xml
[2008.03.26 22:02:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\searchplugins\icqplugin-2.xml
[2008.04.17 17:57:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\searchplugins\icqplugin-3.xml
[2008.07.05 09:09:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\searchplugins\icqplugin-4.xml
[2008.07.16 22:58:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\searchplugins\icqplugin-5.xml
[2008.02.29 12:36:21 | 000,000,962 | ---- | M] () -- C:\Documents and Settings\user\Data aplikací\Mozilla\Firefox\Profiles\jgre2h2f.default\searchplugins\icqplugin.xml
[2010.09.14 15:17:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.29 13:37:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.21 15:55:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.12 01:52:09 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.06.12 01:52:09 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.06.12 01:52:09 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.06.12 01:52:09 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.06.12 01:52:09 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.12.26 13:48:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Movier-media Toolbar) - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files\Movier-media\tbMov1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Movier-media Toolbar) - {ce10bf86-da68-441e-91fa-38336363e3cd} - C:\Program Files\Movier-media\tbMov1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\..\Toolbar\WebBrowser: (Movier-media Toolbar) - {CE10BF86-DA68-441E-91FA-38336363E3CD} - C:\Program Files\Movier-media\tbMov1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKU\S-1-5-21-1960408961-1383384898-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\user\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1960408961-1383384898-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://www.driveragent.com/files/driveragent.cab (Driver Agent ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Plocha\pracovní plochy\auto.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Plocha\pracovní plochy\auto.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.11.15 17:13:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.09.15 07:54:03 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.09.15 07:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.09.14 22:07:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Plocha\Nová složka (3)
[2010.09.14 19:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Plocha\žjp
[2010.09.14 17:48:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.14 17:48:04 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.14 16:19:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.09.14 16:19:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.09.14 15:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.09.14 15:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.09.14 15:09:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.09.14 14:54:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Data aplikací\Download Manager
[2010.09.14 08:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Data aplikací\RealWorld
[2010.09.14 08:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\RealWorld Icon Editor
[2010.09.12 12:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\The KMPlayer
[2010.09.12 12:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.09.12 12:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Plocha\KMPlayer
[2010.09.06 18:32:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Data aplikací\NVIDIA
[2010.09.06 18:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Data aplikací\2K Games
[2010.09.05 18:52:53 | 000,000,000 | ---D | C] -- C:\_RestoreRender
[2010.09.05 18:52:53 | 000,000,000 | ---D | C] -- C:\_RestoreMedia
[2010.09.05 18:52:53 | 000,000,000 | ---D | C] -- C:\_Restore
[2010.09.05 18:52:30 | 000,000,000 | ---D | C] -- C:\_Backup
[2010.09.04 18:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Liquid.6
[2010.09.04 18:24:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010.09.03 19:53:30 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.09.03 19:53:30 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.09.03 19:53:29 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.09.03 19:53:29 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.09.03 19:53:28 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.09.03 19:53:28 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.09.03 19:53:27 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010.09.03 19:53:27 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.09.03 19:53:26 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.09.03 19:53:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.09.03 19:53:25 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.09.03 19:53:25 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.09.03 19:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2010.09.03 10:24:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.09.03 10:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Movier-media
[2010.09.02 19:22:04 | 006,588,488 | ---- | C] (DExUS & Snipes ) -- C:\Documents and Settings\user\Plocha\install.exe
[2010.09.02 14:03:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Quicktime
[2010.09.02 11:54:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Plocha\Nová složka
[2010.09.01 18:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\dwhelper
[2010.08.28 11:58:38 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010.08.28 11:58:35 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010.08.28 11:58:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010.08.28 11:58:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010.08.28 11:58:34 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010.08.28 11:58:32 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010.08.28 11:58:29 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010.08.28 11:58:27 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010.08.28 11:58:24 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010.08.28 11:58:19 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010.08.28 11:58:19 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010.08.28 11:58:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010.08.28 11:58:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010.08.28 11:58:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010.08.28 11:58:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010.08.28 11:58:19 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2010.08.28 11:58:19 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010.08.28 11:58:19 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010.08.28 11:58:19 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010.08.28 11:58:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\avc.sys
[2010.08.28 11:58:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010.08.28 11:58:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\61883.sys
[2010.08.28 11:58:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010.08.22 18:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Data aplikací\Movier
[2010.08.22 18:25:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Data aplikací\Conduit
[2010.08.22 18:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Data aplikací\Movier-media
[2010.08.22 18:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.08.22 18:25:57 | 000,000,000 | ---D | C] -- C:\Program Files\Movier-media
[2010.08.22 18:25:53 | 000,000,000 | ---D | C] -- C:\Program Files\Movier
[2006.08.17 12:32:46 | 000,060,928 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.15 07:54:03 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.09.15 07:53:50 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{53A57D5A-365C-4A80-A419-DC8885684B15}.job
[2010.09.15 07:37:37 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.09.15 07:37:06 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.15 07:36:30 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.15 07:36:29 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-1383384898-839522115-1004.job
[2010.09.15 07:36:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.15 07:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.14 23:03:18 | 017,534,976 | ---- | M] () -- C:\Documents and Settings\user\ntuser.dat
[2010.09.14 23:03:18 | 000,055,300 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000008-00001102-00000005-00311102}.rfx
[2010.09.14 23:03:18 | 000,055,300 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000008-00001102-00000005-00311102}.rfx
[2010.09.14 23:03:18 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000008-00001102-00000005-00311102}.rfx
[2010.09.14 19:51:14 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Microsoft Office Word 2003 (2).lnk
[2010.09.14 19:18:46 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.14 19:18:45 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.14 19:10:34 | 000,000,089 | ---- | M] () -- C:\WINDOWS\ULead32.ini
[2010.09.14 18:01:44 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2010.09.14 16:20:29 | 000,216,719 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\pinfect.zip
[2010.09.14 16:19:44 | 000,000,054 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.09.14 15:14:40 | 007,877,379 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2010.09.14 15:05:58 | 099,334,664 | ---- | M] () -- C:\Documents and Settings\user\Plocha\mwav.exe
[2010.09.13 20:07:34 | 000,008,728 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Reklama.odt
[2010.09.13 19:58:00 | 000,018,287 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Bath_concept.odt
[2010.09.13 19:38:09 | 000,509,422 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Bath.odp
[2010.09.13 15:59:40 | 000,000,145 | ---- | M] () -- C:\Documents and Settings\user\Plocha\CD.lnk
[2010.09.13 12:15:24 | 000,137,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.09.13 12:15:16 | 000,234,280 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.09.10 10:10:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.09.08 18:27:21 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.06 09:32:59 | 001,065,602 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.mp3
[2010.09.06 09:28:29 | 001,198,486 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\upload.wikimedia.org_11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.ogg_83034.avi
[2010.09.06 09:26:31 | 001,198,456 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.avi
[2010.09.06 09:21:52 | 002,544,381 | ---- | M] () -- C:\Documents and Settings\user\Plocha\11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.ogg
[2010.09.06 09:07:13 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\iTunes.lnk
[2010.09.05 14:13:50 | 000,001,384 | ---- | M] () -- C:\WINDOWS\VFO.INI
[2010.09.05 14:12:44 | 000,000,544 | ---- | M] () -- C:\WINDOWS\VFO.VST
[2010.09.04 19:14:52 | 000,000,051 | ---- | M] () -- C:\WINDOWS\System32\blue.SITENAME
[2010.09.04 19:02:10 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Liquid 6.lnk
[2010.09.04 18:25:19 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182516.reg
[2010.09.04 18:25:00 | 000,000,406 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182458.reg
[2010.09.04 18:24:44 | 000,000,488 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182440.reg
[2010.09.04 18:23:27 | 000,040,904 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182306.reg
[2010.09.04 00:29:21 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010.09.04 00:29:21 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010.09.03 19:26:31 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100903_192609.reg
[2010.09.03 18:48:16 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Mafia II - Public Demo.url
[2010.09.03 14:30:23 | 000,109,568 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Zřícenina kaple Povýšení svatého Kříže.doc
[2010.09.03 10:22:04 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2010.09.02 19:22:04 | 006,588,488 | ---- | M] (DExUS & Snipes ) -- C:\Documents and Settings\user\Plocha\install.exe
[2010.09.02 13:31:36 | 000,005,836 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_133044.reg
[2010.09.02 13:28:59 | 000,030,780 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_132805.reg
[2010.09.02 13:27:54 | 000,025,254 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_132649.reg
[2010.09.02 13:26:29 | 000,017,762 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_132411.reg
[2010.09.02 13:07:25 | 002,071,552 | ---- | M] () -- C:\Documents and Settings\user\Plocha\liq odin.doc
[2010.09.02 10:48:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-1383384898-839522115-1004.job
[2010.08.31 10:44:10 | 000,000,187 | ---- | M] () -- C:\Documents and Settings\user\Plocha\DVD.lnk
[2010.08.31 10:41:00 | 000,000,071 | ---- | M] () -- C:\Documents and Settings\user\default.pls
[2010.08.30 12:57:55 | 000,000,222 | ---- | M] () -- C:\WINDOWS\emsoft.ini
[2010.08.28 20:34:38 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Mafia 2.doc
[2010.08.22 18:53:56 | 000,521,946 | ---- | M] () -- C:\Documents and Settings\user\Plocha\GetSite.zip
[2010.08.22 18:38:19 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Movier.lnk
[2010.08.22 18:28:16 | 007,242,308 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Movier-Installer 1.exe
[2010.08.22 18:13:22 | 006,970,459 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Movier-Installer.exe
[2010.08.21 15:48:59 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.14 15:13:50 | 007,877,379 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2010.09.14 15:04:40 | 099,334,664 | ---- | C] () -- C:\Documents and Settings\user\Plocha\mwav.exe
[2010.09.13 20:07:34 | 000,008,728 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Reklama.odt
[2010.09.13 19:47:07 | 000,018,287 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Bath_concept.odt
[2010.09.11 20:04:10 | 000,509,422 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Bath.odp
[2010.09.06 09:32:52 | 001,065,602 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.mp3
[2010.09.06 09:28:22 | 001,198,486 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\upload.wikimedia.org_11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.ogg_83034.avi
[2010.09.06 09:26:24 | 001,198,456 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.avi
[2010.09.06 09:21:48 | 002,544,381 | ---- | C] () -- C:\Documents and Settings\user\Plocha\11_-_Vivaldi_Winter_mvt_2_Largo_-_John_Harrison_violin.ogg
[2010.09.04 19:14:52 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\blue.SITENAME
[2010.09.04 19:02:10 | 000,000,799 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Liquid 6.lnk
[2010.09.04 18:25:17 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182516.reg
[2010.09.04 18:24:59 | 000,000,406 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182458.reg
[2010.09.04 18:24:42 | 000,000,488 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182440.reg
[2010.09.04 18:23:24 | 000,040,904 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100904_182306.reg
[2010.09.03 19:26:11 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100903_192609.reg
[2010.09.03 18:48:16 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Mafia II - Public Demo.url
[2010.09.03 13:38:30 | 000,109,568 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Zřícenina kaple Povýšení svatého Kříže.doc
[2010.09.03 10:24:54 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\iTunes.lnk
[2010.09.03 10:22:04 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2010.09.02 13:30:45 | 000,005,836 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_133044.reg
[2010.09.02 13:28:07 | 000,030,780 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_132805.reg
[2010.09.02 13:26:53 | 000,025,254 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_132649.reg
[2010.09.02 13:24:33 | 000,017,762 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\cc_20100902_132411.reg
[2010.09.02 13:03:11 | 002,071,552 | ---- | C] () -- C:\Documents and Settings\user\Plocha\liq odin.doc
[2010.08.28 20:33:11 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Mafia 2.doc
[2010.08.22 18:53:56 | 000,521,946 | ---- | C] () -- C:\Documents and Settings\user\Plocha\GetSite.zip
[2010.08.22 18:38:19 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Movier.lnk
[2010.08.22 18:28:16 | 007,242,308 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Movier-Installer 1.exe
[2010.08.22 18:13:22 | 006,970,459 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Movier-Installer.exe
[2010.05.02 12:02:23 | 000,000,222 | ---- | C] () -- C:\WINDOWS\emsoft.ini
[2009.07.17 12:51:51 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2009.07.17 12:51:51 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2009.07.17 12:51:51 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2009.07.17 12:51:51 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2009.07.17 12:51:51 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2009.07.17 12:48:45 | 000,001,384 | ---- | C] () -- C:\WINDOWS\VFO.INI
[2009.07.17 12:48:07 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2009.06.21 11:37:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2009.06.13 09:23:57 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2009.06.13 09:23:55 | 000,000,048 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2009.06.04 01:37:08 | 000,021,093 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2009.06.04 01:37:06 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009.06.04 00:55:20 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\CtxfiRes.dll
[2009.06.04 00:55:20 | 000,002,560 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2009.01.17 15:14:31 | 000,122,951 | ---- | C] () -- C:\WINDOWS\System32\vfmpegu.dll
[2009.01.17 13:04:55 | 001,138,767 | ---- | C] () -- C:\WINDOWS\System32\dialogsu.dll
[2008.12.29 20:44:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\futilu.dll
[2008.12.23 14:36:14 | 002,638,788 | ---- | C] () -- C:\Documents and Settings\user\Data aplikací\install.txt
[2008.11.30 16:40:05 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.10.28 18:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.05.18 17:09:53 | 000,000,278 | ---- | C] () -- C:\WINDOWS\compedia.ini
[2008.05.18 15:39:23 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Constutn.ini
[2008.05.03 20:48:20 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008.04.08 09:14:09 | 000,000,029 | ---- | C] () -- C:\WINDOWS\sfbm.INI
[2008.03.23 23:19:27 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.02.01 21:47:58 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.02.01 21:05:51 | 000,000,089 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2008.02.01 19:47:09 | 000,003,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\port_nt.sys
[2007.12.24 15:48:18 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.11.26 15:54:01 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2007.11.26 15:54:01 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2007.11.17 20:00:42 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.11.17 14:26:24 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.11.17 14:15:45 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.17 10:36:58 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007.11.16 21:24:07 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\fusioncache.dat
[2007.11.16 13:50:38 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\user\Data aplikací\PnkBstrK.sys
[2007.11.16 13:50:38 | 000,137,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2006.11.07 00:55:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.11.07 00:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.09.27 17:47:40 | 000,000,285 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2006.08.17 12:33:54 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.06.07 22:10:50 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2004.03.18 09:44:29 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1997.03.13 01:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997.03.13 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2008.04.19 10:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Age of Empires 3
[2009.01.02 02:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2008.12.26 23:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2009.04.06 10:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.11.29 09:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[2009.07.17 12:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2009.10.30 22:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Razer
[2008.10.31 20:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.06.21 11:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2009.01.02 00:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.11.16 13:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.03.20 11:16:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010.07.07 21:39:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2010.04.09 10:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.09.11 10:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.04.10 10:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.07.28 10:30:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2009.02.14 00:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Canon
[2009.10.30 22:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
[2009.01.02 02:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\ESET
[2010.01.30 21:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\IcoFX
[2007.11.18 20:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\ICQ
[2008.03.06 10:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\ICQ Toolbar
[2008.12.24 21:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Leadertech
[2009.11.08 22:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\MMToolz
[2010.09.06 09:28:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Movier
[2010.09.13 22:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Mumble
[2007.11.26 13:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Opera
[2009.10.30 22:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Raptr
[2009.03.13 21:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Red Alert 3
[2010.02.02 12:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Registry Booster
[2008.12.23 12:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Spyware Terminator
[2009.06.21 11:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Teleca
[2010.02.02 11:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Uniblue
[2010.02.03 23:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\uTorrent
[2010.09.15 07:37:37 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010.09.14 18:01:44 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2010.09.15 07:53:50 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{53A57D5A-365C-4A80-A419-DC8885684B15}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:84098FD3
< End of report >

OTL Extras logfile created on: 15.9.2010 7:57:51 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\user\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 159,64 Gb Free Space | 53,56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 3,73 Gb Total Space | 3,64 Gb Free Space | 97,67% Space Free | Partition Type: FAT32

Computer Name: ALZA-574BF022DC
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1960408961-1383384898-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\GAMES\Battlefield 2\BF2.exe" = C:\GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- ()
"C:\Program Files\FlatOut2\FlatOut2.exe" = C:\Program Files\FlatOut2\FlatOut2.exe:*:Disabled:FlatOut2 -- File not found
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3 -- File not found
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe" = C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage -- (Empire Interactive Ltd.)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.10.game" = C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.10.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found
"C:\Program Files\Liquid.6\Program\RM.exe" = C:\Program Files\Liquid.6\Program\RM.exe:*:Enabled:Render Manager -- (Pinnacle Inc.)
"C:\Program Files\Liquid.6\Program\Studiou.mod" = C:\Program Files\Liquid.6\Program\Studiou.mod:*:Enabled:Liquid -- (Pinnacle Systems)
"C:\Program Files\Raptr\RaptrBT.exe" = C:\Program Files\Raptr\RaptrBT.exe:*:Enabled:RaptrBT -- ()
"C:\Program Files\Raptr\Raptr.exe" = C:\Program Files\Raptr\Raptr.exe:*:Enabled:Raptr Client -- ()
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe" = C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe" = C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe" = C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box -- (Electronic Arts)
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe" = C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) -- (Activision Blizzard, Inc.)
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe" = C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe" = C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Steam\SteamApps\common\mafia ii - public demo\launcher.exe" = C:\Program Files\Steam\SteamApps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2: Deluxe Edition
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0DF1CBFF-B9B4-434D-A4F6-6721F13E0863}" =
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1C00A3F1-6DA0-49F8-94E4-01AB6FC01029}" = Nero 7 Essentials
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{245A6028-8DAD-4960-8BEC-0D0D98337ECB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{3938850F-423F-4C13-AC64-655387539156}" = TitleDeko
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{4539945D-0706-4CDD-B555-9AA0E4332599}" =
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{519556CC-4382-4B35-80F5-DD8E9460EEAC}" = OpenOffice.org 2.3
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{75AE638F-750A-11DF-96D5-005056806466}" = Google Earth Plug-in
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9410CF72-35AA-4AAD-9ADA-38F44FA948F5}" = LANGMaster ŠKOLA hrou - řada S
"{98B624B3-BF0B-4B26-AD23-BB653958CC71}" =
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BA947D8F-07C1-4D96-89AF-B4203EEEAB53}" =
"{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}" = Tom Clancy's Splinter Cell Chaos Theory
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{C9618743-1A5C-461E-91C4-E013A3D70F3C}" = Adobe® Photoshop® Album Starter Edition 3.0.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer Copperhead
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3CA370F-0B4B-4239-BF5A-2CC751EB5D3C}" = Battlefield 2 Server
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FAA82903-078D-4335-9E69-213CC04059A3}_is1" = PRO100 Jasno ver 4.16
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"µTorrent CZ_is1" = µTorrent CZ 1.7.7 (build 8179)
"0D91165CEEB2095316E8A04A59CDF0AE4B957C61" = Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)
"1f500344b6310dc5e95edbafb4dc854e-691254322" = Hejbejte se kosti moje
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ask Toolbar_is1" = Ask Toolbar
"AudioCS" = Creative Audio Control Panel
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.1
"BSPlayer1" = BSPlayer
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"CSCLIB" = Canon Camera Support Core Library
"D44822B3621EFD220D3A7DDA72DE5A4B6476748F" = Windows Driver Package - Razer (HidUsb) HIDClass (05/10/2007 1.00)
"Driver Manager_is1" = Driver Manager v1.02
"EOS Utility" = Canon Utilities EOS Utility
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"Foxit PDF Creator" = Foxit PDF Creator
"Hamachi" = Hamachi 1.0.1.5
"HijackThis" = HijackThis 2.0.2
"Hollywood FX for Edition" = Pinnacle Hollywood FX for Edition
"IcoFX_is1" = IcoFX 1.6.4
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"KitchenDraw 5.0" = KitchenDraw 5.0
"Liveupdate4_is1" = Liveupdate4
"Mathica_is1" = Mathica
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Movier" = Movier 1.0.13
"Movier-media Toolbar" = Movier-media Toolbar
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"Mumble" = Mumble and Murmur
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PhotoStitch" = Canon Utilities PhotoStitch
"PilotDeinstKey" = Pilot Desktop
"Pinnacle Liquid" = Pinnacle Liquid
"PRO100_is1" = PRO100 Demo ver 4.41
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Room Arranger" = Room Arranger
"Ski 2003" = Ski 2003
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"Spyware Terminator_is1" = Spyware Terminator
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 50280" = Mafia II - Demo
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"The KMPlayer" = The KMPlayer (remove only)
"TS Český jazyk 4 (minimální instalace)" = TS Český jazyk 4 (minimální instalace)
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1960408961-1383384898-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 31.8.2010 6:38:58 | Computer Name = ALZA-574BF022DC | Source = Application Error | ID = 1000
Description = Chybující aplikace avsdvdplayer.exe, verze 2.1.4.204, chybující modul
, verze 0.0.0.0, adresa chyby 0x00000000.

Error - 1.9.2010 11:38:25 | Computer Name = ALZA-574BF022DC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SDFiles.exe, verze 1.6.1.7, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 2.9.2010 13:27:59 | Computer Name = ALZA-574BF022DC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.9.2010 13:39:28 | Computer Name = ALZA-574BF022DC | Source = Application Error | ID = 1000
Description = Chybující aplikace titledeko.exe, verze 2.1.0.5, chybující modul mfc42u.dll,
verze 6.2.8071.0, adresa chyby 0x0004d29d.

Error - 6.9.2010 14:52:47 | Computer Name = ALZA-574BF022DC | Source = Application Error | ID = 1000
Description = Chybující aplikace mafia2.exe, verze 1.0.0.1, chybující modul mafia2.exe,
verze 1.0.0.1, adresa chyby 0x0120f5be.

Error - 6.9.2010 15:30:07 | Computer Name = ALZA-574BF022DC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iw4mp.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 10.9.2010 11:04:41 | Computer Name = ALZA-574BF022DC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iw4mp.exe, verze 0.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.9.2010 6:20:27 | Computer Name = ALZA-574BF022DC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace KMPlayer.exe, verze 2.9.4.1437, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.9.2010 2:45:19 | Computer Name = ALZA-574BF022DC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avscan.exe, verze 10.0.3.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 14.9.2010 8:28:16 | Computer Name = ALZA-574BF022DC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace avcenter.exe, verze 10.0.12.28, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 14.9.2010 5:13:17 | Computer Name = ALZA-574BF022DC | Source = Vyměnitelné úložiště | ID = 262255
Description = Službě RSM se nepodařilo načíst médium v jednotce Jednotka 0 knihovny
Kingston DT 101 II USB Device.

Error - 14.9.2010 5:13:17 | Computer Name = ALZA-574BF022DC | Source = Vyměnitelné úložiště | ID = 262255
Description = Službě RSM se nepodařilo načíst médium v jednotce Jednotka 0 knihovny
Kingston DT 101 II USB Device.

Error - 14.9.2010 5:19:08 | Computer Name = ALZA-574BF022DC | Source = Vyměnitelné úložiště | ID = 262255
Description = Službě RSM se nepodařilo načíst médium v jednotce Jednotka 0 knihovny
Kingston DT 101 II USB Device.

Error - 14.9.2010 5:19:08 | Computer Name = ALZA-574BF022DC | Source = Vyměnitelné úložiště | ID = 262255
Description = Službě RSM se nepodařilo načíst médium v jednotce Jednotka 0 knihovny
Kingston DT 101 II USB Device.

Error - 14.9.2010 7:53:53 | Computer Name = ALZA-574BF022DC | Source = Vyměnitelné úložiště | ID = 262255
Description = Službě RSM se nepodařilo načíst médium v jednotce Jednotka 0 knihovny
Kingston DT 101 II USB Device.

Error - 14.9.2010 7:53:54 | Computer Name = ALZA-574BF022DC | Source = Vyměnitelné úložiště | ID = 262255
Description = Službě RSM se nepodařilo načíst médium v jednotce Jednotka 0 knihovny
Kingston DT 101 II USB Device.

Error - 14.9.2010 8:35:17 | Computer Name = ALZA-574BF022DC | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 14.9.2010 8:35:20 | Computer Name = ALZA-574BF022DC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: eusk2par sptd

Error - 15.9.2010 1:37:07 | Computer Name = ALZA-574BF022DC | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 15.9.2010 1:37:08 | Computer Name = ALZA-574BF022DC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: eusk2par sptd

< End of report >

VIRY.CZ

Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt

Re: Backdoor.Win32.Bifrose.cqqy Win32/Sality Packed.Vunt