VIRY.CZ

Dobrý den,
jsem docela pc lajk, týden jsem byl mimo domov a syn (11let) se mi pohrabal v pc. Byl bych velmi vděčný, kdyby se mi na to někdo mrknul. Předem moc děkuji !


Logfile of random's system information tool 1.08 (written by random/random)
Run by -- at 2011-01-22 13:59:14
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (14%) free of 30 GB
Total RAM: 1535 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:59:18, on 22.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\OSD.EXE
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\--\Local Settings\Temporary Internet Files\Content.IE5\0T4WN5AU\RSIT[1].exe
C:\Program Files\trend micro\--.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - (no file)
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\WINDOWS\TEMP\E_SDA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKLM\..\Policies\Explorer\Run: [CanoScan Toolbox Ver5.0] C:\Program Files\Canon\CSTBox.exe
O4 - HKCU\..\Policies\Explorer\Run: [CanoScan Toolbox Ver5.0] C:\Program Files\Canon\CSTBox.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CSTBox.exe
O4 - Global Startup: Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Povolit program Bezdrátová klávesnice a myš Labtec.lnk = ?
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Hlede&j v ČR - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v &encyklopedii - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5108
O8 - Extra context menu item: Hledej ve &světě - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Hledej ve &zboží - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5107
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3845376781
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F1BE69-A1FD-42F9-8646-A9B06370D4E2}: NameServer = 62.129.50.20,62.129.32.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

--
End of file - 10374 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-DOMA---.job
C:\WINDOWS\tasks\AWC AutoSweep.job
C:\WINDOWS\tasks\AWC Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-651377827-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-651377827-725345543-1003UA.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{51CFA3EA-DC95-4795-8228-1D9C1ADB4157}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F657FCBC-15DD-4DF9-B8EA-107EC8644767}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-02 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-12-08 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CE-3093-459C-B764-AEB2486F2273} - &Seznam Lištička - C:\Program Files\Seznam\Listicka\Toolbar.dll [2007-11-04 793960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-02 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-02-10 241664]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-29 282624]
"RemoteControl"=E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-06-28 32768]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"CanoScan Toolbox Ver5.0"=C:\Program Files\Canon\CSTBox.exe [2005-10-19 664064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-30 68856]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-12-16 2402512]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON SX110 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [2008-09-27 199680]
"Google Update"=C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"CanoScan Toolbox Ver5.0"=C:\Program Files\Canon\CSTBox.exe [2005-10-19 664064]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Hlavní panel ATI CATALYST.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
Povolit program Bezdrátová klávesnice a myš Labtec.lnk - C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe

C:\Documents and Settings\--\Nabídka Start\Programy\Po spuštění
CSTBox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe"="C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe:*:Enabled:Game_Exe"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.vbs - open - %WINDIR%\System32\CScript.exe //nologo "%1" %*

======List of files/folders created in the last 1 months======

2011-01-22 13:55:49 ----D---- C:\Program Files\trend micro
2011-01-22 13:55:48 ----D---- C:\rsit
2011-01-18 11:57:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\espionServerData
2011-01-18 11:57:59 ----A---- C:\AdobeDebug.txt
2011-01-18 11:51:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2011-01-18 00:30:35 ----D---- C:\Documents and Settings\--\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-01-17 23:01:13 ----D---- C:\Documents and Settings\--\Data aplikací\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
2011-01-16 13:35:07 ----ASH---- C:\pagefile.sys
2011-01-15 19:25:41 ----D---- C:\Program Files\Yamicsoft
2011-01-15 18:37:56 ----D---- C:\Documents and Settings\--\Data aplikací\ElevatedDiagnostics
2011-01-15 15:01:21 ----D---- C:\Program Files\Common Files\Windows Live
2011-01-15 14:59:13 ----D---- C:\WINDOWS\system32\winrm
2011-01-15 14:59:13 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-01-15 14:59:08 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-01-15 14:59:05 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2011-01-15 14:58:51 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2011-01-13 16:40:00 ----N---- C:\WINDOWS\system32\w3ctrs.ini
2011-01-13 16:39:59 ----N---- C:\WINDOWS\system32\axperf.ini
2011-01-13 16:39:58 ----N---- C:\WINDOWS\system32\infoctrs.ini
2011-01-13 16:39:48 ----N---- C:\WINDOWS\system32\fxsperf.ini
2011-01-13 16:39:48 ----A---- C:\WINDOWS\system32\fxssend.exe
2011-01-13 16:39:48 ----A---- C:\WINDOWS\system32\fxsroute.dll
2011-01-13 16:39:48 ----A---- C:\WINDOWS\system32\fxsclntR.dll
2011-01-13 16:39:47 ----A---- C:\WINDOWS\system32\fxscfgwz.dll
2011-01-13 16:16:55 ----D---- C:\WINDOWS\system32\msmq
2011-01-12 12:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-11 16:27:07 ----D---- C:\TTDX
2011-01-11 16:18:51 ----D---- C:\Documents and Settings\--\Data aplikací\Publish Providers
2011-01-11 16:18:51 ----D---- C:\Documents and Settings\--\Data aplikací\NetMedia Providers
2011-01-11 16:18:46 ----D---- C:\Documents and Settings\--\Data aplikací\Sonic Foundry
2011-01-11 16:13:31 ----N---- C:\WINDOWS\system32\wmv8dmoe.dll
2011-01-11 16:13:31 ----N---- C:\WINDOWS\system32\wmv8dmod.dll
2011-01-11 16:13:30 ----N---- C:\WINDOWS\system32\wmvdmoe.dll
2011-01-11 16:13:30 ----N---- C:\WINDOWS\system32\wmvcore2.dll
2011-01-11 16:07:14 ----D---- C:\Program Files\Sonic Foundry
2011-01-11 16:06:15 ----D---- C:\Program Files\Sonic Foundry Setup
2011-01-09 19:05:09 ----D---- C:\Documents and Settings\--\Data aplikací\Nero
2011-01-09 18:40:11 ----D---- C:\Program Files\Common Files\Nero
2011-01-09 18:39:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2011-01-09 18:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2011-01-08 20:00:40 ----D---- C:\Program Files\FreeApps
2011-01-08 20:00:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\FreeApp
2011-01-08 17:19:44 ----N---- C:\WINDOWS\system32\javaws.exe
2011-01-08 17:19:44 ----N---- C:\WINDOWS\system32\javaw.exe
2011-01-08 17:19:44 ----N---- C:\WINDOWS\system32\java.exe
2011-01-07 14:01:57 ----N---- C:\WINDOWS\system32\CmdLineExt.dll
2010-12-29 14:30:13 ----D---- C:\Program Files\Firefly Studios
2010-12-24 21:09:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$

======List of files/folders modified in the last 1 months======

2011-01-22 13:55:49 ----RD---- C:\Program Files
2011-01-22 13:28:01 ----D---- C:\WINDOWS\Temp
2011-01-22 13:25:22 ----D---- C:\Documents and Settings\--\Data aplikací\Skype
2011-01-22 13:22:26 ----D---- C:\WINDOWS
2011-01-22 11:50:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-21 17:50:59 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-20 11:49:15 ----SHD---- C:\WINDOWS\Installer
2011-01-20 11:47:06 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-19 17:20:00 ----RSD---- C:\WINDOWS\assembly
2011-01-19 17:05:20 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-19 15:26:57 ----D---- C:\Documents and Settings\--\Data aplikací\Adobe
2011-01-19 13:39:12 ----D---- C:\Documents and Settings\--\Data aplikací\BitComet
2011-01-19 12:29:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-18 21:26:25 ----D---- C:\WINDOWS\system32\config
2011-01-18 12:48:52 ----D---- C:\WINDOWS\system32
2011-01-18 12:20:43 ----D---- C:\Downloads
2011-01-18 12:16:27 ----D---- C:\Program Files\Google
2011-01-18 11:54:03 ----SD---- C:\WINDOWS\Tasks
2011-01-18 11:48:51 ----SHD---- C:\Config.Msi
2011-01-18 11:47:16 ----RSD---- C:\WINDOWS\Fonts
2011-01-18 11:47:04 ----D---- C:\Program Files\Common Files\Adobe
2011-01-18 11:45:19 ----D---- C:\Program Files\Adobe
2011-01-18 11:40:31 ----D---- C:\WINDOWS\system32\drivers
2011-01-18 11:40:30 ----HD---- C:\WINDOWS\inf
2011-01-18 11:40:28 ----D---- C:\WINDOWS\WinSxS
2011-01-17 22:53:37 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-01-16 15:00:45 ----A---- C:\WINDOWS\win.ini
2011-01-15 20:22:13 ----D---- C:\Program Files\WinRAR
2011-01-15 19:49:50 ----RD---- C:\WINDOWS\Web
2011-01-15 19:48:36 ----AC---- C:\WINDOWS\ODBCINST.INI
2011-01-15 19:48:23 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-15 19:46:14 ----D---- C:\WINDOWS\system32\ias
2011-01-15 19:46:02 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-01-15 18:39:00 ----D---- C:\WINDOWS\AppPatch
2011-01-15 18:36:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-15 15:01:21 ----D---- C:\Program Files\Common Files
2011-01-15 15:01:08 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-15 15:01:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-15 15:01:04 ----D---- C:\Program Files\Internet Explorer
2011-01-15 15:01:02 ----D---- C:\WINDOWS\ie8updates
2011-01-15 14:59:53 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-15 14:59:38 ----A---- C:\WINDOWS\imsins.BAK
2011-01-15 14:59:19 ----D---- C:\WINDOWS\Help
2011-01-15 14:59:13 ----D---- C:\WINDOWS\system32\wbem
2011-01-15 14:58:57 ----D---- C:\WINDOWS\security
2011-01-15 14:50:49 ----D---- C:\WINDOWS\system32\cs-cz
2011-01-15 14:50:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-15 14:44:26 ----D---- C:\WINDOWS\system32\en-US
2011-01-15 14:44:20 ----D---- C:\Program Files\Microsoft.NET
2011-01-15 13:54:47 ----A---- C:\WINDOWS\UPGRADE.TXT
2011-01-14 18:12:55 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-14 16:53:46 ----D---- C:\WINDOWS\repair
2011-01-14 16:53:37 ----D---- C:\WINDOWS\Registration
2011-01-13 16:42:02 ----D---- C:\Inetpub
2011-01-13 16:40:15 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-13 16:39:48 ----D---- C:\WINDOWS\addins
2011-01-13 12:07:42 ----D---- C:\WINDOWS\SHELLNEW
2011-01-13 10:25:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2011-01-12 12:15:00 ----N---- C:\WINDOWS\system32\MRT.exe
2011-01-09 18:48:21 ----D---- C:\WINDOWS\Cursors
2011-01-09 18:48:12 ----D---- C:\Program Files\Nero
2011-01-09 18:03:19 ----D---- C:\WINDOWS\system32\mui
2011-01-08 17:19:42 ----D---- C:\Program Files\Java
2011-01-08 16:24:10 ----D---- C:\Documents and Settings\--\Data aplikací\tigerplayer
2011-01-07 16:56:16 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-02 10:35:06 ----N---- C:\WINDOWS\wincmd.ini
2010-12-24 21:10:58 ----D---- C:\WINDOWS\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-28 691696]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-05-18 74112]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 11776]
R1 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 9548]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-03-17 223432]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-02-11 13824]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-02-05 39488]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
R3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys []
S0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys []
S3 a1rgcff9;a1rgcff9; C:\WINDOWS\system32\drivers\a1rgcff9.sys []
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-02-10 14336]
S3 awgxrddv;awgxrddv; C:\WINDOWS\system32\drivers\awgxrddv.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-13 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-13 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

-----------------EOF-----------------

jestli to pomůže, tak jsem ještě přidal log z ComboFix


ComboFix 11-01-22.01 - -- 22.01.2011 18:15:27.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.876 [GMT 1:00]
Spuštěný z: c:\documents and settings\--\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 110122-0] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\page
c:\documents and settings\All Users\Data aplikací\page\page.ico
c:\documents and settings\All Users\Data aplikací\page\page.URL
c:\windows\system32\nvs2.inf
c:\windows\system32\yfgvnu_nav.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-22 do 2011-01-22 )))))))))))))))))))))))))))))))
.

2011-01-22 12:55 . 2011-01-22 12:59 -------- d-----w- c:\program files\trend micro
2011-01-22 12:55 . 2011-01-22 12:56 -------- d-----w- C:\rsit
2011-01-18 10:57 . 2011-01-18 10:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\espionServerData
2011-01-18 10:51 . 2011-01-18 10:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\regid.1986-12.com.adobe
2011-01-17 23:30 . 2011-01-17 23:30 -------- d-----w- c:\documents and settings\--\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-01-17 22:01 . 2011-01-17 22:01 -------- d-----w- c:\documents and settings\--\Data aplikací\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
2011-01-15 18:25 . 2011-01-15 18:25 -------- d-----w- c:\program files\Yamicsoft
2011-01-15 17:37 . 2011-01-15 17:37 -------- d-----w- c:\documents and settings\--\Data aplikací\ElevatedDiagnostics
2011-01-15 14:01 . 2011-01-15 14:01 -------- d-----w- c:\program files\Common Files\Windows Live
2011-01-15 13:59 . 2011-01-15 13:59 -------- d-----w- c:\windows\system32\winrm
2011-01-15 13:59 . 2011-01-15 13:59 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-01-14 10:17 . 2011-01-14 10:17 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-13 15:39 . 2008-04-14 12:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
2011-01-13 15:39 . 2008-04-14 12:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
2011-01-13 15:39 . 2008-04-14 12:00 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
2011-01-13 15:39 . 2008-04-14 12:00 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
2011-01-13 15:39 . 2008-04-14 12:00 31744 ----a-w- c:\windows\system32\fxsroute.dll
2011-01-13 15:39 . 2008-04-14 12:00 132608 ----a-w- c:\windows\system32\fxsclntR.dll
2011-01-13 15:39 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\fxssend.exe
2011-01-13 15:39 . 2008-04-14 12:00 111104 ----a-w- c:\windows\system32\fxscfgwz.dll
2011-01-13 15:16 . 2011-01-13 15:16 -------- d-----w- c:\windows\system32\msmq
2011-01-12 16:24 . 2011-01-12 16:30 -------- d-----w- c:\documents and settings\--\Local Settings\Data aplikací\Nero
2011-01-11 15:27 . 2011-01-11 16:00 -------- d-----w- C:\TTDX
2011-01-11 15:18 . 2011-01-11 15:18 -------- d-----w- c:\documents and settings\--\Data aplikací\Publish Providers
2011-01-11 15:18 . 2011-01-11 15:18 -------- d-----w- c:\documents and settings\--\Data aplikací\NetMedia Providers
2011-01-11 15:18 . 2011-01-11 15:18 -------- d-----w- c:\documents and settings\--\Data aplikací\Sonic Foundry
2011-01-11 15:13 . 2001-10-19 14:40 438608 ------w- c:\windows\system32\wmv8dmod.dll
2011-01-11 15:13 . 2001-10-19 14:40 665424 ------w- c:\windows\system32\wmv8dmoe.dll
2011-01-11 15:13 . 2002-10-09 12:21 566272 ------w- c:\windows\system32\wmvdmoe.dll
2011-01-11 15:13 . 2001-10-19 14:40 1683792 ------w- c:\windows\system32\wmvcore2.dll
2011-01-11 15:13 . 2001-10-19 02:05 285184 ------w- c:\windows\system32\wmidx2.ocx
2011-01-11 15:07 . 2011-01-11 15:22 -------- d-----w- c:\program files\Sonic Foundry
2011-01-11 15:06 . 2011-01-11 15:12 -------- d-----w- c:\program files\Sonic Foundry Setup
2011-01-11 10:21 . 2011-01-11 10:21 -------- d-----w- c:\documents and settings\--\Local Settings\Data aplikací\ABBYY
2011-01-09 18:05 . 2011-01-09 18:05 -------- d-----w- c:\documents and settings\--\Data aplikací\Nero
2011-01-09 17:40 . 2011-01-09 17:40 -------- d-----w- c:\program files\Common Files\Nero
2011-01-09 17:39 . 2011-01-09 17:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Nero
2011-01-08 19:00 . 2011-01-08 19:00 -------- d-----w- c:\program files\FreeApps
2011-01-08 19:00 . 2011-01-08 19:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FreeApp
2011-01-07 13:01 . 2011-01-07 13:01 98304 ------w- c:\windows\system32\CmdLineExt.dll
2011-01-04 21:49 . 2011-01-22 17:07 -------- d-----w- c:\documents and settings\--\Plocha
2010-12-29 13:30 . 2011-01-07 15:56 -------- d-----w- c:\program files\Firefly Studios

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:15 . 2005-12-22 23:40 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-05-10 09:29 472808 ------w- c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2008-04-01 08:16 73728 ------w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2004-08-17 13:49 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2004-08-17 13:44 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-09-20 13:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-17 13:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2004-08-17 13:44 1853312 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ------w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 68856]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-12-16 2402512]
"Google Update"="c:\documents and settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-10-20 136176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 241664]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-02-12 77824]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-02-12 188416]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-29 282624]
"RemoteControl"="e:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-06-28 32768]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-05 61440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"CanoScan Toolbox Ver5.0"="c:\program files\Canon\CSTBox.exe" [2005-10-19 664064]

c:\documents and settings\--\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CSTBox.exe [2005-10-21 664064]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Hlavnˇ panel ATI CATALYST.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe [2005-8-6 61440]
Povolit program Bezdr tov  kl vesnice a myç Labtec.lnk - c:\program files\Bezdr tov  kl vesnice a myç Labtec\MagicKey.exe [2009-10-31 258048]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"=
"c:\\Program Files\\Sudden Strike II\\game\\code\\Release\\game_exe.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"17469:TCP"= 17469:TCP:BitComet 17469 TCP
"17469:UDP"= 17469:UDP:BitComet 17469 UDP
"19744:TCP"= 19744:TCP:BitComet 19744 TCP
"19744:UDP"= 19744:UDP:BitComet 19744 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2010 18:14 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [9.1.2010 16:38 114768]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [31.10.2009 12:21 11776]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [30.9.2010 3:06 169408]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.1.2010 16:38 20560]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S0 a347bus;a347bus;c:\windows\system32\DRIVERS\a347bus.sys --> c:\windows\system32\DRIVERS\a347bus.sys [?]
S0 a347scsi;a347scsi;c:\windows\system32\Drivers\a347scsi.sys --> c:\windows\system32\Drivers\a347scsi.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14.2.2010 19:07 135664]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [10.2.2007 3:04 14336]
S3 McComponentHostService;McAfee Security Scan Component Host Service; [x]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [17.8.2004 14:49 14336]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [17.8.2004 14:49 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'

2011-01-18 c:\windows\Tasks\AdobeAAMUpdater-1.0-DOMA---.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-07-29 00:25]

2011-01-22 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-03-24 13:11]

2011-01-22 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-03-24 14:24]

2011-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 18:07]

2011-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 18:07]

2011-01-22 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]

2011-01-22 c:\windows\Tasks\User_Feed_Synchronization-{51CFA3EA-DC95-4795-8228-1D9C1ADB4157}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

2011-01-22 c:\windows\Tasks\User_Feed_Synchronization-{F657FCBC-15DD-4DF9-B8EA-107EC8644767}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search
IE: &Přelož do češtiny - c:\program files\Seznam\Listicka\Toolbar.dll/5034
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Hlede&j v ČR - c:\program files\Seznam\Listicka\Toolbar.dll/5033
IE: Hledej v &encyklopedii - c:\program files\Seznam\Listicka\Toolbar.dll/5108
IE: Hledej ve &světě - c:\program files\Seznam\Listicka\Toolbar.dll/5035
IE: Hledej ve &zboží - c:\program files\Seznam\Listicka\Toolbar.dll/5107
TCP: {25F1BE69-A1FD-42F9-8646-A9B06370D4E2} = 62.129.50.20,62.129.32.100
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxps://download.seznam.cz/listicka/toolbar2007.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{31c7d459-9cc3-44f2-9dca-fc11795309b4} - (no file)
BHO-{31c7d459-9cc3-44f2-9dca-fc11795309b4} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{31C7D459-9CC3-44F2-9DCA-FC11795309B4} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-22 18:20
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1004336348-651377827-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1060)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-01-22 18:23:55
ComboFix-quarantined-files.txt 2011-01-22 17:23

Před spuštěním: 4 730 724 352
Po spuštění: 5 277 089 792

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - A20C92F90604008D04E5FADE434BCC9F



předem děkuji

Dobrý večer
Po combofixu se něco změnilo?
Jaké chybové hlášky?

Dobrý den,
po combofix je to mnohem lepší, jenom při každém spuštění pc a naběhnutí windows mi to píše, že nastala chyba v inter. explorer a je jí třeba zavřít, aniž bych ji spustil a od comboF mi počítač díky bohu ještě nezamrzl, tak snad to bude v pořádku. Ten combofix mám odinstalovat? Já se v těch log. stejně vůbec nevyznám snad v nich nebylo nic strašného?!

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript: - zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Dobrý večer, musím to trochu rozdělit, nechce to tu vlézti

začátek OTL.Txt

OTL logfile created on: 24.1.2011 20:20:39 - Run 1
OTL by OldTimer - Version 3.2.20.5 Folder = C:\Documents and Settings\--\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): E:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 4,89 Gb Free Space | 16,70% Space Free | Partition Type: NTFS
Drive E: | 45,23 Gb Total Space | 41,25 Gb Free Space | 91,20% Space Free | Partition Type: NTFS

Computer Name: DOMA | User Name: -- | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.24 20:13:58 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\--\Plocha\OTL.exe
PRC - [2010.12.16 16:19:34 | 002,402,512 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010.03.04 21:38:02 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.10 23:07:32 | 000,241,664 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2005.08.06 00:07:30 | 000,061,440 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2004.03.02 14:54:40 | 000,036,864 | ---- | M] (WayTech Development, Inc.) -- C:\Program Files\Bezdrátová klávesnice a myš Labtec\OSD.exe
PRC - [2004.02.12 16:59:58 | 000,077,824 | ---- | M] (Labtec Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2004.02.03 16:40:40 | 000,258,048 | ---- | M] () -- C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
PRC - [2004.01.21 02:24:22 | 000,135,214 | R--- | M] (Labtec Inc.) -- C:\WINDOWS\system32\LVComS.exe


========== Modules (SafeList) ==========

MOD - [2011.01.24 20:13:58 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\--\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.02.10 22:51:40 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (McComponentHostService)
SRV - File not found [Auto | Stopped] -- -- (HidServ)
SRV - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 21:38:02 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)


========== Driver Services (SafeList) ==========

DRV - [2010.03.28 18:34:07 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.03.17 13:26:28 | 000,223,432 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.11.12 12:48:58 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\StarOpen.sys -- (StarOpen)
DRV - [2009.09.15 12:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 12:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 12:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.04.13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2007.02.11 00:55:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007.02.10 03:04:52 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt)
DRV - [2007.01.24 18:46:50 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2005.08.04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.04.19 03:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.10.27 07:24:00 | 000,223,104 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004.01.21 02:14:46 | 000,005,915 | R--- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2004.01.21 02:14:42 | 000,271,360 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0)
DRV - [2003.03.27 13:55:48 | 000,011,776 | ---- | M] (WayTech Development, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\kbfilter.sys -- (kbfilter)
DRV - [2003.01.23 14:29:28 | 000,009,548 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\moufiltr.sys -- (moufiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.google.com
IE - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1004336348-651377827-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: bookmarks@cometmarks.com:1.80
FF - prefs.js..extensions.enabledItems: ctrl-tab@design-noir.de:0.21.1
FF - prefs.js..extensions.enabledItems: {567F62D2-2162-43fe-A573-E5620D0934B2}:2.07
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23
FF - prefs.js..extensions.enabledItems: {F5CEF9AD-F6AF-4b69-AB6D-936BF6BCB6D7}:1.8
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Data aplikací\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.12.08 17:14:16 | 000,000,000 | ---D | M]

[2010.12.14 13:13:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\--\Data aplikací\Mozilla\Extensions
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{567F62D2-2162-43FE-A573-E5620D0934B2}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{B042753D-F57E-4E8E-A01B-7379A6D4CEFB}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{F5CEF9AD-F6AF-4B69-AB6D-936BF6BCB6D7}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\BOOKMARKS@COMETMARKS.COM
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\CTRL-TAB@DESIGN-NOIR.DE

O1 HOSTS File: ([2011.01.22 18:20:51 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Seznam Lištička) - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1004336348-651377827-725345543-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1004336348-651377827-725345543-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1004336348-651377827-725345543-1003\..\Toolbar\WebBrowser: (&Seznam Lištička) - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Labtec Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Labtec Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKU\S-1-5-21-1004336348-651377827-725345543-1003..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-1004336348-651377827-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\--\Nabídka Start\Programy\Po spuštění\CSTBox.exe (CANON INC.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Povolit program Bezdrátová klávesnice a myš Labtec.lnk = C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: CanoScan Toolbox Ver5.0 = C:\Program Files\Canon\CSTBox.exe (CANON INC.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: CanoScan Toolbox Ver5.0 = C:\Program Files\Canon\CSTBox.exe (CANON INC.)
O8 - Extra context menu item: &Přelož do češtiny - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Hlede&j v ČR - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej v &encyklopedii - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej ve &světě - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej ve &zboží - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} https://download.seznam.cz/listicka/toolbar2007.cab (ToolbarInetInstall Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3845376781 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\--\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\--\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.12.23 00:43:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.03.15 16:33:47 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.03.15 16:33:47 | 000,000,000 | R--D | M] - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.enc - C:\WINDOWS\System32\ITIG726.acm (Ingenient Technologies, Inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)

========== Files/Folders - Created Within 30 Days ==========

[2011.01.24 20:13:58 | 000,603,136 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\--\Plocha\OTL.exe
[2011.01.22 18:56:10 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.01.22 18:13:48 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.22 18:10:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.22 18:10:46 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.22 18:10:46 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.22 18:10:46 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.22 18:10:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.01.22 18:02:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.22 13:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.22 13:55:48 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.18 11:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\espionServerData
[2011.01.18 11:51:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.01.18 00:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.01.18 00:17:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Dokumenty\Adobe Scripts
[2011.01.17 23:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Data aplikací\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2011.01.17 23:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe
[2011.01.15 19:25:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Nabídka Start\Programy\WinXP Manager
[2011.01.15 19:25:41 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2011.01.15 18:37:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Data aplikací\ElevatedDiagnostics
[2011.01.15 15:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011.01.15 14:59:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2011.01.15 14:59:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2011.01.15 14:59:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2011.01.13 16:39:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2011.01.13 16:39:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2011.01.13 16:39:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2011.01.13 16:39:47 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2011.01.13 16:16:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\msmq
[2011.01.12 17:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Local Settings\Data aplikací\Nero_AG
[2011.01.12 17:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Local Settings\Data aplikací\Nero
[2011.01.11 16:27:07 | 000,000,000 | ---D | C] -- C:\TTDX
[2011.01.11 16:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Data aplikací\Publish Providers
[2011.01.11 16:18:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Data aplikací\NetMedia Providers
[2011.01.11 16:18:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Data aplikací\Sonic Foundry
[2011.01.11 16:13:31 | 000,665,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmoe.dll
[2011.01.11 16:13:31 | 000,438,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2011.01.11 16:13:30 | 001,683,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvcore2.dll
[2011.01.11 16:13:30 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe.dll
[2011.01.11 16:13:30 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx2.ocx
[2011.01.11 16:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sonic Foundry
[2011.01.11 16:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Sonic Foundry Setup
[2011.01.11 11:21:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Local Settings\Data aplikací\ABBYY
[2011.01.09 19:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Data aplikací\Nero
[2011.01.09 18:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011.01.09 18:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Nero
[2011.01.09 18:39:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Nero
[2011.01.09 12:03:45 | 000,664,064 | ---- | C] (CANON INC.) -- C:\Documents and Settings\--\Nabídka Start\Programy\Po spuštění\CSTBox.exe
[2011.01.08 20:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\FreeApps
[2011.01.08 20:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\FreeApp
[2011.01.08 17:19:44 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.01.08 17:19:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.01.08 17:19:44 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.01.07 15:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Firefly Studios
[2011.01.07 14:01:57 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011.01.04 22:49:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\--\Plocha
[2010.12.29 14:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Firefly Studios
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.24 20:22:03 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{51CFA3EA-DC95-4795-8228-1D9C1ADB4157}.job
[2011.01.24 20:22:03 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F657FCBC-15DD-4DF9-B8EA-107EC8644767}.job
[2011.01.24 20:13:58 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\--\Plocha\OTL.exe
[2011.01.24 20:09:01 | 000,025,433 | -H-- | M] () -- C:\Documents and Settings\--\Data aplikací\--log.dat
[2011.01.24 20:02:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.24 19:59:55 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.24 19:59:55 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011.01.24 19:59:54 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2011.01.24 19:59:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.24 19:59:32 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.24 18:33:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.24 18:18:02 | 000,152,381 | ---- | M] () -- C:\Documents and Settings\--\Plocha\test.JPG
[2011.01.23 15:57:54 | 000,000,327 | -HS- | M] () -- C:\boot.ini
[2011.01.22 18:20:51 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.22 18:07:03 | 004,159,359 | R--- | M] () -- C:\Documents and Settings\--\Plocha\ComboFix.exe
[2011.01.20 11:47:06 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.19 16:12:19 | 000,124,416 | ---- | M] () -- C:\Documents and Settings\--\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.18 17:01:17 | 000,253,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.18 12:48:52 | 000,498,334 | ---- | M] () -- C:\WINDOWS\System32\prfh0405.dat
[2011.01.18 12:48:52 | 000,481,792 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.18 12:48:52 | 000,100,990 | ---- | M] () -- C:\WINDOWS\System32\prfc0405.dat
[2011.01.18 12:48:52 | 000,080,212 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.18 11:54:03 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-DOMA---.job
[2011.01.18 11:43:44 | 000,001,657 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Photoshop Elements 9.lnk
[2011.01.17 23:01:10 | 000,000,952 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PhotoshopdotcomInspirationBrowser.lnk
[2011.01.16 12:08:45 | 000,002,479 | ---- | M] () -- C:\Documents and Settings\--\Plocha\WinXP Manager.lnk
[2011.01.15 19:50:09 | 000,156,910 | ---- | M] () -- C:\WINDOWS\WMSysPr8.prx
[2011.01.15 19:48:36 | 000,004,249 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011.01.15 14:59:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.01.15 14:50:21 | 000,498,334 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.15 14:50:21 | 000,100,990 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.14 12:17:57 | 000,002,234 | ---- | M] () -- C:\Documents and Settings\--\Plocha\Google Chrome.lnk
[2011.01.13 11:31:38 | 000,634,182 | ---- | M] () -- C:\Documents and Settings\--\Dokumenty\img003.jpg
[2011.01.11 20:22:38 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\--\Plocha\FormatFactory.lnk
[2011.01.11 15:34:02 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\--\Plocha\BitComet.lnk
[2011.01.09 19:39:42 | 000,002,727 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart 10.lnk
[2011.01.09 19:37:07 | 000,002,667 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero Burning ROM 10.lnk
[2011.01.09 19:09:57 | 000,002,843 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero BackItUp 10.lnk
[2011.01.09 18:44:59 | 000,002,140 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero Vision 10.lnk
[2011.01.09 18:43:40 | 000,002,188 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero MediaHub 10.lnk
[2011.01.08 17:26:54 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\--\Plocha\RegSupreme Pro.lnk
[2011.01.07 15:43:20 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\--\Plocha\Zástupce - autoplay.lnk
[2011.01.07 14:01:57 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011.01.02 10:35:06 | 000,000,670 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.01.01 20:10:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.24 18:18:02 | 000,152,381 | ---- | C] () -- C:\Documents and Settings\--\Plocha\test.JPG
[2011.01.22 18:13:52 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.01.22 18:13:49 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.01.22 18:10:46 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.22 18:10:46 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.22 18:10:46 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.22 18:10:46 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.22 18:10:46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.22 18:07:03 | 004,159,359 | R--- | C] () -- C:\Documents and Settings\--\Plocha\ComboFix.exe
[2011.01.18 12:48:52 | 000,498,334 | ---- | C] () -- C:\WINDOWS\System32\prfh0405.dat
[2011.01.18 12:48:52 | 000,100,990 | ---- | C] () -- C:\WINDOWS\System32\prfc0405.dat
[2011.01.18 11:54:03 | 000,000,336 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-DOMA---.job
[2011.01.18 11:43:44 | 000,001,663 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Photoshop Elements 9.lnk
[2011.01.18 11:43:43 | 000,001,657 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Photoshop Elements 9.lnk
[2011.01.17 23:01:10 | 000,000,952 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\PhotoshopdotcomInspirationBrowser.lnk
[2011.01.17 22:48:16 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe ExtendScript Toolkit CS5.lnk
[2011.01.17 22:48:00 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Help.lnk
[2011.01.15 19:25:43 | 000,002,479 | ---- | C] () -- C:\Documents and Settings\--\Plocha\WinXP Manager.lnk
[2011.01.13 16:40:00 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011.01.13 16:40:00 | 000,005,379 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.h
[2011.01.13 16:39:59 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011.01.13 16:39:59 | 000,002,024 | ---- | C] () -- C:\WINDOWS\System32\axctrnm.h
[2011.01.13 16:39:58 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011.01.13 16:39:57 | 000,003,276 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.h
[2011.01.13 16:39:49 | 000,107,882 | ---- | C] () -- C:\WINDOWS\System32\mib_ii.mib
[2011.01.13 16:39:49 | 000,049,275 | ---- | C] () -- C:\WINDOWS\System32\wfospf.mib
[2011.01.13 16:39:49 | 000,048,593 | ---- | C] () -- C:\WINDOWS\System32\hostmib.mib
[2011.01.13 16:39:49 | 000,038,608 | ---- | C] () -- C:\WINDOWS\System32\nipx.mib
[2011.01.13 16:39:49 | 000,034,317 | ---- | C] () -- C:\WINDOWS\System32\msiprip2.mib
[2011.01.13 16:39:49 | 000,030,448 | ---- | C] () -- C:\WINDOWS\System32\mcastmib.mib
[2011.01.13 16:39:49 | 000,026,236 | ---- | C] () -- C:\WINDOWS\System32\wins.mib
[2011.01.13 16:39:49 | 000,026,100 | ---- | C] () -- C:\WINDOWS\System32\lmmib2.mib
[2011.01.13 16:39:49 | 000,021,386 | ---- | C] () -- C:\WINDOWS\System32\mipx.mib
[2011.01.13 16:39:49 | 000,020,079 | ---- | C] () -- C:\WINDOWS\System32\http.mib
[2011.01.13 16:39:49 | 000,016,617 | ---- | C] () -- C:\WINDOWS\System32\authserv.mib
[2011.01.13 16:39:49 | 000,015,799 | ---- | C] () -- C:\WINDOWS\System32\ipforwd.mib
[2011.01.13 16:39:49 | 000,015,597 | ---- | C] () -- C:\WINDOWS\System32\accserv.mib
[2011.01.13 16:39:49 | 000,013,767 | ---- | C] () -- C:\WINDOWS\System32\msipbtp.mib
[2011.01.13 16:39:49 | 000,010,313 | ---- | C] () -- C:\WINDOWS\System32\mripsap.mib
[2011.01.13 16:39:49 | 000,006,179 | ---- | C] () -- C:\WINDOWS\System32\ftp.mib
[2011.01.13 16:39:49 | 000,004,597 | ---- | C] () -- C:\WINDOWS\System32\dhcp.mib
[2011.01.13 16:39:49 | 000,004,332 | ---- | C] () -- C:\WINDOWS\System32\smi.mib
[2011.01.13 16:39:49 | 000,000,698 | ---- | C] () -- C:\WINDOWS\System32\inetsrv.mib
[2011.01.13 16:39:49 | 000,000,581 | ---- | C] () -- C:\WINDOWS\System32\msft.mib
[2011.01.13 16:39:48 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2011.01.13 16:39:48 | 000,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2011.01.13 11:53:24 | 000,634,182 | ---- | C] () -- C:\Documents and Settings\--\Dokumenty\img003.jpg
[2011.01.11 20:22:38 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\--\Plocha\FormatFactory.lnk
[2011.01.11 16:13:32 | 000,156,910 | ---- | C] () -- C:\WINDOWS\WMSysPr8.prx
[2011.01.11 15:34:02 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\--\Plocha\BitComet.lnk
[2011.01.09 18:46:14 | 000,002,727 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero StartSmart 10.lnk
[2011.01.09 18:44:59 | 000,002,140 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero Vision 10.lnk
[2011.01.09 18:43:40 | 000,002,188 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero MediaHub 10.lnk
[2011.01.09 18:41:50 | 000,002,843 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero BackItUp 10.lnk
[2011.01.09 18:41:16 | 000,002,667 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nero Burning ROM 10.lnk
[2011.01.09 12:17:27 | 000,000,370 | ---- | C] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2011.01.08 17:26:54 | 000,000,697 | ---- | C] () -- C:\Documents and Settings\--\Plocha\RegSupreme Pro.lnk
[2011.01.07 15:43:20 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\--\Plocha\Zástupce - autoplay.lnk
[2011.01.05 11:32:23 | 000,002,234 | ---- | C] () -- C:\Documents and Settings\--\Plocha\Google Chrome.lnk
[2011.01.01 19:56:28 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.08.25 15:30:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010.08.25 12:16:35 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010.04.29 12:47:37 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.04.24 17:55:44 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010.04.14 15:44:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010.03.28 18:14:20 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.11.12 12:48:58 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\StarOpen.sys
[2009.10.31 12:21:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\HKLock.dll
[2009.10.31 12:21:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\HKLock.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.02.23 17:10:25 | 000,000,033 | ---- | C] () -- C:\WINDOWS\LVMMail.INI
[2008.05.26 22:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.06.11 00:18:51 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2006.03.18 15:16:59 | 000,124,416 | ---- | C] () -- C:\Documents and Settings\--\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.03.11 18:51:18 | 000,017,191 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005.12.24 13:41:14 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2005.12.23 17:54:07 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.12.23 09:14:16 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.12.23 08:50:02 | 000,000,670 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2005.12.23 08:49:26 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\--\Local Settings\Data aplikací\fusioncache.dat
[2005.12.23 01:33:46 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.12.23 00:52:42 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.12.23 00:52:38 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.10.29 01:09:19 | 000,025,433 | -H-- | C] () -- C:\Documents and Settings\--\Data aplikací\--log.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.03.21 13:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[1999.01.27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

pokračování OTL.

========== LOP Check ==========

[2005.12.24 13:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ACD Systems
[2010.03.30 14:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Azureus
[2011.01.19 13:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\BitComet
[2010.03.31 16:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Canneverbe Limited
[2010.03.17 13:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Change
[2011.01.18 00:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.14 13:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\CometNetwork
[2010.12.17 11:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\CometPlayer
[2010.03.28 18:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\DAEMON Tools Lite
[2011.01.15 18:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ElevatedDiagnostics
[2010.08.25 13:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Epson
[2009.07.31 14:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ICQ
[2009.06.06 21:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ICQ Toolbar
[2010.03.24 20:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\IObit
[2011.01.11 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\NetMedia Providers
[2011.01.17 23:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2011.01.11 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Publish Providers
[2011.01.08 16:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\tigerplayer
[2010.03.17 13:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\TrueCrypt
[2009.06.13 14:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\TuneUp Software
[2010.03.25 16:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Windows Desktop Search
[2010.03.25 16:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Windows Search
[2005.12.23 08:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.03.28 19:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Astroburn Lite
[2010.12.02 11:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Badoo
[2011.01.13 10:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2010.03.31 16:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2010.03.28 18:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.08.25 12:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2011.01.18 11:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\espionServerData
[2011.01.08 20:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FreeApp
[2009.06.06 22:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.03.24 18:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2011.01.18 11:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2009.06.13 14:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.06.13 14:45:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.03.20 11:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Data aplikací\TrueCrypt
[2011.01.24 19:59:54 | 000,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job
[2011.01.24 19:59:55 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2011.01.24 20:22:03 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{51CFA3EA-DC95-4795-8228-1D9C1ADB4157}.job
[2011.01.24 20:22:03 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F657FCBC-15DD-4DF9-B8EA-107EC8644767}.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2007.07.30 16:24:57 | 000,068,856 | ---- | M] (Google Inc.)
"Advanced SystemCare 3" = "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup -- [2010.12.16 16:19:34 | 002,402,512 | ---- | M] (IObit)
"Google Update" = "C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.10.20 11:28:20 | 000,136,176 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.12.03 16:46:34 | 014,944,136 | R--- | M] (Skype Technologies S.A.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.12.20 17:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2005.12.24 13:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ACD Systems
[2011.01.19 15:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Adobe
[2010.03.26 11:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Ahead
[2010.03.19 18:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ATI
[2010.03.30 14:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Azureus
[2011.01.19 13:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\BitComet
[2010.03.31 16:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Canneverbe Limited
[2010.03.17 13:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Change
[2011.01.18 00:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.14 13:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\CometNetwork
[2010.12.17 11:11:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\CometPlayer
[2006.12.22 16:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\CyberLink
[2010.03.28 18:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\DAEMON Tools Lite
[2011.01.15 18:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ElevatedDiagnostics
[2010.08.25 13:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Epson
[2006.10.31 01:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Google
[2005.12.23 20:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Help
[2009.07.31 14:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ICQ
[2009.06.06 21:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\ICQ Toolbar
[2010.12.05 19:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Identities
[2010.03.19 16:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\InstallShield
[2010.03.24 20:36:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\IObit
[2006.02.06 18:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Macromedia
[2010.04.29 13:13:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\--\Data aplikací\Microsoft
[2010.12.14 13:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Mozilla
[2011.01.09 19:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Nero
[2011.01.11 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\NetMedia Providers
[2011.01.17 23:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2011.01.11 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Publish Providers
[2011.01.24 20:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Skype
[2010.06.15 13:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\skypePM
[2011.01.11 16:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Sonic Foundry
[2006.02.18 13:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Sun
[2011.01.08 16:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\tigerplayer
[2010.03.17 13:45:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\TrueCrypt
[2009.06.13 14:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\TuneUp Software
[2010.03.25 16:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Windows Desktop Search
[2010.03.25 16:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\Windows Search
[2009.12.28 13:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\--\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2009.11.04 16:49:36 | 000,635,664 | ---- | M] (IObit) -- C:\Documents and Settings\--\Data aplikací\IObit\Common\TB_Helper.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_094D2999E03AF067E6C5DD.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_1324D739AAFBC438F5DF5F.exe
[2011.01.15 19:25:45 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_1AB13FACDDE6955FB8A230.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_424C98A5BFF6DCA1DAE5AA.exe
[2011.01.15 19:25:45 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_468CFA8A7E114B58D146CF.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_48052E75363D0C07BD1414.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_498497E0B3A19E434C34D4.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_4E163F42BA37980EA26431.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_5136A5F2DDCC0D3A910F9D.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_67C82776DA9B2BD2EB5CB6.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_6FEFF9B68218417F98F549.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_7572D79E3B577574CBB073.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_77654C49366B8066FC67A3.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_7E89081F3BF7470C4D96D2.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_8B7EEDD38F13EE503C777F.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_8FB306F005534A5F8F402B.exe
[2011.01.15 19:25:45 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_980D59E01FA54B6F16CD02.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_993F095DA040DDF2E96980.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_A3706132CB87E4F6FEBBC8.exe
[2011.01.15 19:25:45 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_CBE8F7724EE29FD3761298.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_CD14D44FFAEB27F11907E1.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_CE3B7AE2615BF6D60CFA40.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_D8815CCC03F12BBA2E8FF2.exe
[2011.01.15 19:25:45 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_DE23B4B754846A2F62380B.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_E3A6692DA78EA6348F46BB.exe
[2011.01.15 19:25:45 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_F4CF425756336027E951C6.exe
[2011.01.15 19:25:44 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}\_FBB40E0B40EF52A434900A.exe
[2010.04.29 13:13:10 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\--\Data aplikací\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2010.06.11 01:40:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 21:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.09.23 04:32:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.09.13 15:43:58 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2006.01.13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 20:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2004.05.18 09:55:26 | 000,074,112 | R--- | M] (VIA Technologies inc,.ltd) MD5=F199939205DCCC7836AE5AB8B5DD5E83 -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2010.11.06 01:23:36 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.28 18:34:07 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2005.12.23 01:30:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005.12.23 01:30:42 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.12.23 01:30:42 | 000,462,848 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2010.11.06 01:23:36 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.01.24 20:02:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< >

< >

< End of report >

a zde Extras.Txt

OTL Extras logfile created on: 24.1.2011 20:20:39 - Run 1
OTL by OldTimer - Version 3.2.20.5 Folder = C:\Documents and Settings\--\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): E:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 4,89 Gb Free Space | 16,70% Space Free | Partition Type: NTFS
Drive E: | 45,23 Gb Total Space | 41,25 Gb Free Space | 91,20% Space Free | Partition Type: NTFS

Computer Name: DOMA | User Name: -- | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"17469:TCP" = 17469:TCP:*:Enabled:BitComet 17469 TCP
"17469:UDP" = 17469:UDP:*:Enabled:BitComet 17469 UDP
"19744:TCP" = 19744:TCP:*:Enabled:BitComet 19744 TCP
"19744:UDP" = 19744:UDP:*:Enabled:BitComet 19744 UDP
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe" = C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe:*:Enabled:Game_Exe -- (FIreglow)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)
"C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe" = C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (http://www.BitComet.com)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B25271C-C90B-056F-B4B1-84DFCC905497}" = ATI Catalyst Install Manager
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Pomocník pro přihlášení ke službě Windows Live ID
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 22
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Ultra Edition
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{58E653BE-BD68-4D68-BB2E-3AE1B925AAD0}" = Labtec WebCam
"{5932A5C4-BB44-4CFB-AD66-1B826F4D788B}" = CDBurnerXP
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}" = WinXP Manager
"{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86EC42B5-346E-4BAB-948D-58E021EA4BD1}" = ATI Catalyst Control Center
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B7EF4BD8-CA13-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{STARSHIP_TROOPERS_30112005}" = Starship Troopers
"69083DC58646DE46A09847A522A1CC487F918039" = Balíček ovladače systému Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"9722CA1E8F72F362E93CBEC75A707FDABFC8D880" = Balíček ovladače systému Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BitComet" = BitComet 1.25
"CloneDVD.exe_is1" = CloneDVD 3.6
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.9
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX110_TX110 Uživatelská příručka" = Epson Stylus SX110_TX110 Manuál
"EPSON SX110 Series" = EPSON SX110 Series Printer Uninstall
"FormatFactory" = FormatFactory 2.20
"HijackThis" = HijackThis 2.0.2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"IrfanView" = IrfanView (remove only)
"LabtecDrv" = ##CAMERADRIVERNAME##
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"MpcStar" = MpcStar 4.9
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Picasa 3" = Picasa 3
"RegSupreme Pro_is1" = RegSupreme Pro 1.0
"Shockwave" = Shockwave
"Starship Troopers_is1" = Starship Troopers
"Sudden Strike II" = Sudden Strike II
"SZNToolbar" = Seznam Lištička
"Total Eclipse" = Total Eclipse
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"WheelMouse" = iOfficeWorks 7.80
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1004336348-651377827-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 10.12.2010 11:32:24 | Computer Name = DOMA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\User
Data\Temp\scoped_dir_3161\CRX_INSTALL\manifest.json failed, 00000005.

Error - 10.12.2010 11:34:37 | Computer Name = DOMA | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\User
Data\Temp\scoped_dir_3596\CRX_INSTALL\manifest.json failed, 00000005.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


zatím strašně moc děkuji

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.






Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Přeji dobrý den,
vše provedeno dle návodu a zde je ten log.

Automatická kontrola: dokončeno před 5 min. (události: 5, objekty: 224171, čas: 01:36:52)
25.1.2011 12:29:40 Úloha byla spuštěna
25.1.2011 12:35:33 Zjištěno: Trojan.Win32.Scar.djhp C:\Program Files\Canon\CSTBox.exe
25.1.2011 12:38:45 Úloha byla zastavena
25.1.2011 13:09:48 Úloha byla spuštěna
25.1.2011 14:46:40 Úloha byla dokončena
Dezinfikovat aktivní hrozby: dokončeno před 2 hod. (události: 7, objekty: 4115, čas: 00:11:37)
25.1.2011 12:38:45 Úloha byla spuštěna
25.1.2011 12:38:50 Zjištěno: Trojan.Win32.Scar.djhp C:\Program Files\Canon\CSTBox.exe
25.1.2011 12:39:17 Odstraněno: Trojan.Win32.Scar.djhp C:\Program Files\Canon\CSTBox.exe
25.1.2011 12:48:34 Zjištěno: Trojan.Win32.Scar.djhp C:\Documents and Settings\--\Nabídka Start\Programy\Po spuštění\CSTBox.exe
25.1.2011 12:48:46 Odstraněno: Trojan.Win32.Scar.djhp C:\Documents and Settings\--\Nabídka Start\Programy\Po spuštění\CSTBox.exe
25.1.2011 12:48:46 Odstraněno: Trojan.Win32.Scar.djhp C:\Documents and Settings\--\Nabídka Start\Programy\Po spuštění\CSTBox.exe
25.1.2011 12:50:22 Úloha byla dokončena


ještě jsem našel jeden problém a nevím co to je, mrkla by jste se mi na to?


http://img707.imageshack.us/i/testjs.jpg/

Zkoušel jste to zařízení přeinstalovat?
Pořád ta hláška vyskakuje? Jak je na tom pc?

dobrý večer, to zařízení jsem zkoušel přeinstalovat, ale požaduje to instalační cd, což bohužel nemám ani nevím co to je a jestli to nemám odinstalovat. Ta hláška od int. explorer už nevyskakuje, pc se chová poslušně, jenom trochu dýl nabíhá, ale to bude zřejmě věkem nebo programy které jsou spouštěny se startem? Je jich tam asi 15, ale já nevím, které bych mohl zastavit?

Poprosím o nový log ze Rsitu

tady je:


Logfile of random's system information tool 1.08 (written by random/random)
Run by -- at 2011-01-25 22:54:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (28%) free of 30 GB
Total RAM: 1535 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:54:40, on 25.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\OSD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\--\Local Settings\Temporary Internet Files\Content.IE5\3DA6SXA0\RSIT[1].exe
C:\Program Files\trend micro\--.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Policies\Explorer\Run: [CanoScan Toolbox Ver5.0] C:\Program Files\Canon\CSTBox.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: setup_9.0.0.722_25.01.2011_12-47[1].lnk = C:\Documents and Settings\--\Plocha\Virus Removal Tool\setup_9.0.0.722_25.01.2011_12-47[1]\startup.exe
O4 - Global Startup: Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Povolit program Bezdrátová klávesnice a myš Labtec.lnk = ?
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Hlede&j v ČR - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v &encyklopedii - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5108
O8 - Extra context menu item: Hledej ve &světě - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Hledej ve &zboží - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5107
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3845376781
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F1BE69-A1FD-42F9-8646-A9B06370D4E2}: NameServer = 62.129.50.20,62.129.32.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

--
End of file - 9477 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-DOMA---.job
C:\WINDOWS\tasks\AWC AutoSweep.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{51CFA3EA-DC95-4795-8228-1D9C1ADB4157}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F657FCBC-15DD-4DF9-B8EA-107EC8644767}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-02 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-12-08 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CE-3093-459C-B764-AEB2486F2273} - &Seznam Lištička - C:\Program Files\Seznam\Listicka\Toolbar.dll [2007-11-04 793960]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-02 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-02-10 241664]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-29 282624]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]
"RemoteControl"=E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-06-28 32768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-30 68856]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-12-16 2402512]
"Google Update"=C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"CanoScan Toolbox Ver5.0"=C:\Program Files\Canon\CSTBox.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Hlavní panel ATI CATALYST.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
Povolit program Bezdrátová klávesnice a myš Labtec.lnk - C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe

C:\Documents and Settings\--\Nabídka Start\Programy\Po spuštění
setup_9.0.0.722_25.01.2011_12-47[1].lnk - C:\Documents and Settings\--\Plocha\Virus Removal Tool\setup_9.0.0.722_25.01.2011_12-47[1]\startup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe"="C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe"="C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe:*:Enabled:Game_Exe"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-01-25 12:18:42 ----A---- C:\WINDOWS\system32\drivers\72449952.sys
2011-01-25 12:18:42 ----A---- C:\WINDOWS\system32\drivers\72449951.sys
2011-01-25 12:18:42 ----A---- C:\WINDOWS\system32\drivers\7244995.sys
2011-01-25 11:25:47 ----D---- C:\Program Files\CCleaner
2011-01-22 18:56:10 ----SHD---- C:\RECYCLER
2011-01-22 18:23:56 ----A---- C:\ComboFix.txt
2011-01-22 18:13:52 ----A---- C:\Boot.bak
2011-01-22 18:13:48 ----RASHD---- C:\cmdcons
2011-01-22 18:10:46 ----A---- C:\WINDOWS\zip.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\SWSC.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\SWREG.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\sed.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\PEV.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\NIRCMD.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\MBR.exe
2011-01-22 18:10:46 ----A---- C:\WINDOWS\grep.exe
2011-01-22 18:10:36 ----D---- C:\WINDOWS\ERDNT
2011-01-22 18:02:03 ----D---- C:\Qoobox
2011-01-22 13:55:49 ----D---- C:\Program Files\trend micro
2011-01-22 13:55:48 ----D---- C:\rsit
2011-01-18 11:57:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\espionServerData
2011-01-18 11:57:59 ----A---- C:\AdobeDebug.txt
2011-01-18 11:51:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2011-01-18 00:30:35 ----D---- C:\Documents and Settings\--\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-01-17 23:01:13 ----D---- C:\Documents and Settings\--\Data aplikací\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
2011-01-16 13:35:07 ----ASH---- C:\pagefile.sys
2011-01-15 19:25:41 ----D---- C:\Program Files\Yamicsoft
2011-01-15 18:37:56 ----D---- C:\Documents and Settings\--\Data aplikací\ElevatedDiagnostics
2011-01-15 15:01:21 ----D---- C:\Program Files\Common Files\Windows Live
2011-01-15 14:59:13 ----D---- C:\WINDOWS\system32\winrm
2011-01-15 14:59:13 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-01-15 14:59:08 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-01-15 14:59:05 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2011-01-15 14:58:51 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2011-01-13 16:40:00 ----N---- C:\WINDOWS\system32\w3ctrs.ini
2011-01-13 16:39:59 ----N---- C:\WINDOWS\system32\axperf.ini
2011-01-13 16:39:58 ----N---- C:\WINDOWS\system32\infoctrs.ini
2011-01-13 16:39:48 ----N---- C:\WINDOWS\system32\fxsperf.ini
2011-01-13 16:39:48 ----A---- C:\WINDOWS\system32\fxssend.exe
2011-01-13 16:39:48 ----A---- C:\WINDOWS\system32\fxsroute.dll
2011-01-13 16:39:48 ----A---- C:\WINDOWS\system32\fxsclntR.dll
2011-01-13 16:39:47 ----A---- C:\WINDOWS\system32\fxscfgwz.dll
2011-01-13 16:16:55 ----D---- C:\WINDOWS\system32\msmq
2011-01-12 12:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-11 16:27:07 ----D---- C:\TTDX
2011-01-11 16:18:51 ----D---- C:\Documents and Settings\--\Data aplikací\Publish Providers
2011-01-11 16:18:51 ----D---- C:\Documents and Settings\--\Data aplikací\NetMedia Providers
2011-01-11 16:18:46 ----D---- C:\Documents and Settings\--\Data aplikací\Sonic Foundry
2011-01-11 16:13:31 ----N---- C:\WINDOWS\system32\wmv8dmoe.dll
2011-01-11 16:13:31 ----N---- C:\WINDOWS\system32\wmv8dmod.dll
2011-01-11 16:13:30 ----N---- C:\WINDOWS\system32\wmvdmoe.dll
2011-01-11 16:13:30 ----N---- C:\WINDOWS\system32\wmvcore2.dll
2011-01-11 16:07:14 ----D---- C:\Program Files\Sonic Foundry
2011-01-11 16:06:15 ----D---- C:\Program Files\Sonic Foundry Setup
2011-01-09 19:05:09 ----D---- C:\Documents and Settings\--\Data aplikací\Nero
2011-01-09 18:40:11 ----D---- C:\Program Files\Common Files\Nero
2011-01-09 18:39:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2011-01-09 18:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2011-01-08 20:00:40 ----D---- C:\Program Files\FreeApps
2011-01-08 20:00:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\FreeApp
2011-01-08 17:19:44 ----N---- C:\WINDOWS\system32\javaws.exe
2011-01-08 17:19:44 ----N---- C:\WINDOWS\system32\javaw.exe
2011-01-08 17:19:44 ----N---- C:\WINDOWS\system32\java.exe
2011-01-07 14:01:57 ----N---- C:\WINDOWS\system32\CmdLineExt.dll
2010-12-29 14:30:13 ----D---- C:\Program Files\Firefly Studios

======List of files/folders modified in the last 1 months======

2011-01-25 22:49:33 ----HD---- C:\WINDOWS\inf
2011-01-25 22:49:33 ----D---- C:\WINDOWS
2011-01-25 22:42:53 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-25 22:28:58 ----D---- C:\Documents and Settings\--\Data aplikací\Skype
2011-01-25 22:04:58 ----D---- C:\WINDOWS\Temp
2011-01-25 20:06:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-25 14:57:48 ----SHD---- C:\System Volume Information
2011-01-25 14:57:48 ----D---- C:\WINDOWS\system32\Restore
2011-01-25 12:51:59 ----D---- C:\Program Files\Canon
2011-01-25 12:18:55 ----D---- C:\WINDOWS\system32\drivers
2011-01-25 11:54:07 ----D---- C:\Config.Msi
2011-01-25 11:52:52 ----SHD---- C:\WINDOWS\Installer
2011-01-25 11:52:15 ----D---- C:\Program Files\Common Files\Ahead
2011-01-25 11:52:14 ----D---- C:\WINDOWS\system32
2011-01-25 11:38:42 ----D---- C:\WINDOWS\Debug
2011-01-25 11:25:47 ----RD---- C:\Program Files
2011-01-23 15:57:54 ----ASH---- C:\boot.ini
2011-01-22 18:22:32 ----SD---- C:\WINDOWS\Tasks
2011-01-22 18:22:00 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-22 18:21:00 ----A---- C:\WINDOWS\system.ini
2011-01-22 18:20:51 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-22 18:17:59 ----D---- C:\WINDOWS\AppPatch
2011-01-22 18:17:53 ----D---- C:\Program Files\Common Files
2011-01-20 11:47:06 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-19 17:20:00 ----RSD---- C:\WINDOWS\assembly
2011-01-19 15:26:57 ----D---- C:\Documents and Settings\--\Data aplikací\Adobe
2011-01-19 13:39:12 ----D---- C:\Documents and Settings\--\Data aplikací\BitComet
2011-01-19 12:29:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-18 21:26:25 ----D---- C:\WINDOWS\system32\config
2011-01-18 12:20:43 ----D---- C:\Downloads
2011-01-18 12:16:27 ----D---- C:\Program Files\Google
2011-01-18 11:47:16 ----RSD---- C:\WINDOWS\Fonts
2011-01-18 11:47:04 ----D---- C:\Program Files\Common Files\Adobe
2011-01-18 11:45:19 ----D---- C:\Program Files\Adobe
2011-01-18 11:40:28 ----D---- C:\WINDOWS\WinSxS
2011-01-17 22:53:37 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-01-16 15:00:45 ----A---- C:\WINDOWS\win.ini
2011-01-15 20:22:13 ----D---- C:\Program Files\WinRAR
2011-01-15 19:49:50 ----RD---- C:\WINDOWS\Web
2011-01-15 19:48:36 ----AC---- C:\WINDOWS\ODBCINST.INI
2011-01-15 19:48:23 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-15 19:46:14 ----D---- C:\WINDOWS\system32\ias
2011-01-15 19:46:02 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-01-15 18:36:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-15 15:01:08 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-15 15:01:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-15 15:01:04 ----D---- C:\Program Files\Internet Explorer
2011-01-15 15:01:02 ----D---- C:\WINDOWS\ie8updates
2011-01-15 14:59:53 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-15 14:59:19 ----D---- C:\WINDOWS\Help
2011-01-15 14:59:13 ----D---- C:\WINDOWS\system32\wbem
2011-01-15 14:58:57 ----D---- C:\WINDOWS\security
2011-01-15 14:50:49 ----D---- C:\WINDOWS\system32\cs-cz
2011-01-15 14:50:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-15 14:44:26 ----D---- C:\WINDOWS\system32\en-US
2011-01-15 14:44:20 ----D---- C:\Program Files\Microsoft.NET
2011-01-15 13:54:47 ----A---- C:\WINDOWS\UPGRADE.TXT
2011-01-14 18:12:55 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-14 16:53:46 ----D---- C:\WINDOWS\repair
2011-01-14 16:53:37 ----D---- C:\WINDOWS\Registration
2011-01-13 16:42:02 ----D---- C:\Inetpub
2011-01-13 16:40:15 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-13 16:39:48 ----D---- C:\WINDOWS\addins
2011-01-13 12:07:42 ----D---- C:\WINDOWS\SHELLNEW
2011-01-13 10:25:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2011-01-12 12:15:00 ----N---- C:\WINDOWS\system32\MRT.exe
2011-01-09 18:48:21 ----D---- C:\WINDOWS\Cursors
2011-01-09 18:48:12 ----D---- C:\Program Files\Nero
2011-01-09 18:03:19 ----D---- C:\WINDOWS\system32\mui
2011-01-08 17:19:42 ----D---- C:\Program Files\Java
2011-01-08 16:24:10 ----D---- C:\Documents and Settings\--\Data aplikací\tigerplayer
2011-01-07 16:56:16 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-02 10:35:06 ----N---- C:\WINDOWS\wincmd.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 72449952;72449952 Boot Guard Driver; C:\WINDOWS\system32\DRIVERS\72449952.sys [2009-10-22 37392]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-28 691696]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-05-18 74112]
R1 72449951;72449951; C:\WINDOWS\system32\DRIVERS\72449951.sys [2009-09-25 128016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 11776]
R1 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 9548]
R1 setup_9.0.0.722_25.01.2011_12-47[1]drv;setup_9.0.0.722_25.01.2011_12-47[1]drv; C:\WINDOWS\system32\DRIVERS\7244995.sys [2009-10-09 315408]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-03-17 223432]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-02-11 13824]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-02-05 39488]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
R3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys []
S0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys []
S3 a8299dq8;a8299dq8; C:\WINDOWS\system32\drivers\a8299dq8.sys []
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-02-10 14336]
S3 awgxrddv;awgxrddv; C:\WINDOWS\system32\drivers\awgxrddv.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\--\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-13 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-13 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

-----------------EOF-----------------

Tyto složky znáte?
C:\WINDOWS\system32\msmq
C:\TTDX



Můžete omezit spouštění zbytečných programů po startu
- Stáhněte z mého podpisu program StartUpLite
- vypíše seznam zbytečně spouštěných programů po startu,
- vyberete které chcete zastavit,u nich zaškrtnete Disable a klikněte na Continue