VIRY.CZ

Dobrý den, prosím o kontrolu, notebook je velmi pomalý.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Správce at 2011-07-30 19:22:40
Microsoft® Windows Vista™ Home Premium
System drive C: has 10 GB (9%) free of 113 GB
Total RAM: 1014 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:14, on 30.7.2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\PixArt\PAC7311\Monitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Java\jre1.6.0\bin\javaw.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Users\Správce\Desktop\RSIT.exe
C:\Users\Správce\Desktop\RSIT.exe
C:\Program Files\trend micro\Správce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MyAshampoo - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\Windows\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/ins ... sVista.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0EAD270-4E10-4AC1-8970-F943C56A4C8D}: NameServer = 77.48.48.48,77.48.49.50
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1cacfe27ef83001) (gupdate1cacfe27ef83001) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10110 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Internet Security - Prověřit tento počítač - Správce.job
C:\Windows\tasks\Norton Security Scan for Správce.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
prefs.js - "extensions.enabledItems" - "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0, engine@conduit.com:3.2.5.2, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2475029&q="

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Photosynth,version=2.0]
"Description"=
"Path"=C:\Program Files\Photosynth\npPhotosynthMozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1]
"Description"=Rhapsody Control
"Path"=C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}-trash

C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-12-07 96872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-29 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\prxtbMyA0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\prxtbMyA0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2009-07-22 341312]
"PAC7311_Monitor"=C:\Windows\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]
"MSConfig"=C:\Windows\system32\msconfig.exe [2006-11-02 222208]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-08-11 1006264]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-06-24 20880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-28 212992]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"VIDC.IV41"=ir41_32.ax
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.XVID"=xvidvfw.dll
"msacm.l3codec"=l3codecp.acm

======List of files/folders created in the last 1 month======

2011-07-30 19:12:34 ----D---- C:\Program Files\trend micro
2011-07-30 19:12:29 ----D---- C:\rsit
2011-07-26 21:11:43 ----D---- C:\Users\Správce\AppData\Roaming\Telefónica Móviles
2011-07-26 21:10:28 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2011-07-26 21:10:28 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2011-07-26 21:10:28 ----A---- C:\Windows\system32\drivers\ewusbdev.sys
2011-07-26 21:10:28 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2011-07-26 21:09:38 ----D---- C:\Program Files\O2
2011-07-23 15:32:13 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-07-23 15:30:43 ----A---- C:\Windows\avastSS.scr
2011-07-23 15:29:09 ----D---- C:\Program Files\AVAST Software
2011-07-23 15:27:44 ----D---- C:\ProgramData\AVAST Software
2011-07-19 17:59:13 ----D---- C:\Program Files\FreeTime
2011-07-17 15:28:38 ----D---- C:\Users\Správce\AppData\Roaming\URSE Games
2011-07-17 15:27:02 ----D---- C:\Users\Správce\AppData\Roaming\wrapper
2011-07-17 15:25:44 ----D---- C:\Program Files\Na Divokem zapade
2011-07-15 22:43:42 ----D---- C:\Windows\system32\System32
2011-07-14 18:14:38 ----D---- C:\Users\Správce\AppData\Roaming\PhotoFiltre Studio X
2011-07-14 18:13:46 ----D---- C:\Program Files\PhotoFiltre Studio X
2011-07-14 10:13:40 ----D---- C:\79d5dff6608918cdbb0c
2011-07-04 10:38:09 ----D---- C:\Program Files\Common Files\Adobe

======List of files/folders modified in the last 1 month======

2011-07-30 19:23:05 ----D---- C:\Windows\Temp
2011-07-30 19:12:34 ----RD---- C:\Program Files
2011-07-30 19:06:11 ----D---- C:\Users\Správce\AppData\Roaming\Spyware Terminator
2011-07-30 19:05:06 ----D---- C:\Program Files\Spyware Terminator
2011-07-30 16:28:32 ----D---- C:\Program Files\JDownloader
2011-07-30 16:07:50 ----D---- C:\Windows\System32
2011-07-30 16:07:50 ----D---- C:\Windows\inf
2011-07-30 16:07:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-29 22:20:43 ----D---- C:\Users\Správce\AppData\Roaming\ICQ
2011-07-29 22:02:35 ----D---- C:\Users\Správce\AppData\Roaming\Skype
2011-07-29 20:49:05 ----D---- C:\Users\Správce\AppData\Roaming\skypePM
2011-07-29 19:50:50 ----SHD---- C:\System Volume Information
2011-07-27 16:51:00 ----D---- C:\Windows\ModemLogs
2011-07-27 16:46:30 ----AD---- C:\Windows
2011-07-26 21:13:23 ----SD---- C:\Users\Správce\AppData\Roaming\Microsoft
2011-07-26 21:10:28 ----D---- C:\Windows\system32\drivers
2011-07-26 21:10:28 ----D---- C:\Windows\system32\catroot
2011-07-24 17:22:33 ----D---- C:\Windows\system32\catroot2
2011-07-23 15:43:01 ----D---- C:\Windows\Prefetch
2011-07-23 15:39:54 ----D---- C:\Program Files\Alwil Software
2011-07-23 15:31:42 ----SHD---- C:\Windows\Installer
2011-07-23 15:27:44 ----HD---- C:\ProgramData
2011-07-22 11:52:06 ----D---- C:\ProgramData\Spyware Terminator
2011-07-17 17:51:59 ----D---- C:\Windows\Debug
2011-07-17 15:26:43 ----D---- C:\Users\Správce\AppData\Roaming\Špidla Data Processing, s.r.o
2011-07-17 15:26:43 ----D---- C:\ProgramData\Špidla Data Processing, s.r.o
2011-07-14 18:14:40 ----D---- C:\Users\Správce\AppData\Roaming\Identities
2011-07-14 10:15:55 ----A---- C:\Windows\system32\mrt.exe
2011-07-04 13:43:51 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-04 10:38:41 ----D---- C:\ProgramData\Adobe
2011-07-04 10:38:09 ----D---- C:\Program Files\Common Files
2011-07-04 10:38:09 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2006-07-28 19456]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\Windows\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-02-03 717296]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2006-10-05 16768]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-09-02 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20081106.001\IDSvix86.sys [2008-09-12 270384]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-05-08 142592]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-24 185744]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 hwpsgt;hwpsgt; C:\Windows\system32\DRIVERS\hwpsgt.sys [2009-01-08 137344]
R2 lemsgt;lemsgt; C:\Windows\system32\DRIVERS\lemsgt.sys [2009-01-08 9472]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-02 99376]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-10-25 36640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081106.004\NAVENG.SYS [2008-08-20 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081106.004\NAVEX15.SYS [2008-08-20 873552]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-08-11 82432]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2006-10-24 11792]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-08-10 123952]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2006-10-24 144784]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2006-10-24 38928]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2006-10-24 37008]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-24 26384]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 a3aa4e4t;a3aa4e4t; C:\Windows\system32\drivers\a3aa4e4t.sys []
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2011-01-29 20032]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-04 4682]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
S3 PAC7311;Trust Webcam Live; C:\Windows\system32\DRIVERS\PA707UCM.SYS [2007-03-14 449024]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-07-27 47360]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\Windows\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\Windows\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\Windows\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2010-08-27 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2010-08-27 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2010-08-27 123648]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM); C:\Windows\system32\DRIVERS\ssceserd.sys [2010-08-27 100352]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2006-11-02 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-03-26 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-01-04 587096]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-10-25 217088]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-25 107624]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-05-08 496128]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-08-10 1251720]
S2 gupdate1cacfe27ef83001;Služba Google Update (gupdate1cacfe27ef83001); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-30 133104]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-10-13 49296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-30 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ISPwdSvc;Symantec IS Password Validation; C:\Program Files\Norton Internet Security\isPwdSvc.exe [2006-10-27 80552]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-06-06 3819912]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

-----------------EOF-----------------

Zdravim a pekny den preji

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL logfile created on: 31.7.2011 10:25:37 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Správce\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1013,50 Mb Total Physical Memory | 155,22 Mb Available Physical Memory | 15,32% Memory free
2,22 Gb Paging File | 1,05 Gb Available in Paging File | 47,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110,32 Gb Total Space | 12,47 Gb Free Space | 11,31% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA | User Name: Správce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.07.31 10:19:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Správce\Desktop\OTL.exe
PRC - [2011.07.04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.06.24 16:04:23 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.24 08:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2009.07.22 18:09:54 | 000,341,312 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007.01.18 15:46:56 | 004,349,952 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC7311\Monitor.exe

========== Modules (SafeList) ==========

MOD - [2011.07.31 10:19:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Správce\Desktop\OTL.exe
MOD - [2011.07.04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2006.11.02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.08 10:16:38 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.10.25 11:03:52 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.06.06 18:32:00 | 003,819,912 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.08.11 09:41:03 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.08.10 18:41:46 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008.01.04 13:27:08 | 000,587,096 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2007.09.26 16:23:48 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007.09.26 16:23:48 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Plánovač automatické aktualizace LiveUpdate)
SRV - [2007.02.02 14:56:52 | 000,118,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006.12.19 23:15:44 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006.11.14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006.10.27 01:18:36 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006.10.25 00:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006.10.25 00:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006.10.25 00:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006.10.25 00:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006.10.13 16:29:12 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006.09.20 19:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

========== Driver Services (SafeList) ==========

DRV - [2011.07.04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.07.04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.07.04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.07.04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.07.04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.07.04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.05.08 10:16:38 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.01.29 18:00:20 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.10.25 11:03:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.08.27 06:32:30 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010.08.27 06:32:30 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssceserd.sys -- (ssceserd) SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM)
DRV - [2010.08.27 06:32:30 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010.08.27 06:32:30 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2009.12.15 14:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.10.06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.03 20:15:46 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.01.08 19:43:25 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hwpsgt.sys -- (hwpsgt)
DRV - [2009.01.08 19:43:05 | 000,009,472 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lemsgt.sys -- (lemsgt)
DRV - [2008.09.12 09:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20081106.001\IDSvix86.sys -- (IDSvix86)
DRV - [2008.09.02 10:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008.09.02 10:00:00 | 000,099,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.20 10:00:00 | 000,873,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20081106.004\NAVEX15.SYS -- (NAVEX15)
DRV - [2008.08.20 10:00:00 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20081106.004\NAVENG.SYS -- (NAVENG)
DRV - [2008.08.10 18:43:01 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007.11.30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007.11.30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007.11.30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007.06.25 11:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117obex.sys -- (s117obex)
DRV - [2007.06.25 11:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007.06.25 11:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.25 11:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007.06.25 11:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007.06.25 11:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007.06.25 11:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007.03.14 10:57:56 | 000,449,024 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2007.01.23 16:25:36 | 000,689,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007.01.18 16:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2007.01.13 10:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.01.12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006.11.28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.04 10:35:50 | 000,059,392 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006.11.02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006.10.24 14:40:22 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006.10.24 14:40:22 | 000,144,784 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2006.10.24 14:40:22 | 000,038,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2006.10.24 14:40:22 | 000,037,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2006.10.24 14:40:22 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2006.10.24 14:40:22 | 000,011,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.06 15:26:16 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006.10.05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006.08.30 10:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006.07.28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2006.07.10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006.07.06 14:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006.07.05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.01.04 02:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)
DRV - [2004.08.09 13:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 13:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2475029&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Photosynth,version=2.0: C:\Program Files\Photosynth\npPhotosynthMozilla.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.10.18 16:34:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.28 11:38:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.07.23 15:31:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.24 16:04:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.04 10:39:24 | 000,000,000 | ---D | M]

[2008.08.27 21:11:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Správce\AppData\Roaming\Mozilla\Extensions
[2011.07.30 22:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\extensions
[2010.08.18 17:10:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.23 19:17:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.04 21:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}-trash
[2010.12.15 17:12:32 | 000,000,923 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\conduit.xml
[2011.07.17 22:33:35 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-1.xml
[2009.04.26 09:35:47 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-10.xml
[2009.04.30 16:45:10 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-11.xml
[2009.06.15 13:58:36 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-12.xml
[2009.07.29 11:47:20 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-13.xml
[2009.08.12 12:30:05 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-14.xml
[2011.04.30 11:12:58 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-15.xml
[2011.06.24 16:05:54 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-16.xml
[2008.09.26 17:19:56 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-2.xml
[2008.09.27 20:02:00 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-3.xml
[2008.11.14 21:07:52 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-4.xml
[2008.12.22 18:41:52 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-5.xml
[2009.02.05 20:10:05 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-6.xml
[2009.02.05 21:08:33 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-7.xml
[2009.03.05 21:15:06 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-8.xml
[2009.04.01 17:09:56 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-9.xml
[2011.06.20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin.gif
[2011.06.20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin.src
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin.xml
[2009.01.15 19:48:59 | 000,003,915 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\sweetim.xml
[2011.04.08 18:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.02.05 21:08:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) --
[2011.07.23 15:31:04 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\SPRĂˇVCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJJIMQWG.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\SPRĂˇVCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJJIMQWG.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
[2011.06.24 16:04:23 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PAC7311_Monitor] C:\Windows\PixArt\PAC7311\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} http://h20264.www2.hp.com/ediags/dd/ins ... sVista.cab (HPDDClientExec Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.48.48.48 77.48.49.50
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Správce\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Správce\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1d08a9a7-9647-11de-83d7-001b38461f30}\Shell\AutoRun\command - "" = F:\Launcher.exe
O33 - MountPoints2\{4132eb58-b7b9-11e0-a709-001b38461f30}\Shell - "" = AutoRun
O33 - MountPoints2\{4132eb58-b7b9-11e0-a709-001b38461f30}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e50a8007-d1fd-11dd-a6ec-001b38461f30}\Shell - "" = AutoRun
O33 - MountPoints2\{e50a8007-d1fd-11dd-a6ec-001b38461f30}\Shell\AutoRun\command - "" = D:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2011.07.31 10:18:58 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Správce\Desktop\OTL.exe
[2011.07.30 19:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.30 19:12:29 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 21:11:43 | 000,000,000 | ---D | C] -- C:\Users\Správce\AppData\Roaming\Telefónica Móviles
[2011.07.26 21:10:28 | 000,112,640 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2011.07.26 21:10:28 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2011.07.26 21:10:28 | 000,101,120 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2011.07.26 21:10:28 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2011.07.26 21:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O2
[2011.07.26 21:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\O2
[2010.07.27 18:13:08 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Správce\AppData\Roaming\pcouffin.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Users\Správce\AppData\Local\*.tmp files -> C:\Users\Správce\AppData\Local\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.07.31 10:24:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.31 10:22:23 | 000,206,848 | ---- | M] () -- C:\Users\Správce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.31 10:19:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Správce\Desktop\OTL.exe
[2011.07.31 10:06:55 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.31 10:06:38 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.31 10:06:38 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.31 10:06:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.31 10:06:17 | 1063,378,944 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.30 22:07:35 | 736,022,528 | ---- | M] () -- C:\Users\Správce\Desktop\Sucker-punch---SUCKER-PUNCH-scifi-horor-cz-dub.avi
[2011.07.30 19:10:32 | 000,781,383 | ---- | M] () -- C:\Users\Správce\Desktop\RSIT.exe
[2011.07.30 16:07:51 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.07.30 16:07:50 | 000,473,598 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.07.30 16:07:50 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.07.30 16:07:50 | 000,081,404 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.07.29 20:02:25 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Prověřit tento počítač - Správce.job
[2011.07.27 20:29:03 | 000,000,000 | ---- | M] () -- C:\Users\Správce\AppData\Local\{1635876C-5E98-404B-9A23-57D7591F3BF0}
[2011.07.26 21:10:46 | 000,000,837 | ---- | M] () -- C:\Users\Public\Desktop\O2 Průvodce připojením.lnk
[2011.07.25 22:04:17 | 000,002,662 | ---- | M] () -- C:\Users\Správce\Documents\cc_20110725_220411.reg
[2011.07.24 11:50:19 | 000,113,878 | ---- | M] () -- C:\Users\Správce\Desktop\unonavodcz.pdf
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Users\Správce\AppData\Local\*.tmp files -> C:\Users\Správce\AppData\Local\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.30 19:09:56 | 000,781,383 | ---- | C] () -- C:\Users\Správce\Desktop\RSIT.exe
[2011.07.30 16:32:06 | 736,022,528 | ---- | C] () -- C:\Users\Správce\Desktop\Sucker-punch---SUCKER-PUNCH-scifi-horor-cz-dub.avi
[2011.07.27 20:28:37 | 000,000,000 | ---- | C] () -- C:\Users\Správce\AppData\Local\{1635876C-5E98-404B-9A23-57D7591F3BF0}
[2011.07.26 21:10:46 | 000,000,837 | ---- | C] () -- C:\Users\Public\Desktop\O2 Průvodce připojením.lnk
[2011.07.25 22:04:13 | 000,002,662 | ---- | C] () -- C:\Users\Správce\Documents\cc_20110725_220411.reg
[2011.07.24 11:50:19 | 000,113,878 | ---- | C] () -- C:\Users\Správce\Desktop\unonavodcz.pdf
[2011.06.25 21:31:02 | 000,000,680 | ---- | C] () -- C:\Users\Správce\AppData\Local\d3d9caps.dat
[2011.05.08 10:16:38 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.15 13:50:10 | 000,000,510 | ---- | C] () -- C:\Windows\eReg.dat
[2011.01.29 18:00:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.01.29 18:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.29 18:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.29 18:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.29 18:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.12.29 13:22:50 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.12.29 13:22:50 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.07.27 18:19:31 | 000,001,057 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\vso_ts_preview.xml
[2010.07.27 18:13:08 | 000,087,608 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\inst.exe
[2010.07.27 18:13:08 | 000,007,887 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\pcouffin.cat
[2010.07.27 18:13:08 | 000,001,144 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\pcouffin.inf
[2010.04.06 16:43:32 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010.03.26 15:00:46 | 000,000,552 | ---- | C] () -- C:\Users\Správce\AppData\Local\d3d8caps.dat
[2010.02.17 21:12:39 | 000,561,152 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.02.17 21:12:39 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.02.17 21:12:39 | 000,135,168 | ---- | C] () -- C:\Windows\System32\DVDIFOFilter.dll
[2009.12.25 18:07:44 | 000,043,008 | ---- | C] () -- C:\Windows\System32\winbri21.dll
[2009.12.18 20:53:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.24 18:05:24 | 000,000,514 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2009.03.31 18:43:51 | 000,000,000 | ---- | C] () -- C:\Program Files\Krzyzacy.err
[2009.03.31 18:40:46 | 000,029,538 | ---- | C] () -- C:\Program Files\KEdytor.cnf
[2009.03.31 18:40:46 | 000,000,256 | ---- | C] () -- C:\Program Files\Krzyzacy.dat
[2009.03.31 18:40:44 | 001,392,640 | ---- | C] () -- C:\Program Files\MapEdit.exe
[2009.03.31 18:40:44 | 000,065,536 | ---- | C] () -- C:\Program Files\Light.dat
[2009.03.31 18:40:44 | 000,000,057 | ---- | C] () -- C:\Program Files\FreeMindSoftware.url
[2009.03.31 18:40:44 | 000,000,054 | ---- | C] () -- C:\Program Files\Krzyzacy.url
[2009.03.31 18:40:44 | 000,000,047 | ---- | C] () -- C:\Program Files\Cenega.url
[2009.03.31 18:40:43 | 004,194,304 | ---- | C] () -- C:\Program Files\Alpha.dat
[2009.03.31 18:40:43 | 000,856,064 | ---- | C] () -- C:\Program Files\Krzyzacy.exe
[2009.03.31 18:40:43 | 000,314,368 | ---- | C] () -- C:\Program Files\Setup.exe
[2009.03.31 18:40:43 | 000,238,119 | ---- | C] () -- C:\Program Files\Animation.dat
[2009.03.31 18:40:43 | 000,000,044 | ---- | C] () -- C:\Program Files\Krzyzacy.set
[2009.03.20 17:09:06 | 000,000,270 | ---- | C] () -- C:\Windows\DIDAKTA.INI
[2009.01.23 21:50:18 | 000,005,368 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\froggy_scorebox
[2009.01.23 21:50:18 | 000,000,932 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\pl_accounts.pl_acc
[2009.01.23 21:50:18 | 000,000,556 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\Troll.options
[2009.01.08 19:43:25 | 000,137,344 | ---- | C] () -- C:\Windows\System32\drivers\hwpsgt.sys
[2009.01.08 19:43:05 | 000,009,472 | ---- | C] () -- C:\Windows\System32\drivers\lemsgt.sys
[2009.01.01 15:52:22 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2008.10.12 16:46:33 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.09.16 20:27:06 | 000,000,324 | ---- | C] () -- C:\Users\Správce\AppData\Roaming\burnaware.ini
[2008.08.25 19:06:42 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll
[2008.08.25 19:06:40 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll
[2008.08.19 20:51:15 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008.08.13 12:26:21 | 000,206,848 | ---- | C] () -- C:\Users\Správce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.10 18:59:10 | 000,000,045 | -H-- | C] () -- C:\Windows\dvis6621.dat
[2008.08.10 16:31:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.12.14 11:32:52 | 000,012,632 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2007.03.29 09:06:53 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.03.29 09:06:53 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.03.29 09:06:53 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.03.29 09:06:53 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.03.29 09:06:53 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.03.29 09:06:53 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.03.29 08:57:05 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.03.29 08:37:33 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.03.29 08:37:33 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.03.29 08:37:33 | 000,010,129 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.03.29 08:37:33 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.03.29 08:31:03 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007.03.29 08:31:03 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007.03.29 08:22:51 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll
[2007.03.29 08:22:51 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.03.29 08:22:51 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2007.03.29 08:22:49 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007.01.31 14:48:36 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP7311.ini
[2007.01.08 23:09:29 | 000,473,598 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2007.01.08 23:09:29 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2007.01.08 23:09:29 | 000,081,404 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2007.01.08 23:09:29 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.24 07:48:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,301,000 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,610,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2005.11.23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2004.01.14 08:46:34 | 000,172,032 | ---- | C] () -- C:\Windows\System32\tifmicon.dll
[1997.06.14 04:56:08 | 000,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2009.09.26 19:38:55 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Alawar
[2009.04.16 16:44:57 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Artogon
[2011.03.26 21:14:33 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Ashampoo
[2010.01.14 20:15:52 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Atari
[2009.10.27 18:00:10 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Audacity
[2009.06.09 20:49:02 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\BeachPartyCraze
[2010.12.25 00:21:39 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009.02.03 20:23:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\DAEMON Tools
[2009.02.03 20:28:29 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\DAEMON Tools Lite
[2009.02.03 20:23:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\DAEMON Tools Pro
[2010.01.23 10:48:27 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\EleFun Games
[2010.01.25 14:06:30 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Friday's games
[2008.12.30 22:10:18 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Gaijin Ent
[2009.01.02 16:52:19 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\GamesFaction
[2009.02.17 21:58:13 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\GHISLER
[2010.02.17 18:53:46 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\GrabPro
[2011.06.28 11:38:14 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\gtk-2.0
[2011.07.29 22:20:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\ICQ
[2008.08.10 17:35:27 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\ICQ Toolbar
[2008.09.20 14:37:38 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\InterVideo
[2009.01.12 17:54:34 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\LANGMaster
[2008.12.24 23:19:57 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Leadertech
[2009.01.02 12:52:24 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\MagicBall3
[2010.05.16 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Meridian93
[2011.06.21 16:31:34 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Nokia
[2011.03.28 19:23:50 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\OpenOffice.org
[2010.02.17 20:09:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Orbit
[2009.09.06 13:29:30 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PC Suite
[2011.02.03 15:28:45 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PDF reDirect
[2009.06.30 22:03:23 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PetShowCraze
[2011.07.14 18:18:37 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PhotoFiltre Studio X
[2009.06.29 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PlayFirst
[2010.12.29 13:19:06 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Samsung
[2009.07.31 16:15:52 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\SprillBermudeChech
[2011.07.30 19:06:11 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Spyware Terminator
[2008.08.16 12:01:49 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\STORMWARE
[2011.07.26 21:11:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Telefónica Móviles
[2009.11.17 14:48:47 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\TMInc
[2008.08.10 12:15:57 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Toshiba
[2008.10.31 19:12:23 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Ulead Systems
[2011.07.17 15:28:38 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\URSE Games
[2010.07.27 18:27:28 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Vso
[2009.07.23 10:33:09 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\WinPatrol
[2011.07.17 15:28:35 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\wrapper
[2010.07.05 12:52:26 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Z-Software
[2009.01.01 14:49:56 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Zak&Jack
[2008.09.19 11:51:16 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Zoner
[2011.07.17 15:26:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Špidla Data Processing, s.r.o
[2011.07.30 22:08:56 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"KiesPDLR" = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2011.06.24 08:54:46 | 000,020,880 | ---- | M] ()

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.25 18:13:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Adobe
[2008.08.16 11:59:44 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\AdobeUM
[2009.09.26 19:38:55 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Alawar
[2009.04.16 16:44:57 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Artogon
[2011.03.26 21:14:33 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Ashampoo
[2010.01.14 20:15:52 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Atari
[2009.10.27 18:00:10 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Audacity
[2009.06.09 20:49:02 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\BeachPartyCraze
[2010.12.25 00:21:39 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009.02.03 20:23:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\DAEMON Tools
[2009.02.03 20:28:29 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\DAEMON Tools Lite
[2009.02.03 20:23:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\DAEMON Tools Pro
[2010.01.23 10:48:27 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\EleFun Games
[2010.01.25 14:06:30 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Friday's games
[2008.12.30 22:10:18 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Gaijin Ent
[2009.01.02 16:52:19 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\GamesFaction
[2009.02.17 21:58:13 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\GHISLER
[2009.12.27 18:41:51 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Google
[2010.02.17 18:53:46 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\GrabPro
[2011.06.28 11:38:14 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\gtk-2.0
[2011.07.29 22:20:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\ICQ
[2008.08.10 17:35:27 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\ICQ Toolbar
[2011.07.14 18:14:40 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Identities
[2009.03.17 20:01:44 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\InstallShield
[2008.09.20 14:37:38 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\InterVideo
[2009.01.12 17:54:34 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\LANGMaster
[2008.12.24 23:19:57 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Leadertech
[2008.08.10 17:01:29 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Macromedia
[2009.01.02 12:52:24 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\MagicBall3
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Media Center Programs
[2010.05.16 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Meridian93
[2011.07.26 21:13:23 | 000,000,000 | --SD | M] -- C:\Users\Správce\AppData\Roaming\Microsoft
[2008.08.27 21:11:21 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Mozilla
[2009.12.03 18:44:46 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\NCH Software
[2011.06.21 16:31:34 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Nokia
[2011.03.28 19:23:50 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\OpenOffice.org
[2011.03.28 17:49:18 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\OpenOffice.org2
[2010.02.17 20:09:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Orbit
[2009.09.06 13:29:30 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PC Suite
[2011.02.03 15:28:45 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PDF reDirect
[2009.06.30 22:03:23 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PetShowCraze
[2011.07.14 18:18:37 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PhotoFiltre Studio X
[2009.06.29 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\PlayFirst
[2009.12.28 21:55:01 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Real
[2010.12.29 13:19:06 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Samsung
[2010.03.18 15:04:03 | 000,000,000 | RH-D | M] -- C:\Users\Správce\AppData\Roaming\SecuROM
[2011.07.29 22:02:35 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Skype
[2011.07.29 20:49:05 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\skypePM
[2009.07.31 16:15:52 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\SprillBermudeChech
[2011.07.30 19:06:11 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Spyware Terminator
[2008.08.16 12:01:49 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\STORMWARE
[2011.07.26 21:11:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Telefónica Móviles
[2009.11.17 14:48:47 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\TMInc
[2008.08.10 12:15:57 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Toshiba
[2008.10.31 19:12:23 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Ulead Systems
[2011.07.17 15:28:38 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\URSE Games
[2010.07.27 18:27:28 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Vso
[2009.07.23 10:33:09 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\WinPatrol
[2008.09.16 13:27:46 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\WinRAR
[2011.07.17 15:28:35 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\wrapper
[2010.07.05 12:52:26 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Z-Software
[2009.01.01 14:49:56 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Zak&Jack
[2008.09.19 11:51:16 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Zoner
[2011.07.17 15:26:43 | 000,000,000 | ---D | M] -- C:\Users\Správce\AppData\Roaming\Špidla Data Processing, s.r.o

< %APPDATA%\*.exe /s >
[2010.07.27 18:27:27 | 000,087,608 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\inst.exe
[2008.08.21 13:28:05 | 000,010,134 | R--- | M] () -- C:\Users\Správce\AppData\Roaming\Microsoft\Installer\{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}\ARPPRODUCTICON.exe
[2011.01.31 03:01:42 | 087,340,080 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Správce\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe
[2010.02.17 18:40:43 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Správce\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.05.21 17:53:26 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Správce\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2011.01.24 19:57:18 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Správce\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2011.05.18 21:14:26 | 000,308,864 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Správce\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.00\rnupgagent.exe
[2011.01.30 00:17:04 | 000,075,112 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\DriverChecker.exe
[2011.01.30 00:11:32 | 000,888,120 | ---- | M] (Samsung) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.01.30 00:17:06 | 000,276,848 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.01.30 00:17:10 | 000,040,312 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesMobileDeviceService.exe
[2011.01.30 00:11:36 | 003,372,856 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.01.30 00:17:12 | 000,207,696 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\lame.exe
[2011.01.30 00:17:18 | 000,195,416 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\oggenc.exe
[2011.01.29 18:00:40 | 000,146,232 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2011.01.29 18:00:40 | 000,286,520 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.01.29 18:00:42 | 000,650,040 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.01.30 00:17:28 | 000,025,960 | ---- | M] (Teruten Inc) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\FsExService64.exe
[2011.01.30 00:17:32 | 000,222,568 | ---- | M] (Teruten) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\FsUsbExService.exe
[2011.01.30 00:17:36 | 000,142,696 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\FUSBCommander.exe
[2011.01.30 00:17:38 | 000,112,488 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\HSPConnection.exe
[2011.01.30 00:17:40 | 000,066,920 | ---- | M] (Samsung) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.01.30 00:11:42 | 000,131,384 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.01.30 00:16:58 | 000,016,216 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.01.30 00:11:46 | 004,660,904 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.01.30 00:17:44 | 000,226,648 | ---- | M] (ENJsoft corp.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\TransModules\SelfMV.exe
[2011.01.30 00:17:48 | 000,066,904 | ---- | M] (ENJsoft corp.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\TransModules\SelfMV2.exe
[2011.01.30 00:17:52 | 000,079,192 | ---- | M] (ENJsoft corp.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\TransModules\TG_CAM.exe
[2011.01.29 18:00:20 | 020,623,664 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.06.24 08:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Users\Správce\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2011.07.17 15:28:35 | 002,412,544 | -H-- | M] () -- C:\Users\Správce\AppData\Roaming\wrapper\game.exe
[2011.04.15 09:57:06 | 006,144,210 | ---- | M] (Spidla) -- C:\Users\Správce\AppData\Roaming\wrapper\Na Divokem zapade.exe
[2011.07.17 15:25:18 | 001,173,631 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\wrapper\unins000.exe

< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.08.11 09:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008.08.11 09:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.08.11 09:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.08.11 09:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\System32\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\drivers\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\System32\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.08.11 09:47:11 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.08.11 09:47:11 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2006.11.02 11:51:12 | 000,160,872 | ---- | M] (Microsoft Corporation) MD5=E3A21FC3407DA84C5FF41B5088A67C3B -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys

< MD5 for: KR10N.SYS >
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10i\KR10N.sys
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10n\KR10N.sys
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\drivers\KR10N.sys
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\DriverStore\FileRepository\kr10.inf_95888b8d\KR10N.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\System32\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\System32\drivers\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\System32\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.08.11 09:29:44 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.08.11 09:29:45 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SoftwareDistribution\Download\40f104edd8fff18ebca7c9e5389c3391\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\System32\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007.03.29 07:52:17 | 006,660,096 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007.03.29 07:52:15 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007.03.29 07:52:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007.03.29 07:52:26 | 015,712,256 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007.03.29 07:52:27 | 006,008,832 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.07.31 11:06:35 | 000,003,072 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.31 11:06:35 | 000,003,072 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.30 16:07:50 | 000,081,404 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.07.30 16:07:50 | 000,103,924 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.07.30 16:07:50 | 000,473,598 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.07.30 16:07:51 | 000,610,142 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.07.30 16:07:50 | 001,259,320 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

========== Files - Unicode (All) ==========
[2011.07.30 19:46:43 | 746,730,934 | ---- | M] ()(C:\Users\Správce\Desktop\Jsem-Ä?Aslo-Ä?tyA?i.CZ.avi.2011.avi) -- C:\Users\Správce\Desktop\Jsem-ÄÃslo-ÄtyÅi.CZ.avi.2011.avi
[2011.07.30 16:28:34 | 746,730,934 | ---- | C] ()(C:\Users\Správce\Desktop\Jsem-Ä?Aslo-Ä?tyA?i.CZ.avi.2011.avi) -- C:\Users\Správce\Desktop\Jsem-ÄÃslo-ÄtyÅi.CZ.avi.2011.avi

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:DB1EE0934B6FEB2C
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

OTL Extras logfile created on: 31.7.2011 10:25:37 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Správce\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1013,50 Mb Total Physical Memory | 155,22 Mb Available Physical Memory | 15,32% Memory free
2,22 Gb Paging File | 1,05 Gb Available in Paging File | 47,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110,32 Gb Total Space | 12,47 Gb Free Space | 11,31% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA | User Name: Správce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3660284919-2193007422-2339388231-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22628669-A66C-4408-9327-F8CF75621451}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2DF22C0F-77C1-4592-8AD8-D714BB92D03C}" = rport=138 | protocol=17 | dir=out | app=system |
"{48D66106-CD4D-4417-BA18-DC7CB6468002}" = lport=445 | protocol=6 | dir=in | app=system |
"{73C341EC-97D6-4F57-92BB-B159F7D55079}" = lport=137 | protocol=17 | dir=in | app=system |
"{8467AFEC-015F-4A4A-AF86-F7861E1527F0}" = lport=139 | protocol=6 | dir=in | app=system |
"{8F3D6492-33E7-4AEB-865B-F2A6CF5B68A4}" = rport=445 | protocol=6 | dir=out | app=system |
"{9D5AFFFB-7175-4530-893D-EDE12E91D216}" = lport=138 | protocol=17 | dir=in | app=system |
"{BDF3B282-5B54-4BCD-9C01-E15CA978B262}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C303921A-52BC-4855-8EED-3FCAA45A982C}" = rport=137 | protocol=17 | dir=out | app=system |
"{CA2E0723-4945-4C9F-B203-7DE894E003AE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DEEA7419-EE78-4690-916F-14DE8145B1A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{F90A65F0-4808-43F9-A82D-99714D168A95}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FC4E9045-B3D5-4564-AAD0-F042B0C3ED1F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FF87D9FA-6A24-4D6D-B582-3D9626327AC5}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3369D0ED-DCAB-49A8-BDE8-AA093CD00C0A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{38C6D8F8-5F01-4940-9704-1655CF126124}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4DDC620E-EA2C-40B3-AC12-108FE19997B3}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{61F49DE2-3E8D-4728-8119-B1ED9B6C6B49}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6B99E0BF-5FFF-4CBB-8A56-439FA8B9F5F3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{73C46BF6-884C-4022-AE45-963B5B9FD753}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{76916F46-1FC2-4736-A120-85CD09BD68EE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{76A9E61B-E052-451B-B162-D6270277ABC4}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{7E900AB4-EF09-4737-8A29-D664A01D3E58}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{88289A07-4BDD-4E93-B589-FA4128E2C422}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{8E655FB5-56B3-4811-9861-1EDA782103CA}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{A5E068D3-96D8-4230-BD48-63D5CB6EA64A}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{AE7A5F99-25A1-42A0-9B91-35D9890EBB26}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B412118B-DE57-49FE-8FBB-CE15A3637863}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{B65C1DD8-BC04-4983-AD8A-F27CFA47B248}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{CDBE58A5-313C-4A05-94CE-2C946E5B7CCC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5A2EC97-4742-4051-8E81-541568B7AC38}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{DDEAD98B-3077-46F3-B413-589F1B1F0877}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{11AED2AB-FB2B-4EA2-8A80-C550C0593BD4}C:\program files\metin2_tester\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2_tester\metin2client.bin |
"TCP Query User{12DA6FB2-9E9A-430E-A86A-48ECEA42CBC1}C:\users\správce\desktop\hry\epix-network\epix-network\metin2.exe" = protocol=6 | dir=in | app=c:\users\správce\desktop\hry\epix-network\epix-network\metin2.exe |
"TCP Query User{17620530-B189-4B9F-B3BF-8AFD0CAE63A9}C:\program files\microsoft games\age of empires ii\empires2ike.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2ike.exe |
"TCP Query User{1CF93176-8026-4C20-8540-58ED0F31467F}C:\program files\metin2_tester\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2_tester\metin2.bin |
"TCP Query User{2283677B-152D-4527-853E-4DCA2CEC57B6}C:\users\správce\desktop\hry\blacknight-mt2 client 1.2\lib\game\game.exe" = protocol=6 | dir=in | app=c:\users\správce\desktop\hry\blacknight-mt2 client 1.2\lib\game\game.exe |
"TCP Query User{2614628E-F1A1-445C-8C33-EAF577E7A462}C:\users\správce\desktop\hry\sindicatem2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\správce\desktop\hry\sindicatem2\metin2client.bin |
"TCP Query User{46C848F7-87CC-49C4-B38B-9AD62D569BBF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{65F24FD0-EA27-4E67-A7A8-BF0877104E21}C:\users\správce\desktop\hry\metin2_tester\metin2_tester\metin2mod.bin" = protocol=6 | dir=in | app=c:\users\správce\desktop\hry\metin2_tester\metin2_tester\metin2mod.bin |
"TCP Query User{669A9CED-381D-4B72-90AF-B6DB8EC5DA6C}C:\users\správce\desktop\blacknight-mt2 client 1.2\lib\game\game.exe" = protocol=6 | dir=in | app=c:\users\správce\desktop\blacknight-mt2 client 1.2\lib\game\game.exe |
"TCP Query User{66E00310-B98A-4F10-A4F5-48097F0CC878}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{7174F92F-03E5-438A-A797-764FF4CC20DF}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{783D2E31-C8F9-4E74-8006-D00DECEABAED}C:\users\správce\desktop\epix-network\epix-network\metin2.exe" = protocol=6 | dir=in | app=c:\users\správce\desktop\epix-network\epix-network\metin2.exe |
"TCP Query User{850A03EC-0E83-468E-9EEF-F80962735D14}C:\users\správce\desktop\metin2_tester\metin2_tester\metin2mod.bin" = protocol=6 | dir=in | app=c:\users\správce\desktop\metin2_tester\metin2_tester\metin2mod.bin |
"TCP Query User{8FE2F901-F252-4664-AF08-3E4F325E4E86}C:\users\správce\desktop\shyt2w\shyt2w\longju.dat" = protocol=6 | dir=in | app=c:\users\správce\desktop\shyt2w\shyt2w\longju.dat |
"TCP Query User{99440DB1-BADC-4C4D-B4B6-AF1E78789866}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"TCP Query User{A3711EA7-F014-4D17-84DC-FBEABCF91A04}C:\program files\swat 4\content\system\swat4.exe" = protocol=6 | dir=in | app=c:\program files\swat 4\content\system\swat4.exe |
"TCP Query User{A883CC83-5E63-4E0D-9D3B-28CD920EF75F}C:\users\správce\desktop\hry\shyt2w\shyt2w\longju.dat" = protocol=6 | dir=in | app=c:\users\správce\desktop\hry\shyt2w\shyt2w\longju.dat |
"TCP Query User{AA9472E0-7823-434D-9C01-E3A906D738F4}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{BEFEAFBB-2271-45D6-84BA-C6943C63D3E5}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=6 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |
"TCP Query User{CB48B03C-DE2A-4C90-B5A4-18F0496E8EBD}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{CF4F6C9B-704C-4FA8-A31B-605F06AECCB7}C:\users\správce\desktop\sindicatem2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\správce\desktop\sindicatem2\metin2client.bin |
"TCP Query User{D1EDEE6B-1AAA-45F4-B756-5C9B7971C583}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D446757D-AE83-4348-9CAD-AFB8E73708A0}C:\games\football challenge 2010 (pl)\game.exe" = protocol=6 | dir=in | app=c:\games\football challenge 2010 (pl)\game.exe |
"UDP Query User{016EF834-02FE-499C-93F8-107B0256EA7A}C:\users\správce\desktop\hry\epix-network\epix-network\metin2.exe" = protocol=17 | dir=in | app=c:\users\správce\desktop\hry\epix-network\epix-network\metin2.exe |
"UDP Query User{26668A36-14AA-4F91-9BFC-85EA68FDC7F7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2DFB9165-C2C7-438E-B9C6-DC1D2212265B}C:\users\správce\desktop\metin2_tester\metin2_tester\metin2mod.bin" = protocol=17 | dir=in | app=c:\users\správce\desktop\metin2_tester\metin2_tester\metin2mod.bin |
"UDP Query User{385F2666-67ED-42BE-99D0-DA19B26FF3E9}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{3CD909A1-0C07-46FB-98DB-6CC1E32104F4}C:\users\správce\desktop\hry\sindicatem2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\správce\desktop\hry\sindicatem2\metin2client.bin |
"UDP Query User{3E8F2C44-4A7F-4FE0-BAFF-2B7F1CC9BDFC}C:\program files\metin2_tester\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2_tester\metin2.bin |
"UDP Query User{498B94C9-3C68-409F-AA1F-51D9ECD34896}C:\users\správce\desktop\hry\metin2_tester\metin2_tester\metin2mod.bin" = protocol=17 | dir=in | app=c:\users\správce\desktop\hry\metin2_tester\metin2_tester\metin2mod.bin |
"UDP Query User{7B05FE53-3871-431D-B3E8-72FD3746CB87}C:\users\správce\desktop\epix-network\epix-network\metin2.exe" = protocol=17 | dir=in | app=c:\users\správce\desktop\epix-network\epix-network\metin2.exe |
"UDP Query User{7D6AF245-C69B-465B-9E66-96C2B61A90D6}C:\program files\swat 4\content\system\swat4.exe" = protocol=17 | dir=in | app=c:\program files\swat 4\content\system\swat4.exe |
"UDP Query User{7FFB88A3-FF7A-4990-A7CF-E911D8060F5E}C:\games\football challenge 2010 (pl)\game.exe" = protocol=17 | dir=in | app=c:\games\football challenge 2010 (pl)\game.exe |
"UDP Query User{8FD9094D-EF78-46D5-88D2-BF87BBAA5BC4}C:\users\správce\desktop\hry\blacknight-mt2 client 1.2\lib\game\game.exe" = protocol=17 | dir=in | app=c:\users\správce\desktop\hry\blacknight-mt2 client 1.2\lib\game\game.exe |
"UDP Query User{B4A3BFE3-1135-43A9-9FB6-55819CDE29B5}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{C29AE011-56BD-4891-A32D-CE986D758E21}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"UDP Query User{C388C05F-5D34-4E5E-86F9-9B3F25BB7CD6}C:\users\správce\desktop\shyt2w\shyt2w\longju.dat" = protocol=17 | dir=in | app=c:\users\správce\desktop\shyt2w\shyt2w\longju.dat |
"UDP Query User{CAB88D12-D28F-46ED-BA4F-6A253F29E31E}C:\users\správce\desktop\blacknight-mt2 client 1.2\lib\game\game.exe" = protocol=17 | dir=in | app=c:\users\správce\desktop\blacknight-mt2 client 1.2\lib\game\game.exe |
"UDP Query User{D5F7C4A9-E14F-4FAD-AE6E-54DEB5CBD8D8}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{DE57A068-8413-48C2-96B1-778ADE17B6BE}C:\users\správce\desktop\sindicatem2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\správce\desktop\sindicatem2\metin2client.bin |
"UDP Query User{E305DCC8-4516-4F09-9B1A-7CAE5E84E3B7}C:\program files\metin2_tester\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2_tester\metin2client.bin |
"UDP Query User{E4768A29-2A90-4ADF-8093-A190CE3E9DBF}C:\users\správce\desktop\hry\shyt2w\shyt2w\longju.dat" = protocol=17 | dir=in | app=c:\users\správce\desktop\hry\shyt2w\shyt2w\longju.dat |
"UDP Query User{E898BF85-917E-469E-B533-D48F63BF83E9}C:\program files\microsoft games\age of empires ii\empires2ike.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2ike.exe |
"UDP Query User{EA317BD1-3DFB-488C-AD9A-9D5F1D10AB0E}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{EBF52CF9-9C8D-41F0-8BEE-533E0F6D261B}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{EC22071F-E3F2-4A44-88BB-518E233BCE43}C:\program files\graffiti studio 2.0\graffiti studio.exe" = protocol=17 | dir=in | app=c:\program files\graffiti studio 2.0\graffiti studio.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000D4F77-53C7-4179-A733-2025B9C274D1}" = STORMWARE POHODA CZ Lite
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0020FEE2-7CDB-4250-B04B-81D68D3CA18B}" =
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0409969E-BEFB-44D3-90B9-63BE50FBAE5E}" = TIPCI
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{09F55516-AC75-43EA-8127-292E5A28B7DF}" = Monster Trux Extreme - Offroad Edition
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}" = HP Driver Diagnostics
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14BF164E-80A4-422E-BE43-39FB759666C2}_is1" = Avi to Mpeg 2.5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.010.00
"{310031DA-FFF9-48BE-8F4F-EBEDD6840194}" = Symantec Real Time Storage Protection Component
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{47C6B6C5-B46D-4109-AC7D-8F7A584657F4}" = Trust Webcam Live
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{556EEE74-6788-4292-8252-8B17E2C7952A}" = Photosynth 2.0.1403.5
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = Need For Speed Underground
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"avast" = avast! Free Antivirus
"BurnAware Free Edition_is1" = BurnAware Free Edition 1.2.9
"CABAL Online_is1" = CABAL Online
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"coverXP" = coverXP (remove only)
"Czech Soccer Manager 2002 Final Editionverze 4.0 (31.3.2006)" = Czech Soccer Manager 2002 Final Edition
"FormatFactory" = FormatFactory 2.60
"Free FLV Converter_is1" = Free FLV Converter
"Furnish Pro" = Furnish Pro
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"Indeo® Software" = Indeo® Software
"InstallShield_{0409969E-BEFB-44D3-90B9-63BE50FBAE5E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"InstallShield_{47C6B6C5-B46D-4109-AC7D-8F7A584657F4}" = Trust Webcam Live
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Nastaveni hadrware TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"JDownloader" = JDownloader
"Kouzelný míč 3" = Kouzelný míč 3
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"Nokia PC Suite" = Nokia PC Suite
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"O2CZ" = O2
"PhotoFiltre" = PhotoFiltre
"Project Aftermath 1.12" = Project Aftermath 1.12
"RealPlayer 6.0" = RealPlayer
"Scorpions WinCheater 2.07 mini-verze (s databází 81)_is1" = Scorpions WinCheater
"Spyware Terminator_is1" = Spyware Terminator
"STORMWARE PDF Printer_is1" = STORMWARE PDF Printer 5.0.0.614
"SWAT 4" = SWAT 4
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = Gimp 2.6.1
"WinPatrol" = WinPatrol 2009
"WinRAR archiver" = WinRAR
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3660284919-2193007422-2339388231-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Beach Soccer" = Beach Soccer
"fc10-PL_TVP_MAIN" = Football Challenge 2010 (PL)
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"Zoo Tycoon Čeština 1.05" = Zoo Tycoon Čeština 1.05

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 25.6.2010 6:36:45 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 26.6.2010 5:52:53 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 26.6.2010 5:52:53 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 26.8.2010 4:13:52 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 26.8.2010 4:13:53 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 10.10.2010 15:56:30 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 30.4.2011 15:59:56 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 2.5.2011 15:07:12 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 7.6.2011 13:11:10 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

Error - 22.7.2011 16:01:56 | Computer Name = Toshiba | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 26.7.2011 15:10:17 | Computer Name = Toshiba | Source = VSS | ID = 39
Description = Chyba služby Stínová kopie svazku: Služba Stínová kopie svazku (VSS)
je zakázána. Povolte službu a akci opakujte. ?

Error - 26.7.2011 15:10:17 | Computer Name = Toshiba | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80070422. ?

Error - 26.7.2011 15:10:17 | Computer Name = Toshiba | Source = System Restore | ID = 8193
Description = Vytvoření bodu obnovení na svazku se nezdařilo (Proces = C:\Windows\system32\DrvInst.exe
"4" "0" "C:\Users\Správce\{3d589dfc-35f9-41a0-b55b-6bc26239f130}\ewdcsc.inf" "0"
"513a0480b" "000004B0" "WinSta0\Default" "000004DC" "208" "C:\Program Files\O2\O2CZ\pcmcias\HUAWEI\WinVista";
Popis = ?; Hr = 0x8000ffff).

Error - 26.7.2011 15:10:22 | Computer Name = Toshiba | Source = VSS | ID = 39
Description = Chyba služby Stínová kopie svazku: Služba Stínová kopie svazku (VSS)
je zakázána. Povolte službu a akci opakujte. ?

Error - 26.7.2011 15:10:22 | Computer Name = Toshiba | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80070422. ?

Error - 26.7.2011 15:10:22 | Computer Name = Toshiba | Source = System Restore | ID = 8193
Description = Vytvoření bodu obnovení na svazku se nezdařilo (Proces = C:\Windows\system32\DrvInst.exe
"4" "0" "C:\Users\Správce\{ccb73976-7e01-4f7a-a3e0-79d8d20634a9}\ewnet.inf" "0"
"5fc9deef7" "000004DC" "WinSta0\Default" "00000274" "208" "C:\Program Files\O2\O2CZ\pcmcias\HUAWEI\WinVista";
Popis = ?; Hr = 0x8000ffff).

Error - 26.7.2011 15:10:26 | Computer Name = Toshiba | Source = VSS | ID = 39
Description = Chyba služby Stínová kopie svazku: Služba Stínová kopie svazku (VSS)
je zakázána. Povolte službu a akci opakujte. ?

Error - 26.7.2011 15:10:26 | Computer Name = Toshiba | Source = VSS | ID = 8193
Description = Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance
došlo k neočekávané chybě. hr= 0x80070422. ?

Error - 26.7.2011 15:10:26 | Computer Name = Toshiba | Source = System Restore | ID = 8193
Description = Vytvoření bodu obnovení na svazku se nezdařilo (Proces = C:\Windows\system32\DrvInst.exe
"4" "0" "C:\Users\Správce\{f919cf55-f3d4-4fe8-acf2-ac37cd7ae897}\ewusbdev.inf"
"0" "58a6756cf" "00000274" "WinSta0\Default" "000004B0" "208" "C:\Program Files\O2\O2CZ\pcmcias\HUAWEI\WinVista";
Popis = ?; Hr = 0x8000ffff).

Error - 28.7.2011 10:48:44 | Computer Name = Toshiba | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Úroveň informací: error Inicializace podsystému COM se nezdaoila. Kód
chyby: 0x8007041D

[ System Events ]
Error - 25.7.2011 15:52:50 | Computer Name = Toshiba | Source = DCOM | ID = 10005
Description =

Error - 26.7.2011 16:13:27 | Computer Name = Toshiba | Source = SCardSvr | ID = 610
Description =

Error - 27.7.2011 10:47:44 | Computer Name = Toshiba | Source = DCOM | ID = 10005
Description =

Error - 27.7.2011 11:32:59 | Computer Name = Toshiba | Source = SCardSvr | ID = 610
Description =

Error - 28.7.2011 10:28:57 | Computer Name = Toshiba | Source = DCOM | ID = 10005
Description =

Error - 28.7.2011 10:42:22 | Computer Name = Toshiba | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:40:37, 28.7.2011) bylo neočekávané.

Error - 28.7.2011 10:48:43 | Computer Name = Toshiba | Source = DCOM | ID = 10005
Description =

Error - 28.7.2011 10:50:38 | Computer Name = Toshiba | Source = Service Control Manager | ID = 7009
Description =

Error - 28.7.2011 10:50:39 | Computer Name = Toshiba | Source = Service Control Manager | ID = 7000
Description =

Error - 28.7.2011 10:50:39 | Computer Name = Toshiba | Source = Service Control Manager | ID = 7022
Description =

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
[2010.12.15 17:12:32 | 000,000,923 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\conduit.xml
[2011.07.17 22:33:35 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-1.xml
[2009.04.26 09:35:47 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-10.xml
[2009.04.30 16:45:10 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-11.xml
[2009.06.15 13:58:36 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-12.xml
[2009.07.29 11:47:20 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-13.xml
[2009.08.12 12:30:05 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-14.xml
[2011.04.30 11:12:58 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-15.xml
[2011.06.24 16:05:54 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-16.xml
[2008.09.26 17:19:56 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-2.xml
[2008.09.27 20:02:00 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-3.xml
[2008.11.14 21:07:52 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-4.xml
[2008.12.22 18:41:52 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-5.xml
[2009.02.05 20:10:05 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-6.xml
[2009.02.05 21:08:33 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-7.xml
[2009.03.05 21:15:06 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-8.xml
[2009.04.01 17:09:56 | 000,000,950 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin-9.xml
[2011.06.20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin.gif
[2011.06.20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin.src
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\icqplugin.xml
[2009.01.15 19:48:59 | 000,003,915 | ---- | M] () -- C:\Users\Správce\AppData\Roaming\Mozilla\Firefox\Profiles\sjjimqwg.default\searchplugins\sweetim.xml
[2009.02.05 21:08:04 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) --
[2011.07.23 15:31:04 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
File not found (No name found) -- C:\USERS\SPRĂˇVCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJJIMQWG.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\SPRĂˇVCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SJJIMQWG.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3660284919-2193007422-2339388231-1000\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll (Conduit Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Users\Správce\AppData\Local\*.tmp files -> C:\Users\Správce\AppData\Local\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 24 bytes -> C:\Windows:DB1EE0934B6FEB2C
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
O33 - MountPoints2\{4132eb58-b7b9-11e0-a709-001b38461f30}\Shell - "" = AutoRun
O33 - MountPoints2\{e50a8007-d1fd-11dd-a6ec-001b38461f30}\Shell - "" = AutoRun

:files
C:\Program Files\ICQ6Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Opravu jsem provedla, ale log se mi žádný neobjevil. Mám znovu spustit 'prohledat'?

Opakujte opravu v nouzoem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

VIRY.CZ

Prosím o kontrolu-pomalý notebook

Prosím o kontrolu-pomalý notebook

Re: Prosím o kontrolu-pomalý notebook

Re: Prosím o kontrolu-pomalý notebook

Re: Prosím o kontrolu-pomalý notebook

Re: Prosím o kontrolu-pomalý notebook

Re: Prosím o kontrolu-pomalý notebook

Re: Prosím o kontrolu-pomalý notebook

Re: Prosím o kontrolu-pomalý notebook