VIRY.CZ

Ahoj tady je log z mého NTB díky za kontrolu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by bilek at 2010-12-30 23:34:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (14%) free of 47 GB
Total RAM: 2031 MB (51% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\bez.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-21 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-08 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21 70928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-08 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1040384]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143872]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2003-12-22 17920]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"LogitechCommunicationsManager"=C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]
"LVCOMSX"=C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe [2004-03-11 406016]
"StatusClient 2.6"=C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe [2005-04-08 151552]
"TomcatStartup 2.5"=C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-05-20 188416]
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe [2009-12-15 98304]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2003-12-05 49152]
"ES_AGENT2"=C:\WINDOWS\system32\E_SDA102.EXE [2002-02-02 122880]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Seagull Drivers"=ssdal_nc.exe startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"QuickTime Task"=C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe [2010-09-08 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-10-18 455968]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Namedate"=C:\Program Files\Nezmeskej\nezmeskej.exe [2009-07-21 924160]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Namedate]
C:\Program Files\Nezmeskej\nezmeskej.exe [2009-07-21 924160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\^VERZE.csv]
\VERZE.csv []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Documents and Settings\bilek\Start Menu\Programs\Startup
Automatické vypnutí počítače.lnk - C:\Program Files\Automatické vypnutí počítače\avp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-03-27 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [2007-03-14 74752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-08-11 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Disabled:AVG Control Center"
"C:\WINDOWS\system32\mstsc.exe"="C:\WINDOWS\system32\mstsc.exe:*:Enabled:Remote Desktop Connection"
"C:\Program Files\IDS\iGuard®\iGuardRemoteView.exe"="C:\Program Files\IDS\iGuard®\iGuardRemoteView.exe:*:Enabled:iGuard® RemoteView"
"C:\Program Files\ClientRs\ClientRS.exe"="C:\Program Files\ClientRs\ClientRS.exe:*:Enabled:ClientRS"
"C:\Program Files\Avid\Avid Liquid 7\Program\RM.exe"="C:\Program Files\Avid\Avid Liquid 7\Program\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Avid\Avid Liquid 7\Program\StudioU.mod"="C:\Program Files\Avid\Avid Liquid 7\Program\StudioU.mod:*:Enabled:Liquid"
"C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Disabled:javaw"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\SolarWinds\2002 Standard Edition\TFTP-Server.exe"="C:\Program Files\SolarWinds\2002 Standard Edition\TFTP-Server.exe:*:Enabled:SolarWinds.Net TFTP Server"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"D:\Miranda IM prazdna\miranda32.exe"="D:\Miranda IM prazdna\miranda32.exe:*:Enabled:Miranda IM"
"D:\Install\Miranda IM\miranda32.exe"="D:\Install\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio program file"
"C:\Program Files\Opera 10 Beta\opera.exe"="C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Install\Opera\opera1010usb\OperaUSB.exe"="D:\Install\Opera\opera1010usb\OperaUSB.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\rserver30\rserver3.exe"="C:\WINDOWS\system32\rserver30\rserver3.exe:*:Enabled:Radmin Server 3"
"C:\WINDOWS\avgagent.exe"="C:\WINDOWS\avgagent.exe:*:Enabled:avgagent.exe"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ClientRs\ClientRS.exe"="C:\Program Files\ClientRs\ClientRS.exe:*:Enabled:ClientRS"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\totalcmd\Totalcmd_.exe"="C:\Program Files\totalcmd\Totalcmd_.exe:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\WINDOWS\system32\mstsc.exe"="C:\WINDOWS\system32\mstsc.exe:*:Enabled:Remote Desktop Connection"
"C:\WinBase\wb602.exe"="C:\WinBase\wb602.exe:*:Enabled:WinBase602 Development Environment"
"C:\Program Files\Opera 10 Beta\opera.exe"="C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\SUPDSvc.exe"="C:\WINDOWS\system32\SUPDSvc.exe:*:Enabled:Samsung UPD Service"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"

======List of files/folders created in the last 1 months======

2010-12-30 23:28:35 ----D---- C:\Program Files\trend micro
2010-12-30 23:28:34 ----D---- C:\rsit
2010-12-30 21:38:26 ----A---- C:\WINDOWS\ntbtlog.txt
2010-12-30 14:12:06 ----D---- C:\Program Files\Elaborate Bytes
2010-12-17 17:07:21 ----D---- C:\WINDOWS\system32\FxsTmp
2010-12-17 17:07:10 ----A---- C:\WINDOWS\ModemLog_Nokia E71 Bluetooth Modem.txt
2010-12-17 17:07:02 ----A---- C:\WINDOWS\system32\fxssend.exe
2010-12-17 17:07:02 ----A---- C:\WINDOWS\system32\fxsroute.dll
2010-12-17 17:07:02 ----A---- C:\WINDOWS\system32\fxsperf.ini
2010-12-17 17:07:02 ----A---- C:\WINDOWS\system32\fxsclntR.dll
2010-12-17 17:07:00 ----A---- C:\WINDOWS\system32\fxscfgwz.dll
2010-12-16 14:02:59 ----A---- C:\WINDOWS\imsins.BAK
2010-12-15 15:00:30 ----D---- C:\Program Files\Total Uninstall 5
2010-12-15 15:00:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Martau
2010-12-15 08:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-15 08:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-15 08:49:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-15 08:48:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-15 08:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-15 08:47:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$

======List of files/folders modified in the last 1 months======

2010-12-30 23:30:20 ----D---- C:\Program Files\ClientRs
2010-12-30 23:28:40 ----D---- C:\WINDOWS\Prefetch
2010-12-30 23:28:35 ----RD---- C:\Program Files
2010-12-30 22:53:38 ----D---- C:\WINDOWS\Temp
2010-12-30 21:48:30 ----A---- C:\WINDOWS\avp.ini
2010-12-30 21:47:35 ----A---- C:\WINDOWS\ModemLog_PC Connectivity Bluetooth Modem.txt
2010-12-30 21:47:29 ----A---- C:\WINDOWS\ModemLog_Soft Data Fax Modem with SmartCP.txt
2010-12-30 21:47:24 ----A---- C:\WINDOWS\system32\log.txt
2010-12-30 21:39:36 ----D---- C:\Documents and Settings
2010-12-30 21:38:26 ----D---- C:\WINDOWS
2010-12-30 20:59:31 ----A---- C:\WINDOWS\wincmd.ini
2010-12-30 18:47:11 ----D---- C:\Documents and Settings\bilek\Data aplikací\vlc
2010-12-30 18:47:07 ----D---- C:\Documents and Settings\bilek\Data aplikací\dvdcss
2010-12-30 17:46:59 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-12-30 15:54:47 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt
2010-12-30 15:53:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-30 15:49:57 ----D---- C:\WINDOWS\system32\drivers
2010-12-30 15:49:57 ----D---- C:\WINDOWS\system32
2010-12-30 14:51:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vema
2010-12-30 14:13:06 ----HD---- C:\WINDOWS\inf
2010-12-30 14:12:10 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-25 00:41:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-12-24 22:51:21 ----D---- C:\Documents and Settings\bilek\Data aplikací\Adobe
2010-12-20 13:41:38 ----A---- C:\WINDOWS\TextSpy.ini
2010-12-20 11:20:49 ----D---- C:\Program Files\Vema
2010-12-20 11:16:33 ----SHD---- C:\WINDOWS\Installer
2010-12-20 11:16:33 ----HD---- C:\Config.Msi
2010-12-20 10:52:17 ----D---- C:\temp
2010-12-20 09:15:55 ----D---- C:\Program Files\Opera
2010-12-17 17:13:21 ----D---- C:\WINDOWS\security
2010-12-17 17:07:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-17 17:07:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-17 17:07:02 ----D---- C:\WINDOWS\addins
2010-12-16 14:03:23 ----D---- C:\WINDOWS\system32\cs-cz
2010-12-16 14:03:23 ----D---- C:\Program Files\Internet Explorer
2010-12-16 14:02:54 ----D---- C:\Program Files\Outlook Express
2010-12-16 14:02:03 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-15 22:19:52 ----D---- C:\WINDOWS\Minidump
2010-12-15 20:21:10 ----D---- C:\WINDOWS\Debug
2010-12-15 20:12:24 ----D---- C:\Program Files\CCleaner
2010-12-15 19:42:44 ----D---- C:\WINDOWS\system32\config
2010-12-15 19:42:06 ----D---- C:\WINDOWS\system32\wbem
2010-12-15 19:42:03 ----D---- C:\WINDOWS\Registration
2010-12-15 19:39:31 ----D---- C:\WINDOWS\system32\Restore
2010-12-15 08:49:59 ----HD---- C:\WINDOWS\$hf_mig$
2010-12-15 08:47:59 ----D---- C:\WINDOWS\ie7updates
2010-12-09 15:49:37 ----D---- C:\Program Files\Micos

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2006-10-17 17920]
R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2004-03-02 5504]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2004-03-02 125184]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 raddrvv3;raddrvv3; \??\C:\WINDOWS\system32\rserver30\raddrvv3.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PCLEPCI;PCLEPCI; C:\WINDOWS\system32\drivers\PCLEPCI.sys [2001-08-07 14133]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 VirtualFD;VirtualFD; \??\C:\Documents and Settings\bilek\Plocha\vyrtuální disteka\vfd.sys []
R3 Accelerometer;Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2006-10-17 22016]
R3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2005-11-30 29440]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-02-05 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2005-01-10 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-03-28 2847744]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-11-14 84992]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-12-10 539512]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-12-10 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-12-10 879624]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-12-10 156392]
R3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-12-10 37280]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-12-10 74688]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-12 250776]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-07-12 45056]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-10-16 989312]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-10-16 211200]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-07-24 41216]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\drivers\LVPr2Mon.sys [2006-06-26 23472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-03-13 2530176]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 rismc32;RICOH Smart Card Reader; C:\WINDOWS\system32\DRIVERS\rismc32.sys [2006-12-20 47616]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2005-11-30 15264]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-10-16 731136]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 a016bus;Sony Ericsson Device A016 driver (WDM); C:\WINDOWS\system32\DRIVERS\a016bus.sys [2008-01-18 83880]
S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter; C:\WINDOWS\system32\DRIVERS\a016mdfl.sys [2008-01-18 15016]
S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\a016mdm.sys [2008-01-18 110504]
S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\a016mgmt.sys [2008-01-18 104488]
S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\a016obex.sys [2008-01-18 100648]
S3 ASFWHide;ASFWHide; \??\C:\Documents and Settings\simeceke.DOMCB01\Local Settings\TEMP\ASFWHide []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 DrvFltIp;DrvFltIp; \??\C:\Documents and Settings\simeceke.DOMCB01\Local Settings\TEMP\DrvFltIp []
S3 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2006-06-22 20272]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-03-08 88960]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2006-06-22 1413424]
S3 lvselsus;Logitech Selective Suspend Filter; C:\WINDOWS\system32\DRIVERS\lvselsus.sys [2006-06-22 55984]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-06-22 38960]
S3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2006-06-22 961072]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2006-06-22 12080]
S3 PID_08A0;Logitech QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2006-06-22 720176]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2002-04-09 39552]
S3 siusbmod;siusbmod; C:\WINDOWS\system32\DRIVERS\siusbmod.sys [2005-11-30 27008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2005-11-30 47744]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys [2005-06-13 60768]
S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys [2005-06-13 9264]
S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys [2005-06-13 96224]
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys [2005-06-13 87792]
S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w800obex.sys [2005-06-13 85664]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 atchksrv;Intel(R) Active Management Technology System Status Service; C:\Program Files\Intel\AMT\atchksrv.exe [2007-11-09 182808]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-03-27 512000]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-12-06 264800]
R2 ClientRS;ClientRS; C:\Program Files\ClientRs\ClientRS [2010-12-30 18]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 EpsonBidirectionalAgent;EpsonBidirectionalAgent; C:\Program Files\Common Files\EPSON\EBAPI\eEBAgent.exe [2003-12-05 172032]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2003-12-05 73728]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-08 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-10-18 79136]
R2 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2007-11-09 121368]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\Oracle\product\10.1.0\Client_1\bin\omtsreco.exe [2004-03-01 93711]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 RServer3;Radmin Server V3; C:\WINDOWS\system32\rserver30\RServer3.exe [2007-10-31 1246536]
R2 SluzbaUdrzba;Údržba aplikací PCHELP; C:\Program Files\PCHELP\PozarniPrevence\Sluzba\SluzbaUdrzba.exe [2005-02-09 57344]
R2 UNS;Intel(R) Active Management Technology User Notification Service; C:\Program Files\Intel\AMT\UNS.exe [2007-11-09 1464856]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2004-06-15 380928]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 ASBroker;Logon Session Broker; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 hzvkluuw;Config Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [2006-06-26 91696]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 avgagent;AVG7 Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-08 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Samsung UPD Service;Samsung UPD Service; C:\WINDOWS\system32\SUPDSvc.exe [2009-03-24 127656]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Přeju parádní oslavu silvestra :guitar:

, hodně štěstí a zdraví v novém roce 2011.

Hezké silvestrovské dopoledne

Vidím tam nějaké zbytky po AVG, to bych domazala

. Jinak počítač zlobí?

Tuhle plánovanou ulohu znáte?
C:\WINDOWS\tasks\bez.job

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5426

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

31.12.2010 14:55:05
mbam-log-2010-12-31 (14-54-03).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 346059
Uplynulý čas: 1 hodin, 41 minut, 33 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 2
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_DRVFLTIP (Rogue.UnVirex) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DrvFltIp (Rogue.UnVirex) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
d:\Install\Script\start.exe (Trojan.Agent) -> No action taken.
d:\temp\photoshop\adobe.photoshop.cs4.extended.v11.0.incl.keymaker-core\keygen.exe (Hacktool.Keygen) -> No action taken.
d:\zaloha\flashka\eset_32-64czfullxpvista\nodeset login viewer v1.3.exe (Trojan.Agent.CK) -> No action taken.

Ano ta úloha je na běžnou zálohu disku c:. Jak vlastně poznáte jaký nástroj nasadit? Včera jsme spolu vyčistili sestřenky PC pomocí Combofixu a dnes používám pro mě zase úlpnou novinku OTL.

Navíc ty CFScripty kde berete jistotu, že je to ten správný?

Máte mou poklonu.

Jak jste se k tomu dostala?

V mbamu vše smažte

Tak u Rsitu se nestahla první část rsitu, HJT, tudíž nevidím běžící procesy.Bud Vám řeknu, at stahnete HJT zvlášt, nebo můžu použít OTL, který je podobný jako rsit. Ale navíc se v něm dá i mazat, a já chtěla u Vás smazat zbytky po AVG.
OTL také částečně supluje combofix, sice nemaže, ale zobrazí toho podobné věci jako combofix, co rsit neumí. Combofix je docela velký zásah do systému, takže pokud není potřeba, hned ho nenasazujeme.

Vaše sestřenka měla tak zavirovaný pc, že combofix byl nutností, stejně jako další skenery, vzhledem k těm šmejdům, co tam měla. Ale já jsem někdy možná zbytečně moc důkladná, až paranoidní

.

Skripty na combofix si píši sama podle logu z combofixu. Příkazy jsou na combofix dané, zbytek si dopíšu

. Musím identifikovat šmejdy, případně vědět, co v registrech opravit

.
Dostala

jsem se k tomu asi jak většina tady...vir v pc

. Pak zvědavost co ty potvůrky umí, jak to Ti rádci dělají, že ví co mazat

Zdravím díky za vaše odpovědi.
Přikládám soubor s logem z OTL.
Mohl bych vás ještě požádat o popsání logu ze sestřenky PC, tam by se dalo dost pochopit. Mě by zajímalo jak z těch řádek vyčtete, že se jedná o virus nebo nějaký šmejd. Také se dost často ve svém oboru setkávám se zavirovanými PC a není na škodu se něčemu přiučit

Předem díky za ochotu.

Napíši Vám sz.
Nevidím ten log

OTL Extras logfile created on: 4.1.2011 9:46:27 - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\bilek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,79 Gb Total Space | 5,90 Gb Free Space | 12,88% Space Free | Partition Type: NTFS
Drive D: | 103,25 Gb Total Space | 15,86 Gb Free Space | 15,36% Space Free | Partition Type: NTFS
Drive G: | 203,96 Gb Total Space | 108,67 Gb Free Space | 53,28% Space Free | Partition Type: NTFS
Drive H: | 7,01 Gb Total Space | 5,54 Gb Free Space | 78,97% Space Free | Partition Type: NTFS
Drive I: | 203,96 Gb Total Space | 108,67 Gb Free Space | 53,28% Space Free | Partition Type: NTFS
Drive J: | 14,80 Gb Total Space | 7,96 Gb Free Space | 53,81% Space Free | Partition Type: FAT32
Drive M: | 203,96 Gb Total Space | 108,67 Gb Free Space | 53,28% Space Free | Partition Type: NTFS
Drive O: | 6512,61 Gb Total Space | 2740,23 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
Drive P: | 7,01 Gb Total Space | 5,54 Gb Free Space | 78,97% Space Free | Partition Type: NTFS
Drive S: | 40,78 Gb Total Space | 0,44 Gb Free Space | 1,07% Space Free | Partition Type: NTFS
Drive V: | 6512,61 Gb Total Space | 2740,23 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
Drive X: | 120,00 Gb Total Space | 20,95 Gb Free Space | 17,46% Space Free | Partition Type: NTFS
Drive Y: | 60,93 Gb Total Space | 7,97 Gb Free Space | 13,08% Space Free | Partition Type: NTFS

Computer Name: DDHM6724 | User Name: bilek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"6150:TCP" = 6150:TCP:*:Enabled:avgagent.exe
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"8886:TCP" = 8886:TCP:*:Enabled:ClientRS_8886_TCP
"8886:UDP" = 8886:UDP:*:Enabled:ClientRS_8886_UDP
"8887:TCP" = 8887:TCP:*:Enabled:ClientRS_8887_TCP
"8887:UDP" = 8887:UDP:*:Enabled:ClientRS_8887_UDP
"8888:TCP" = 8888:TCP:*:Enabled:ClientRS_8888_TCP
"8888:UDP" = 8888:UDP:*:Enabled:ClientRS_8888_UDP
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"13955:TCP" = 13955:TCP:*:Enabled:BitComet 13955 TCP
"13955:UDP" = 13955:UDP:*:Enabled:BitComet 13955 UDP
"4798:TCP" = 4798:TCP:*:Enabled:blrkksx
"6160:TCP" = 6160:TCP:*:Enabled:Seagull Driver Networking
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"8886:TCP" = 8886:TCP:*:Enabled:ClientRS_8886_TCP
"8887:TCP" = 8887:TCP:*:Enabled:ClientRS_8887_TCP
"8888:TCP" = 8888:TCP:*:Enabled:ClientRS_8888_TCP
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"4798:TCP" = 4798:TCP:*:Disabled:blrkksx
"27260:TCP" = 27260:TCP:*:Enabled:BitComet 27260 TCP
"27260:UDP" = 27260:UDP:*:Enabled:BitComet 27260 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\rserver30\rserver3.exe" = C:\WINDOWS\system32\rserver30\rserver3.exe:*:Enabled:Radmin Server 3 -- (Famatech International Corp.)
"C:\WINDOWS\avgagent.exe" = C:\WINDOWS\avgagent.exe:*:Enabled:avgagent.exe -- (GRISOFT, s.r.o.)
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe -- (GRISOFT, s.r.o.)
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Program Files\ClientRs\ClientRS.exe" = C:\Program Files\ClientRs\ClientRS.exe:*:Enabled:ClientRS -- (Micos s.r.o.)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- File not found
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe" = C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe" = C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( )
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe" = C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe" = C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Enabled:javaw -- ()
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- File not found
"C:\Program Files\totalcmd\Totalcmd_.exe" = C:\Program Files\totalcmd\Totalcmd_.exe:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\WinBase\wb602.exe" = C:\WinBase\wb602.exe:*:Enabled:WinBase602 Development Environment -- (Software602 a.s.)
"C:\Program Files\Opera 10 Beta\opera.exe" = C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser -- File not found
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\WINDOWS\system32\SUPDSvc.exe" = C:\WINDOWS\system32\SUPDSvc.exe:*:Enabled:Samsung UPD Service -- (Samsung Electronics CO., LTD.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Disabled:AVG Control Center -- File not found
"C:\Program Files\IDS\iGuard®\iGuardRemoteView.exe" = C:\Program Files\IDS\iGuard®\iGuardRemoteView.exe:*:Enabled:iGuard® RemoteView -- (IDS Imaging Development Systems GmbH)
"C:\Program Files\ClientRs\ClientRS.exe" = C:\Program Files\ClientRs\ClientRS.exe:*:Enabled:ClientRS -- (Micos s.r.o.)
"C:\Program Files\Avid\Avid Liquid 7\Program\RM.exe" = C:\Program Files\Avid\Avid Liquid 7\Program\RM.exe:*:Enabled:Render Manager -- File not found
"C:\Program Files\Avid\Avid Liquid 7\Program\StudioU.mod" = C:\Program Files\Avid\Avid Liquid 7\Program\StudioU.mod:*:Enabled:Liquid -- File not found
"C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe" = C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Disabled:javaw -- ()
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- File not found
"C:\Program Files\SolarWinds\2002 Standard Edition\TFTP-Server.exe" = C:\Program Files\SolarWinds\2002 Standard Edition\TFTP-Server.exe:*:Enabled:SolarWinds.Net TFTP Server -- (SolarWinds.Net)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- File not found
"D:\Miranda IM prazdna\miranda32.exe" = D:\Miranda IM prazdna\miranda32.exe:*:Enabled:Miranda IM -- ( )
"D:\Install\Miranda IM\miranda32.exe" = D:\Install\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio program file -- (Pinnacle Systems)
"C:\Program Files\Opera 10 Beta\opera.exe" = C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser -- File not found
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\Install\Opera\opera1010usb\OperaUSB.exe" = D:\Install\Opera\opera1010usb\OperaUSB.exe:*:Enabled:Opera Internet Browser -- (Opera Software)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{016CF441-8F40-469E-923B-35E2F9363E54}" = Radmin Viewer 3.1
"{03756E6D-D8DC-4BD5-AC4F-8DF2F3F23CC8}" = Studio 11
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}" = Studio 11
"{15062547-4192-4583-B95C-4812ACA67C63}" = Vema Centr - Centrum verze 2.01.03
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{2627CAC8-80A5-47CA-8E39-B28DAED67B87}" = PTComm Manager
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{29614C01-46AF-4FCE-BEF1-0FE723A864D5}" = OnlineCommManager
"{2BFCBAD0-5D5A-48AC-BCD5-9C6BC2ED9E64}" = Vema start - Start verze 3.00.03
"{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A1BF92-700A-4408-B95E-79F462E3D67D}" = Studio 11 Bonus DVD
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AF8A676-7D24-431E-9B90-BCA8C5C7F1B4}" = VideoCam Suite
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5717CAF6-41A2-4EC8-B44E-CB22CE61BEA6}" = RCS_Downloader
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{59046D29-2E6B-4224-BF0D-64F3E7A93F7B}" = LightScribe System Software 1.10.19.1
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C853 Driver WXP Ver.1.01.05
"{621EB5F7-B871-47C0-AB53-E1376E71D858}" = ESET NOD32 Antivirus
"{690D1794-6D7C-4A55-8371-17BAC69C66CE}" = DiscAPI (Liquid)
"{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}" = Oracle Data Provider for .NET Help
"{6BF1780B-36EA-432B-9451-DD84FF5C9D52}" = Radmin Server 3.1
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7BCD1A42-77A6-434D-92C2-3CF44688B663}" = SSU modul pro vyhodnocení událostí
"{7C4BA38D-9CA7-432D-996D-2C0623CD49A4}" = Vema PAM - Mzdy verze 25.04.00
"{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}" = UMVPLStandalone
"{8F9E733A-912C-49C2-B3ED-06295A298FBB}" = Evidence SQL
"{90120000-0020-0405-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{938D9C57-3CF0-4DA8-B04E-EF99501859B5}" = Mobile Phone Manager
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2A0D7E5-BBD0-4948-B452-63A91354C12C}" = Nokia Software Updater
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AB2BEBF3-5EA2-4FD5-BC1F-1A72CC69EFDD}" = Microsoft Oracle .NET Data Provider
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2006AF7-9936-4FFA-918A-456AD8BC3658}" = Požární prevence Serverová část
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BA8E7A9C-D59F-45CE-B495-6DC5237112BF}" = ISVAdmin
"{BDDCC0C6-A9DD-418E-BC4E-73A57AD1105C}" = Vema Klient - Klient verze 10.06.02
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C15F7F16-941E-414B-A676-40190CD621D5}" = Credential Manager for HP ProtectTools
"{C3440048-5A97-4D76-971A-CD7F660E68C7}" = Vema Admin - Správce verze 3.08.08
"{CA3553E0-191B-4E2F-AD3C-82E33CB9D4E4}" = Microsoft Group Policy Management Console with SP1
"{CB082955-8D37-46BB-BD1A-667A22311435}" = AktualizaceRES
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEF37035-C1BB-4174-8175-1E878435F61A}" = RAPID (Liquid)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6C0033E-2F26-40CF-98DE-E98E66A095B7}" = Požární prevence - lokální část
"{DBC209E0-67AF-11D4-90D3-0050DA2062C8}" = iGuard®
"{DD23CAA4-8872-4B95-B263-EA46FD82CF19}" = LaserAIO
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}" = HP Software Update
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E71988C5-D36B-47A7-BE3E-D9C141EE12BF}" = ISV_CFG
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}" = Logitech QuickCam
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}" = Yahoo! Desktop Login
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Balíček ovladače systému Windows - Nokia Modem (10/27/2008 7.01.0.1)
"6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Balíček ovladače systému Windows - Nokia Modem (10/27/2008 3.9)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0 CE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.5 (Unicode)
"Automatické vypnutí počítače (AVP)_is1" = Automatické vypnutí počítače 1.0
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Broadcom 802.11b Network Adapter" = Bezdrátový adaptér Broadcom 802.11 LAN
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8)
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06_hpqZ3795" = Soft Data Fax Modem with SmartCP
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Core FTP LE 2.0" = Core FTP LE 2.0
"Corel Uninstaller" = Corel Uninstaller
"Dell_HostCD" = Dell Printer Software Uninstall
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Wireless Net" = Easy Wireless Net V1.18.08
"EPSON Printer and Utilities" = EPSON Printer Software
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.5
"HECI" = Intel(R) Management Engine Interface
"HP LaserJet P3005" = HP LaserJet P3005
"hp LaserJet-all-in-one" = hp LaserJet-all-in-one
"HP-LaserJet 1018" = LaserJet 1018
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IKIS II." = IKIS II.
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{938D9C57-3CF0-4DA8-B04E-EF99501859B5}" = Mobile Phone Manager
"IP-Tools" = IP-Tools
"IrfanView" = IrfanView (remove only)
"JobGen Plus" = JobGen Plus
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.5.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MESOL" = Intel(R) Active Management Technology Device Software
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MpcStar" = MpcStar 2.2
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"Net Profiles" = Net Profiles
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"OrderReminder hp LaserJet 3015/3020/3030/3380" = OrderReminder hp LaserJet 3015/3020/3030/3380
"Picasa 3" = Picasa 3
"Print Envelope_is1" = Print Envelope 3.0.0.1
"PROSet" = Intel(R) PRO Network Connections Drivers
"QcDrv" = Logitech® Camera Driver
"RealVNC_is1" = VNC 4.0
"Repair Tool for Outlook Express_is1" = Repair Tool for Outlook Express v.1.7.0
"SolarWinds TFTP Server" = SolarWinds TFTP Server
"SprávceIT_is1" = SprávceIT
"SSU - ZOZ" = SSU - ZOZ
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TextMaker Viewer" = TextMaker Viewer
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinBase602 7.0" = WinBase602 7.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.1.9
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio11_CZ_is1" = Zoner Photo Studio 11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2323065506-973834867-3129596536-1110\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DAL Scanner" = DAL Scanner
"Nezmeškej" = Nezmeškej
"Šifrovací utilita pro přípravu dat pro odeslání do CSÚIS" = Šifrovací utilita pro přípravu dat pro odeslání do CSÚIS

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3.1.2011 21:43:32 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Došlo
k neočekávané chybě sítě. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 3.1.2011 23:01:57 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Došlo
k neočekávané chybě sítě. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 3.1.2011 23:25:05 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Došlo
k neočekávané chybě sítě. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 4.1.2011 0:54:30 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Došlo
k neočekávané chybě sítě. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 4.1.2011 1:06:38 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Došlo
k neočekávané chybě sítě. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 4.1.2011 2:37:06 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Došlo
k neočekávané chybě sítě. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 4.1.2011 2:48:12 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Došlo
k neočekávané chybě sítě. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 4.1.2011 3:36:50 | Computer Name = DDHM6724 | Source = Userenv | ID = 1053
Description = Systém Windows nemůže určit jméno uživatele nebo název počítače. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 4.1.2011 3:37:06 | Computer Name = DDHM6724 | Source = Userenv | ID = 1054
Description = Systém Windows nemůže získat název řadiče domény vaší sítě. (Zadaná
doména neexistuje nebo není k dispozici. ). Zpracovávání zásad skupin bylo zastaveno.

Error - 4.1.2011 3:37:07 | Computer Name = DDHM6724 | Source = AutoEnrollment | ID = 15
Description = Automatickému zápisu certifikátu pro Local System se nezdařilo kontaktovat
adresář Active Directory(0x8007054b). Zadaná doména neexistuje nebo není k dispozici.

Zápis nebude proveden.

[ Credential Manager Events ]
Error - 4.9.2010 15:17:45 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 4.9.2010 15:17:59 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 15.9.2010 1:53:49 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 13.10.2010 8:29:21 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 7.11.2010 10:31:31 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 1.12.2010 11:10:33 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 9.12.2010 13:49:31 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 15.12.2010 4:18:36 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 28.12.2010 18:51:13 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 2.1.2011 16:38:54 | Computer Name = DDHM6724 | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: bilek@DOMCB01 Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

[ System Events ]
Error - 2.1.2011 18:00:31 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby ClientRS, ale tato akce selhala kvůli následující chybě:
%%1056

Error - 2.1.2011 18:04:56 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7031
Description = Služba ClientRS byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 2.1.2011 18:05:56 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby ClientRS, ale tato akce selhala kvůli následující chybě:
%%1056

Error - 2.1.2011 18:06:49 | Computer Name = DDHM6724 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 59 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 2.1.2011 18:10:22 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7031
Description = Služba ClientRS byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 2.1.2011 18:11:22 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby ClientRS, ale tato akce selhala kvůli následující chybě:
%%1056

Error - 2.1.2011 18:15:47 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7031
Description = Služba ClientRS byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 2.1.2011 18:16:47 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby ClientRS, ale tato akce selhala kvůli následující chybě:
%%1056

Error - 3.1.2011 1:49:37 | Computer Name = DDHM6724 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 3.1.2011 1:50:14 | Computer Name = DDHM6724 | Source = Service Control Manager | ID = 7031
Description = Služba ClientRS byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

< End of report >

Ještě jeden log z OTl by nebyl?

Přikládám soubor s logem

OTL logfile created on: 4.1.2011 9:46:27 - Run 1
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\bilek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,79 Gb Total Space | 5,90 Gb Free Space | 12,88% Space Free | Partition Type: NTFS
Drive D: | 103,25 Gb Total Space | 15,86 Gb Free Space | 15,36% Space Free | Partition Type: NTFS
Drive G: | 203,96 Gb Total Space | 108,67 Gb Free Space | 53,28% Space Free | Partition Type: NTFS
Drive H: | 7,01 Gb Total Space | 5,54 Gb Free Space | 78,97% Space Free | Partition Type: NTFS
Drive I: | 203,96 Gb Total Space | 108,67 Gb Free Space | 53,28% Space Free | Partition Type: NTFS
Drive J: | 14,80 Gb Total Space | 7,96 Gb Free Space | 53,81% Space Free | Partition Type: FAT32
Drive M: | 203,96 Gb Total Space | 108,67 Gb Free Space | 53,28% Space Free | Partition Type: NTFS
Drive O: | 6512,61 Gb Total Space | 2740,23 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
Drive P: | 7,01 Gb Total Space | 5,54 Gb Free Space | 78,97% Space Free | Partition Type: NTFS
Drive S: | 40,78 Gb Total Space | 0,44 Gb Free Space | 1,07% Space Free | Partition Type: NTFS
Drive V: | 6512,61 Gb Total Space | 2740,23 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
Drive X: | 120,00 Gb Total Space | 20,95 Gb Free Space | 17,46% Space Free | Partition Type: NTFS
Drive Y: | 60,93 Gb Total Space | 7,97 Gb Free Space | 13,08% Space Free | Partition Type: NTFS

Computer Name: DDHM6724 | User Name: bilek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.12.31 13:05:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bilek\Plocha\OTL.exe
PRC - [2010.12.15 16:55:46 | 000,944,496 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.07.20 10:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.07.07 06:55:10 | 003,687,736 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\Totalcmd.exe
PRC - [2010.06.22 13:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.01.08 09:03:00 | 000,719,000 | ---- | M] (Micos s.r.o.) -- C:\Program Files\ClientRs\ClientRS.exe
PRC - [2009.12.15 12:53:23 | 000,098,304 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
PRC - [2009.12.15 12:52:27 | 000,020,572 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
PRC - [2009.11.16 08:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.11.16 08:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.11.13 10:29:42 | 009,117,504 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2009.11.13 10:29:40 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2009.11.13 10:28:04 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009.10.29 13:03:34 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
PRC - [2009.10.27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.06.16 07:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009.04.30 10:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008.12.03 12:47:34 | 001,205,760 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.06 12:39:12 | 001,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007.11.09 15:18:50 | 001,464,856 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\UNS.exe
PRC - [2007.11.09 15:18:48 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\atchksrv.exe
PRC - [2007.11.09 15:18:44 | 000,121,368 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\AMT\LMS.exe
PRC - [2007.10.31 14:21:06 | 001,246,536 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\rserver3.exe
PRC - [2007.10.31 14:20:52 | 000,099,720 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\FamItrfc.Exe
PRC - [2007.04.03 15:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007.03.07 05:19:00 | 000,066,048 | R--- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2007.01.09 14:52:32 | 000,145,184 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2006.06.26 10:34:58 | 000,166,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\QuickCam10\COCIManager.exe
PRC - [2006.06.26 10:34:40 | 000,614,960 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
PRC - [2006.06.26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006.06.26 10:33:32 | 000,243,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
PRC - [2006.06.26 09:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2005.04.08 10:18:38 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
PRC - [2005.02.09 14:53:26 | 000,057,344 | R--- | M] (PC HELP, a. s.) -- C:\Program Files\PCHELP\PozarniPrevence\Sluzba\SluzbaUdrzba.exe
PRC - [2004.12.28 18:40:36 | 000,443,392 | ---- | M] (Martin Pospíšil) -- C:\Program Files\Automatické vypnutí počítače\avp.exe
PRC - [2004.06.15 13:29:42 | 000,380,928 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2004.03.01 05:59:52 | 000,093,711 | ---- | M] (Oracle Corporation) -- C:\Oracle\product\10.1.0\Client_1\BIN\omtsreco.exe
PRC - [2003.12.05 16:24:52 | 000,172,032 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBAgent.exe
PRC - [2003.12.05 16:21:48 | 000,073,728 | ---- | M] () -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2003.12.05 15:41:44 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2002.02.02 17:01:00 | 000,122,880 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\E_SDA102.EXE
PRC - [2001.10.11 19:35:02 | 000,082,026 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe

========== Modules (SafeList) ==========

MOD - [2010.12.31 13:05:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bilek\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.02.26 03:49:00 | 000,070,144 | R--- | M] (Bioscrypt Inc.) -- C:\WINDOWS\system32\APSHook.dll
MOD - [2006.06.26 10:33:42 | 000,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\dnibuj.dll -- (hzvkluuw)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.07.08 12:43:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010.01.08 09:03:00 | 000,719,000 | ---- | M] (Micos s.r.o.) [Auto | Running] -- C:\Program Files\ClientRs\ClientRS.exe -- (ClientRS)
SRV - [2009.11.16 08:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.11.16 08:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009.11.13 10:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009.06.16 07:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009.04.30 10:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009.03.24 09:45:58 | 000,127,656 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\WINDOWS\System32\SUPDSvc.exe -- (Samsung UPD Service)
SRV - [2008.06.25 08:29:14 | 000,397,312 | ---- | M] (GRISOFT, s.r.o.) [On_Demand | Stopped] -- C:\WINDOWS\avgagent.exe -- (avgagent) AVG7 Remote Support Service (AvgAgent)
SRV - [2007.11.09 15:18:50 | 001,464,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\UNS.exe -- (UNS) Intel(R)
SRV - [2007.11.09 15:18:48 | 000,182,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\atchksrv.exe -- (atchksrv) Intel(R)
SRV - [2007.11.09 15:18:44 | 000,121,368 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2007.10.31 14:21:06 | 001,246,536 | ---- | M] (Famatech International Corp.) [Auto | Running] -- C:\WINDOWS\System32\rserver30\RServer3.exe -- (RServer3)
SRV - [2007.04.03 15:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007.03.14 05:03:00 | 000,074,752 | R--- | M] (Bioscrypt Inc.) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2006.06.26 10:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006.06.26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006.06.22 05:14:00 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2005.02.09 14:53:26 | 000,057,344 | R--- | M] (PC HELP, a. s.) [Auto | Running] -- C:\Program Files\PCHELP\PozarniPrevence\Sluzba\SluzbaUdrzba.exe -- (SluzbaUdrzba)
SRV - [2004.06.15 13:29:42 | 000,380,928 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2004.03.01 05:59:52 | 000,093,711 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Oracle\product\10.1.0\Client_1\bin\omtsreco.exe -- (OracleMTSRecoveryService)
SRV - [2003.12.05 16:24:52 | 000,172,032 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBAgent.exe -- (EpsonBidirectionalAgent)
SRV - [2003.12.05 16:21:48 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.11.16 08:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.11.16 08:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.16 07:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.08.09 22:25:56 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2009.03.25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009.03.25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009.03.25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009.03.25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009.03.25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009.02.13 10:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 19:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.13 19:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.13 19:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.28 00:14:00 | 000,224,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2008.03.28 00:10:54 | 002,847,744 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.03.13 02:25:36 | 002,530,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Ovladač adaptéru Intel(R)
DRV - [2008.02.05 12:38:22 | 000,281,600 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008.01.18 16:16:28 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016obex.sys -- (a016obex)
DRV - [2008.01.18 16:16:26 | 000,110,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdm.sys -- (a016mdm)
DRV - [2008.01.18 16:16:26 | 000,104,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mgmt.sys -- (a016mgmt) Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM)
DRV - [2008.01.18 16:16:24 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdfl.sys -- (a016mdfl)
DRV - [2008.01.18 16:16:22 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016bus.sys -- (a016bus) Sony Ericsson Device A016 driver (WDM)
DRV - [2007.12.10 11:14:02 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.12.10 11:14:02 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.12.10 11:14:02 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.12.10 11:14:02 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.12.10 11:14:02 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007.12.10 11:14:00 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.11.14 14:48:20 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007.10.31 14:30:50 | 000,045,976 | ---- | M] (Famatech International Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2007.10.16 06:29:00 | 000,989,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.10.16 06:28:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.10.16 06:28:16 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007.08.28 14:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.07.24 07:21:46 | 000,041,216 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2007.07.12 10:41:52 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2007.04.24 11:33:46 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.24 11:33:46 | 000,098,696 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)
DRV - [2007.04.24 11:33:44 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 11:33:42 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.24 11:33:34 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV - [2007.04.12 13:26:08 | 000,250,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2007.04.03 15:17:08 | 000,306,295 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007.03.08 10:45:56 | 000,088,960 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.02.24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.31 12:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007.01.18 13:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2007.01.04 08:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006.12.20 00:08:00 | 000,047,616 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rismc32.sys -- (rismc32)
DRV - [2006.11.01 04:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2006.10.17 09:59:06 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006.10.17 09:57:58 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2006.06.26 10:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006.06.26 10:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006.06.26 10:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006.06.22 23:29:47 | 000,961,072 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Fusion(UVC)
DRV - [2006.06.22 23:29:47 | 000,020,272 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2006.06.22 23:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006.06.22 23:29:43 | 000,055,984 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvselsus.sys -- (lvselsus)
DRV - [2006.06.22 23:29:40 | 001,413,424 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2006.06.22 23:29:28 | 000,720,176 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) Logitech QuickCam IM(PID_08A0)
DRV - [2006.06.22 23:29:27 | 000,012,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005.11.30 17:12:22 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser)
DRV - [2005.11.30 17:12:22 | 000,027,008 | ---- | M] (Siemens AG ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\siusbmod.sys -- (siusbmod)
DRV - [2005.11.30 17:12:20 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vserial.sys -- (vserial)
DRV - [2005.11.30 17:12:20 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vsb.sys -- (vsbus)
DRV - [2005.09.19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005.09.19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005.09.19 13:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005.06.13 09:08:36 | 000,085,664 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005.06.13 09:06:58 | 000,087,792 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005.06.13 09:05:16 | 000,096,224 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005.06.13 09:05:08 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005.06.13 09:03:12 | 000,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005.04.04 10:36:52 | 000,009,887 | ---- | M] (Ken Kato) [Kernel | Auto | Running] -- C:\Documents and Settings\bilek\Plocha\vyrtuální disteka\vfd.sys -- (VirtualFD)
DRV - [2005.01.10 10:45:56 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)
DRV - [2004.03.02 16:37:50 | 000,125,184 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys -- (imagesrv)
DRV - [2004.03.02 16:37:48 | 000,005,504 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\imagedrv.sys -- (imagedrv)
DRV - [2002.04.09 11:44:22 | 000,039,552 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2001.08.07 14:37:18 | 000,014,133 | ---- | M] (Pinnacle Systems GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\Pclepci.sys -- (PCLEPCI)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2323065506-973834867-3129596536-1110\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2323065506-973834867-3129596536-1110\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2323065506-973834867-3129596536-1110\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2323065506-973834867-3129596536-1110\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*;*.izscr.cz;intranet;10.*;*.local;<local>
IE - HKU\S-1-5-21-2323065506-973834867-3129596536-1110\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.150:3128

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.01.19 12:32:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.15 08:03:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.29 13:58:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.04.12 09:42:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.15 08:03:18 | 000,000,000 | ---D | M]

[2010.02.08 15:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2009.06.16 21:51:14 | 000,307,196 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 10575 more lines...
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKU\S-1-5-21-2323065506-973834867-3129596536-1110\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CognizanceTS] c:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ES_AGENT2] C:\WINDOWS\system32\E_SDA102.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Seagull Drivers] C:\WINDOWS\ssdal_nc.exe ()
O4 - HKLM..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-2323065506-973834867-3129596536-1110..\Run: [] File not found
O4 - HKU\S-1-5-21-2323065506-973834867-3129596536-1110..\Run: [Namedate] C:\Program Files\Nezmeskej\nezmeskej.exe (Petr Mazánek (www.nezmeskej.cz, info@nezmeskej.cz, +420608702180))
O4 - HKU\S-1-5-21-2323065506-973834867-3129596536-1110..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O4 - Startup: C:\Documents and Settings\bilek\Start Menu\Programs\Startup\Automatické vypnutí počítače.lnk = C:\Program Files\Automatické vypnutí počítače\avp.exe (Martin Pospíšil)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2323065506-973834867-3129596536-1110\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftup ... 2532898335 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 2532885929 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://192.168.2.211/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} http://www.hp.com/cpso-support-new/SDD/ ... Signed.cab (HPSDDX Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://192.168.56.234/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.47.0.4 212.47.1.4 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = domcb01.hzscb.cz
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (APSHook.dll) - C:\WINDOWS\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (c:\Program Files\Hewlett-Packard\IAM\bin\ocgina.dll) - c:\Program Files\Hewlett-Packard\IAM\Bin\OCGina.dll (Bioscrypt Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\OneCard: DllName - c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll - c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Bioscrypt Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\bilek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\bilek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 15:02:08 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.02.17 19:23:50 | 000,000,000 | ---D | M] - S:\Autorunf.vinf -- [ NTFS ]
O33 - MountPoints2\##192.168.1.90#c$\Shell - "" = AutoRun
O33 - MountPoints2\##NTSCB01#ASPI\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\##NTSCB01#USERS\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\##NTSCB01#WBR500\Shell\Open(0)\command - "" = M:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{909aa5a7-9c12-11dd-8328-001f3b958017}\Shell - "" = AutoRun
O33 - MountPoints2\{9d31e11a-7f58-11df-8770-00218631d240}\Shell - "" = AutoRun
O33 - MountPoints2\{9d31e11a-7f58-11df-8770-00218631d240}\Shell\AutoRun\command - "" = J:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{db8c240a-285e-11de-8487-00218631d240}\Shell\AutoRun\command - "" = F:\autorunlf.exe -- File not found
O33 - MountPoints2\{e8f48616-f2ea-11df-8861-00218631d240}\Shell - "" = Autorun
O33 - MountPoints2\{e8f48616-f2ea-11df-8861-00218631d240}\Shell\AutoRun\command - "" = J:\Install_Nokia_Ovi_Suite.exe -- File not found
O33 - MountPoints2\{ea63b562-6e28-11df-874f-00218631d240}\Shell - "" = AutoRun
O33 - MountPoints2\{ea63b562-6e28-11df-874f-00218631d240}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f1e7f782-5649-11de-84ec-00218631d240}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: hzvkluuw - C:\WINDOWS\System32\dnibuj.dll File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (35197982840193024)

========== Files/Folders - Created Within 30 Days ==========

[2011.01.04 09:45:25 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\bilek\Plocha\OTL.exe
[2010.12.31 13:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bilek\Data aplikací\Malwarebytes
[2010.12.31 13:11:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.31 13:11:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.12.31 13:10:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.31 13:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.12.30 23:28:35 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.12.30 23:28:34 | 000,000,000 | ---D | C] -- C:\rsit
[2010.12.30 14:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2010.12.22 10:01:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bilek\Dokumenty\jh
[2010.12.17 17:20:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bilek\Dokumenty\Faxové zprávy
[2010.12.17 17:07:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\FxsTmp
[2010.12.17 17:07:02 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2010.12.17 17:07:02 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010.12.17 17:07:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2010.12.17 17:07:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010.12.17 17:07:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2010.12.17 17:07:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010.12.17 17:07:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2010.12.17 17:07:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010.12.15 20:23:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\bilek\Recent
[2010.12.15 15:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 5
[2010.12.15 15:00:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Martau
[2010.12.15 08:38:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010.12.15 08:38:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010.12.15 08:38:17 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010.04.14 19:55:25 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Data aplikací\hpe10F.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.04 09:48:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\LogStop
[2011.01.04 08:35:37 | 000,000,030 | ---- | M] () -- C:\WINDOWS\avp.ini
[2011.01.04 08:34:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.04 08:33:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.04 00:14:14 | 000,001,956 | -H-- | M] () -- C:\Documents and Settings\bilek\Dokumenty\Default.rdp
[2011.01.03 14:43:57 | 000,008,386 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.12.31 13:05:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bilek\Plocha\OTL.exe
[2010.12.30 23:25:59 | 000,388,678 | ---- | M] () -- C:\Documents and Settings\bilek\Plocha\Scan PC z USB či boot CD.pdf
[2010.12.30 23:23:11 | 000,407,508 | ---- | M] () -- C:\Documents and Settings\bilek\Virové forum.doc
[2010.12.30 17:46:59 | 000,000,811 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2010.12.30 14:32:19 | 000,102,073 | ---- | M] () -- C:\012011.pdf
[2010.12.28 13:32:07 | 000,164,352 | ---- | M] () -- C:\Tabulka-tarify 1.1.2011.xls
[2010.12.21 12:19:21 | 000,162,304 | ---- | M] () -- C:\Documents and Settings\bilek\Dokumenty\Prezenční listina JCU.doc
[2010.12.21 09:13:34 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\bilek\Plocha\IKIS II..lnk
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.20 13:41:38 | 000,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini
[2010.12.20 11:03:20 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vema Start.lnk
[2010.12.20 09:15:59 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.12.17 17:52:06 | 000,001,071 | ---- | M] () -- C:\WINDOWS\AWMODEM.INF
[2010.12.17 17:07:05 | 000,523,022 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.12.17 17:07:05 | 000,506,964 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.17 17:07:05 | 000,113,568 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.12.17 17:07:05 | 000,090,140 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.17 17:07:04 | 000,002,021 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010.12.16 22:48:17 | 000,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.16 14:04:03 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.12.16 13:09:20 | 000,420,703 | ---- | M] () -- C:\Documents and Settings\bilek\Dokumenty\Výzva k veřejné zákázce.pdf
[2010.12.15 20:15:45 | 000,273,560 | ---- | M] () -- C:\Documents and Settings\bilek\Dokumenty\cc_20101215_201453.reg
[2010.12.15 20:12:27 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2010.12.10 16:37:37 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\bilek\Dokumenty\Schéma zapojení svodičů přepětí.doc
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.03 22:54:30 | 000,173,339 | ---- | C] () -- C:\Documents and Settings\bilek\ErrorLog.txt
[2010.12.30 23:24:08 | 000,388,678 | ---- | C] () -- C:\Documents and Settings\bilek\Plocha\Scan PC z USB či boot CD.pdf
[2010.12.30 23:23:07 | 000,407,508 | ---- | C] () -- C:\Documents and Settings\bilek\Virové forum.doc
[2010.12.30 15:03:16 | 000,164,352 | ---- | C] () -- C:\Tabulka-tarify 1.1.2011.xls
[2010.12.30 14:32:18 | 000,102,073 | ---- | C] () -- C:\012011.pdf
[2010.12.17 17:22:27 | 000,001,071 | ---- | C] () -- C:\WINDOWS\AWMODEM.INF
[2010.12.17 17:07:02 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010.12.17 17:07:02 | 000,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2010.12.16 14:02:59 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.12.16 13:09:20 | 000,420,703 | ---- | C] () -- C:\Documents and Settings\bilek\Dokumenty\Výzva k veřejné zákázce.pdf
[2010.12.15 20:14:58 | 000,273,560 | ---- | C] () -- C:\Documents and Settings\bilek\Dokumenty\cc_20101215_201453.reg
[2010.12.15 20:12:27 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2010.12.10 16:37:37 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\bilek\Dokumenty\Schéma zapojení svodičů přepětí.doc
[2010.10.25 23:30:46 | 000,000,030 | ---- | C] () -- C:\WINDOWS\avp.ini
[2010.09.16 10:19:27 | 000,000,817 | ---- | C] () -- C:\WINDOWS\d.ini
[2010.08.09 21:18:50 | 000,001,047 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2010.03.15 13:42:44 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\spd__l3.dll
[2010.03.15 13:42:43 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\DscPnt1.dll
[2010.03.15 13:42:43 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\DscPnt0.dll
[2010.03.15 13:42:43 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\DscPnt.dll
[2010.02.02 09:28:58 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2010.02.02 09:11:56 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2010.01.08 17:43:53 | 000,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll
[2010.01.07 15:37:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\EEBAPI.dll
[2010.01.07 15:37:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\EEBDSCVR.dll
[2010.01.07 15:37:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\EBAPI.dll
[2009.12.15 12:52:58 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2009.12.15 12:52:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2009.12.11 15:28:38 | 000,000,103 | ---- | C] () -- C:\WINDOWS\System32\hptrace.ini
[2009.10.09 09:34:14 | 000,001,229 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2009.08.21 11:07:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pbooks.INI
[2009.07.21 11:41:25 | 000,001,084 | ---- | C] () -- C:\WINDOWS\DKAAP2DD.ini
[2009.07.15 14:38:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009.07.15 14:38:43 | 000,034,072 | ---- | C] () -- C:\WINDOWS\System32\jsmudrv4.dll
[2009.07.15 14:38:43 | 000,005,026 | ---- | C] () -- C:\WINDOWS\System32\jsmudrv5.dll
[2009.06.10 07:03:20 | 000,000,013 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\__FileUploader.log
[2009.05.27 15:29:41 | 011,033,039 | ---- | C] () -- C:\Program Files\Miranda IM.rar
[2009.05.20 11:28:09 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009.05.11 13:56:47 | 000,000,102 | ---- | C] () -- C:\WINDOWS\wbcgi.ini
[2009.05.07 15:51:23 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\MxDLL.dll
[2009.04.27 13:52:43 | 000,000,089 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2009.04.27 12:39:46 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2009.04.27 12:39:46 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2009.04.27 12:39:46 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2009.04.27 12:39:46 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2009.04.27 12:39:46 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2009.04.27 12:33:00 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2009.04.24 07:38:40 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpljp300xm.ini
[2009.04.24 07:34:46 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpljp300xg.ini
[2009.04.06 12:40:50 | 000,010,505 | ---- | C] () -- C:\WINDOWS\hplj3380.ini
[2009.03.12 13:37:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009.02.25 10:44:45 | 000,001,570 | ---- | C] () -- C:\WINDOWS\System32\ddhm6724#001F2995A042#638.ini
[2009.01.27 13:18:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\bilek\Data aplikací\NMM-MetaData.db
[2009.01.12 09:40:48 | 000,000,087 | ---- | C] () -- C:\WINDOWS\WINBASE.INI
[2008.12.04 09:43:19 | 000,022,334 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008.12.04 08:40:43 | 000,000,576 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008.11.05 23:27:10 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008.11.05 23:27:10 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.11.05 23:27:10 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.11.05 23:27:10 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008.11.05 23:27:10 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.10.29 09:04:19 | 000,010,509 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008.10.29 09:04:07 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.10.21 10:02:14 | 000,000,035 | ---- | C] () -- C:\WINDOWS\pirmcr.ini
[2008.10.13 07:53:47 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\bilek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.07 06:52:27 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll
[2008.10.01 14:54:07 | 000,086,016 | R--- | C] () -- C:\WINDOWS\System32\TechView.dll
[2008.10.01 14:54:06 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\NClnDotNet.dll
[2008.10.01 14:54:05 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\MDDCln.dll
[2008.10.01 14:54:05 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\MDDGrf.dll
[2008.10.01 14:54:01 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll
[2008.10.01 14:38:57 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\bilek\Local Settings\Data aplikací\fusioncache.dat
[2008.10.01 12:08:55 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\TAL12832.dll
[2008.10.01 12:08:55 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\TALC9332.dll
[2008.10.01 12:08:55 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\TALC3932.DLL
[2008.10.01 12:08:55 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\TALEAN32.DLL
[2008.10.01 12:08:55 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\TALUPC32.dll
[2008.10.01 12:08:55 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\TALITF32.dll
[2008.10.01 12:08:55 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\TALCBR32.dll
[2008.10.01 12:08:55 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\TALZIP32.dll
[2008.09.29 10:35:30 | 000,000,616 | ---- | C] () -- C:\WINDOWS\entrust.ini
[2008.09.29 07:56:32 | 000,009,252 | ---- | C] () -- C:\Documents and Settings\bilek\Data aplikací\dBase.EML
[2008.09.26 20:36:41 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.09.26 20:36:40 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.09.26 20:36:40 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.09.26 12:10:29 | 000,000,811 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.09.24 11:38:59 | 000,005,591 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2008.09.24 11:38:58 | 000,001,233 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2008.09.19 06:52:08 | 000,002,545 | ---- | C] () -- C:\WINDOWS\hpclj5550.ini
[2008.09.19 06:51:59 | 000,003,179 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2008.09.04 11:32:45 | 000,000,890 | ---- | C] () -- C:\WINDOWS\System32\simeceke-ntb#001F29941FD6#632.ini
[2008.09.04 11:27:08 | 000,001,423 | ---- | C] () -- C:\WINDOWS\SetupRSC.ini
[2008.09.02 18:47:06 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.09.01 13:51:26 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.08.27 13:24:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.08.25 22:32:10 | 000,000,095 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.08.24 10:10:35 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.08.22 12:54:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2008.08.22 12:50:54 | 000,000,042 | ---- | C] () -- C:\WINDOWS\avgagent.ini
[2008.08.22 12:41:24 | 000,001,407 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.08.22 12:15:48 | 000,008,386 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.08.22 10:02:19 | 000,004,411 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.05.26 21:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.12.06 09:55:12 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.12.03 07:38:10 | 000,185,952 | ---- | C] () -- C:\WINDOWS\System32\rmoc3260.dll
[2007.08.06 10:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007.04.03 15:18:26 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007.04.03 15:18:06 | 000,193,576 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007.03.29 22:00:40 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2007.03.16 17:00:00 | 000,003,403 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2006.06.26 10:33:40 | 000,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006.05.02 23:38:24 | 000,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2005.11.30 17:12:20 | 000,047,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\vserial.sys
[2005.11.30 17:12:20 | 000,015,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\vsb.sys
[2005.10.14 10:56:50 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.07.29 19:38:24 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004.12.20 17:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004.03.03 04:06:00 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dll
[2003.09.26 13:42:46 | 000,002,421 | ---- | C] () -- C:\WINDOWS\System32\scrubber.ini
[2002.05.03 14:40:32 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000.12.29 08:34:01 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[1998.05.07 02:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll

========== LOP Check ==========

[2008.09.01 06:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator\Data aplikací\Infineon
[2010.04.17 18:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator\Data aplikací\Opera
[2009.07.24 12:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator\Data aplikací\PC Suite
[2008.09.26 12:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator\Data aplikací\Radmin
[2008.09.24 16:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator\Data aplikací\Windows Search
[2010.11.08 21:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2010.11.08 22:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2009.01.16 13:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2009.08.11 12:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2008.10.21 00:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2008.09.01 06:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Infineon
[2009.01.19 08:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2008.08.25 22:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2008.09.08 19:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2010.12.15 15:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Martau
[2010.10.25 13:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Micos
[2008.12.10 01:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.08.24 12:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2009.04.07 08:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Panasonic
[2008.12.05 01:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.06.10 06:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2009.06.10 06:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio
[2009.04.27 12:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
[2010.09.17 08:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Unitech
[2011.01.03 12:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vema
[2010.06.24 09:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Western Digital
[2010.10.29 13:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.06.04 12:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Audacity
[2009.12.14 08:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Autodesk
[2009.05.13 13:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\diag
[2009.10.05 09:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\GetRightToGo
[2010.02.02 09:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\InterTrust
[2009.06.26 13:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\IrfanView
[2009.11.25 16:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\LEGO Company
[2008.10.01 13:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Micos
[2010.09.16 13:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Nokia
[2010.09.02 08:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Nokia Ovi Suite
[2010.01.16 14:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Opera
[2010.11.18 14:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\PC Suite
[2008.10.01 07:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Radmin
[2010.11.08 09:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Rajce
[2010.04.14 20:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Sony
[2010.04.14 20:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Sony Setup
[2010.11.11 12:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\TeamViewer
[2009.01.18 15:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Teleca
[2009.12.29 15:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Vema
[2010.06.24 09:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Western Digital
[2008.11.09 11:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Windows Search
[2008.12.10 09:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\XCPCSync.OEM
[2008.10.10 11:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Zoner
[2010.09.22 07:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stab\Data aplikací\PC Suite
[2010.09.22 07:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\stab\Data aplikací\Western Digital
[2009.01.20 00:14:41 | 000,000,872 | ---- | M] () -- C:\WINDOWS\Tasks\bez.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2007.10.18 14:27:50 | 000,455,968 | ---- | M] (Hewlett-Packard Company)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"Namedate" = C:\Program Files\Nezmeskej\nezmeskej.exe s s -- [2009.07.21 10:08:36 | 000,924,160 | ---- | M] (Petr Mazánek (www.nezmeskej.cz, info@nezmeskej.cz, +420608702180))
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"" =
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2008.12.03 12:47:34 | 001,205,760 | ---- | M] (Nokia)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[1994.02.22 06:29:16 | 000,111,344 | ---- | M] () -- C:\Hesla.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.12.29 10:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vema

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.12.24 22:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Adobe
[2010.10.29 14:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Apple Computer
[2009.06.04 12:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Audacity
[2009.12.14 08:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Autodesk
[2008.10.07 07:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Corel
[2009.05.13 13:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\diag
[2008.09.29 07:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\DivX
[2010.12.30 18:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\dvdcss
[2009.10.05 09:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\GetRightToGo
[2008.10.07 07:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Help
[2009.11.18 11:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\hpqLog
[2008.09.29 07:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Identities
[2009.01.18 13:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\InstallShield
[2010.02.02 09:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\InterTrust
[2009.06.26 13:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\IrfanView
[2009.11.25 16:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\LEGO Company
[2008.09.29 20:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Macromedia
[2010.12.31 13:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Malwarebytes
[2010.08.23 11:28:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Media Player Classic
[2008.10.01 13:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Micos
[2009.09.25 08:37:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\bilek\Data aplikací\Microsoft
[2008.10.13 13:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\NeroDCTemplates
[2010.09.16 13:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Nokia
[2010.09.02 08:35:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Nokia Ovi Suite
[2010.01.16 14:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Opera
[2010.11.18 14:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\PC Suite
[2008.10.01 07:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Radmin
[2010.11.08 09:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Rajce
[2009.02.27 11:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Real
[2010.11.10 14:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Skype
[2010.11.10 14:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\skypePM
[2010.04.14 20:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Sony
[2009.01.17 20:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Sony Ericsson
[2010.04.14 20:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Sony Setup
[2009.03.12 14:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Sun
[2010.11.11 12:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\TeamViewer
[2009.01.18 15:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Teleca
[2009.12.29 15:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Vema
[2010.12.30 18:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\vlc
[2010.06.24 09:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Western Digital
[2008.11.09 11:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Windows Search
[2008.09.29 09:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\WinRAR
[2008.12.10 09:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\XCPCSync.OEM
[2008.10.10 11:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bilek\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.04.14 20:48:35 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\bilek\Data aplikací\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2008.12.04 10:42:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\bilek\Data aplikací\Microsoft\Installer\{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}\ARPPRODUCTICON.exe
[2008.12.04 10:42:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\bilek\Data aplikací\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
[2009.12.15 12:53:34 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\bilek\Data aplikací\Microsoft\Installer\{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe
[2008.12.04 10:42:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\bilek\Data aplikací\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe
[2010.04.14 20:43:23 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\bilek\Data aplikací\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe

< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2010.06.11 01:40:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.18 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.08.22 11:52:22 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 10:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.08.20 14:09:06 | 001,193,832 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\FM20.DLL
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.08.22 10:00:07 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.08.22 10:00:07 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.08.22 10:00:07 | 000,507,904 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2009.08.20 14:09:06 | 001,193,832 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\FM20.DLL
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
GINADLL REG_SZ c:\Program Files\Hewlett-Packard\IAM\bin\ocgina.dll

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.01.04 08:34:10 | 000,000,044 | ---- | M] () -- C:\WINDOWS\system32\log.txt
[2011.01.04 09:53:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\LogStop
[2011.01.04 08:34:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Files - Unicode (All) ==========
[2010.08.24 12:48:45 | 000,000,000 | ---D | M](C:\Documents and Settings\bilek\Data aplikac?) -- C:\Documents and Settings\bilek\Data aplikac�
(C:\Documents and Settings\bilek\Data aplikac?) -- C:\Documents and Settings\bilek\Data aplikac�

< End of report >

Vidím tam nějaké zbytky po havěti, raději dáme combofix

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-01-03.04 - bilek 04.01.2011 13:03:02.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2031.1076 [GMT 1:00]
Spuštěný z: c:\documents and settings\bilek\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\bilek\Dokumenty\cc_20101215_201453.reg
c:\documents and settings\bilek\setup_Fotostar_Offline_client2.exe
c:\windows\d.ini
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\Ijl11.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-04 do 2011-01-04 )))))))))))))))))))))))))))))))
.

2011-01-04 10:12 . 2011-01-04 10:12 388096 ----a-r- c:\documents and settings\bilek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-12-31 12:11 . 2010-12-31 12:11 -------- d-----w- c:\documents and settings\bilek\Data aplikací\Malwarebytes
2010-12-31 12:11 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-31 12:11 . 2010-12-31 12:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-12-31 12:10 . 2010-12-31 12:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-31 12:10 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-30 22:28 . 2011-01-04 10:12 -------- d-----w- c:\program files\trend micro
2010-12-30 22:28 . 2010-12-30 22:29 -------- d-----w- C:\rsit
2010-12-30 20:39 . 2010-12-30 20:39 -------- d-----w- c:\documents and settings\Administrator.DDHM6724
2010-12-30 13:12 . 2010-12-30 13:12 -------- d-----w- c:\program files\Elaborate Bytes
2010-12-17 16:07 . 2010-12-17 16:36 -------- d-----w- c:\windows\system32\FxsTmp
2010-12-17 16:07 . 2004-08-18 12:00 31744 -c--a-w- c:\windows\system32\dllcache\fxsroute.dll
2010-12-17 16:07 . 2004-08-18 12:00 31744 ----a-w- c:\windows\system32\fxsroute.dll
2010-12-17 16:07 . 2004-08-18 12:00 137216 -c--a-w- c:\windows\system32\dllcache\fxsclntr.dll
2010-12-17 16:07 . 2004-08-18 12:00 137216 ----a-w- c:\windows\system32\fxsclntR.dll
2010-12-17 16:07 . 2004-08-18 12:00 11776 -c--a-w- c:\windows\system32\dllcache\fxssend.exe
2010-12-17 16:07 . 2004-08-18 12:00 11776 ----a-w- c:\windows\system32\fxssend.exe
2010-12-17 16:07 . 2004-08-18 12:00 112128 -c--a-w- c:\windows\system32\dllcache\fxscfgwz.dll
2010-12-17 16:07 . 2004-08-18 12:00 112128 ----a-w- c:\windows\system32\fxscfgwz.dll
2010-12-15 18:42 . 2010-12-15 18:42 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-15 14:00 . 2010-12-15 18:40 -------- d-----w- c:\program files\Total Uninstall 5
2010-12-15 14:00 . 2010-12-15 14:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Martau
2010-12-15 07:38 . 2010-11-18 18:15 81920 -c----w- c:\windows\system32\dllcache\isign32.dll
2010-12-15 07:38 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 07:38 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:15 . 2008-08-22 07:56 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:25 . 2004-08-18 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:25 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:25 . 2004-08-18 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:25 . 2004-08-18 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-02 15:17 . 2004-08-18 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-18 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2004-08-18 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-21 12:12 . 2004-08-18 12:00 389120 ----a-w- c:\windows\system32\html.iec
2010-10-14 23:44 . 2010-10-14 23:44 4280320 ----a-w- c:\windows\system32\GPhotos.scr
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"Namedate"="c:\program files\Nezmeskej\nezmeskej.exe" [2009-07-21 924160]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seagull Drivers"="ssdal_nc.exe startup" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-06-26 614960]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"PinnacleDriverCheck"="c:\windows\system32\\PSDrvCheck.exe" [2004-03-10 406016]
"StatusClient 2.6"="c:\program files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe" [2005-04-08 151552]
"TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-05-20 188416]
"OrderReminder"="c:\program files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe" [2009-12-15 98304]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152]
"ES_AGENT2"="c:\windows\system32\E_SDA102.EXE" [2002-02-02 122880]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\MpcStar\Codecs\QuickTime\QTTask.exe" [2010-09-08 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\bilek\Start Menu\Programs\Startup\
Automatick‚ vypnutˇ poźˇtaźe.lnk - c:\program files\Automatick‚ vypnutˇ poźˇtaźe\avp.exe [2004-12-28 443392]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe [2010-2-2 82026]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-9-3 113664]
EPSON Status Monitor 3 Environment Check 2.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2010-1-7 131584]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-03-14 04:03 74752 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"14.154.254.2,255.255.255.255,192.168.1.99,1"=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\^VERZE.csv]
path=\VERZE.csv
backup=c:\windows\pss\VERZE.csvCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Namedate]
2009-07-21 09:08 924160 ----a-w- c:\program files\Nezmeskej\nezmeskej.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-11-20 08:17 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mstsc.exe"=
"c:\\Program Files\\IDS\\iGuard®\\iGuardRemoteView.exe"=
"c:\\Program Files\\ClientRs\\ClientRS.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\SolarWinds\\2002 Standard Edition\\TFTP-Server.exe"=
"d:\\Miranda IM prazdna\\miranda32.exe"=
"d:\\Install\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\Install\\Opera\\opera1010usb\\OperaUSB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8886:TCP"= 8886:TCP:ClientRS_8886_TCP
"8887:TCP"= 8887:TCP:ClientRS_8887_TCP
"8888:TCP"= 8888:TCP:ClientRS_8888_TCP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"4798:TCP"= 4798:TCP:*:Disabled:blrkksx
"27260:TCP"= 27260:TCP:BitComet 27260 TCP
"27260:UDP"= 27260:UDP:BitComet 27260 UDP

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [19.3.2009 10:44 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [24.10.2008 20:53 96408]
R1 raddrvv3;raddrvv3;c:\windows\system32\rserver30\raddrvv3.sys [31.10.2007 14:30 45976]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [18.8.2004 13:00 14336]
R2 atchksrv;Intel(R) Active Management Technology System Status Service;c:\program files\Intel\AMT\atchksrv.exe [22.8.2008 10:23 182808]
R2 ClientRS;ClientRS;c:\program files\ClientRs\ClientRS.exe [3.11.2008 14:10 719000]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 8:04 735960]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [14.4.2010 19:55 90112]
R2 RServer3;Radmin Server V3;c:\windows\system32\rserver30\rserver3.exe [31.10.2007 14:21 1246536]
R2 SluzbaUdrzba;Údržba aplikací PCHELP;c:\program files\PCHELP\PozarniPrevence\Sluzba\SluzbaUdrzba.exe [5.3.2010 8:01 57344]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Intel\AMT\UNS.exe [22.8.2008 10:23 1464856]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [13.11.2009 10:28 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 7:58 20480]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [4.4.2007 18:16 41216]
R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [22.8.2008 10:16 47616]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [18.8.2004 13:00 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 hzvkluuw;Config Monitor;c:\windows\system32\svchost.exe -k netsvcs [18.8.2004 13:00 14336]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 avgagent;AVG7 Remote Support Service (AvgAgent);avgagent.exe /srvfsys --> avgagent.exe [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.8.2010 12:15 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.8.2010 12:15 8320]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [14.4.2010 19:55 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [14.4.2010 19:55 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [14.4.2010 19:55 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [14.4.2010 19:56 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [14.4.2010 19:55 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [14.4.2010 19:55 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [14.4.2010 19:56 109864]
S3 Samsung UPD Service;Samsung UPD Service;c:\windows\system32\SUPDSvc.exe [15.3.2010 13:42 127656]
S3 siusbmod;siusbmod;c:\windows\system32\drivers\siusbmod.sys [30.11.2005 17:12 27008]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [24.6.2010 9:00 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - GUSVC

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
hzvkluuw

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-10-18 13:25 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2009-01-19 c:\windows\Tasks\bez.job
- c:\windows\system32\ntbackup.exe [2004-08-18 03:22]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyServer = 192.168.1.150:3128
uInternet Settings,ProxyOverride = 192.168.*;*.izscr.cz;intranet;10.*;*.local;<local>
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: { - c:\program files\Messenger\msmsgs.exe
TCP: {A63E2164-CC4C-4779-A19A-F3BBEF61E958} = 192.168.1.11,192.168.1.1,10.255.255.10,10.255.255.20
TCP: {DBB772A1-9277-48BA-99AE-9E73D2BAF9E4} = 192.168.1.11,192.168.1.1,10.255.255.10,10.255.255.20
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://192.168.56.234/activex/AMC.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-AVG7_CC - c:\progra~1\Grisoft\AVG7\avgcc.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-04 13:11
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\c:\documents and settings\simeceke.DOMCB01\Local Settings\TEMP\ASFWHide"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1632)
c:\program files\Hewlett-Packard\IAM\bin\ocgina.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\bin\ItTal.dll
c:\program files\Hewlett-Packard\IAM\bin\ItReports.DLL
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll
c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll
c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll
c:\program files\Hewlett-Packard\IAM\Bin\AuthWiz.dll

- - - - - - - > 'winlogon.exe'(3204)
c:\program files\Hewlett-Packard\IAM\bin\ocgina.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll
c:\program files\Hewlett-Packard\IAM\bin\ItTal.dll
c:\program files\Hewlett-Packard\IAM\bin\ItReports.DLL
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\windows\system32\msi.dll
c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll
c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll
c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll
c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll
c:\windows\system32\ATSC70.dll
c:\program files\Hewlett-Packard\IAM\Bin\AuthWiz.dll

- - - - - - - > 'Explorer.exe'(11776)
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
c:\windows\system32\APSHook.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Common Files\EPSON\EBAPI\eEBAgent.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\AMT\LMS.exe
c:\oracle\product\10.1.0\Client_1\bin\omtsreco.exe
c:\program files\RealVNC\VNC4\WinVNC4.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rdpclip.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\windows\system32\rserver30\FamItrfc.Exe
c:\program files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Logitech\QuickCam10\COCIManager.exe
c:\program files\Automatické vypnutí počítače\avp.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\windows\system32\SearchProtocolHost.exe
c:\program files\Google\Picasa3\Picasa3.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2011-01-04 13:19:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-04 12:19

Před spuštěním: 6 766 235 648
Po spuštění: 8 130 891 776

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 61BF69ADE339F34C14577085B8A4D5EB

tohle znáte?
[HKLM\~\startupfolder\^VERZE.csv]
path=\[HKLM\~\startupfolder\^VERZE.csv]
path=\VERZE.csv

Máte něco od Aschampoo?

VIRY.CZ

pro Motji

pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji

Re: pro Motji