VIRY.CZ

Dobrý den.
Dostalo se mi do rukou PC od známé a myslím že je plné havěti všeho druhu.

Pro začátek přikládám log z RSIT
Ještě dodám že jsou tam celkem 4 účty a všechny jako správce. Takže by mě zajímalo jestli bych měl z každého účtu udělat vzlášť nebo co a jak? Díky.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2011-08-24 15:01:06
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 9 GB (6%) free of 153 GB
Total RAM: 511 MB (48% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1847444920-2511039311-3333254768-1007Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1847444920-2511039311-3333254768-1007UA.job
C:\WINDOWS\tasks\Norton Security Scan for Markéta Mášová.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default

prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="

"Seekmo@Seekmo.com"=C:\Program Files\Seekmo\bin\10.0.345.0\firefox\extensions
"{3112ca9c-de6d-4884-a869-9855de68056c}"=C:\Documents and Settings\All Users\Data aplikací\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX® Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
divx@partners.mozilla.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
qippipe.dll
qippipe.xpt
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npdeploytk.dll
npdivx32.dll
npdivx32.xpt
npnul32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpjplug.dll
NPSWF32.dll
nsIQTScriptablePlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{3112ca9c-de6d-4884-a869-9855de68056c}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9}]
MorpheusToolbar BHO - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL [2006-10-06 237568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4533a094-1ebd-6a69-9a1e-3ef9e5d61f69}]
mysidesearch browser optimizer - C:\WINDOWS\system32\{f2b921ff-fe5a-935c-9e25-6c292c9eb1b2}.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54B62CEF-8A07-4d3c-A2EF-DDF184264374}]
XBTP01621 Class - C:\PROGRA~1\BEARSH~2\MediaBar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 324416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Program Files\Internet Explorer\qipsearchbar.dll [2009-07-09 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8884FF9-41CF-4A85-AC9A-CB4567AD72E4}]
IEHlprObj Class - C:\WINDOWS\system32\moz030715s.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-07-21 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADC3B2AC-F30B-4A2A-9865-1C96C7D58483}]
TChkBHO Class - C:\WINDOWS\system32\mhkji.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-05-23 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D73F49B1-B51B-4d32-A3B7-BD04B8342F53}]
C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL [2006-10-06 57344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F173E53F-E042-49b6-BD46-983E93DA1B17}]
dcads - C:\WINDOWS\system32\nsx99.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{B71B15CE-3093-459C-B764-AEB2486F2273} - &Seznam Lištička - C:\Program Files\Seznam\Listicka\Toolbar.dll [2005-11-04 790528]
{3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - Morpheus Toolbar - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL [2006-10-06 237568]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
{41C29B07-6F91-4966-91BE-2E2841643C83} - Dcads Toolbar - C:\Program Files\Dcads Advanced Toolbar\toolbar.dll [2007-11-01 561152]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-10-04 1049912]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-07-21 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SlowDownCPU"=C:\WINDOWS\INF\MSI\SlowDownCPU\SlowDownCPU.exe [2005-02-25 208896]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-08-06 860160]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-29 339968]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-10-24 90112]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2004-06-09 974898]
"RemoteControl"=C:\WINDOWS\system32\rmctrl.exe [2000-10-16 32768]
"EPSON Stylus D68 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE [2005-01-25 98304]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe [2007-02-13 61440]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-28 6731312]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-01-01 111928]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe /WAITSERVICE []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe []
"wxpdrv"=C:\WINDOWS\services32.exe []
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-3-0\svchost.exe [2011-07-15 1170432]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"3470417.exe"=C:\WINDOWS\TEMP\3470417.exe [2011-07-15 224768]
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-07-17 232960]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-07-17 232960]
"1568991.exe"=C:\DOCUME~1\JAKUBM~1\LOCALS~1\Temp\1568991.exe [2011-07-15 224768]
"8215445.exe"=C:\WINDOWS\TEMP\8215445.exe [2011-07-15 483328]
"systemup"=C:\WINDOWS\systemup.exe [2011-07-15 114176]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-07-15 110592]
"729719.exe"=C:\DOCUME~1\JAKUBM~1\LOCALS~1\Temp\729719.exe [2011-07-17 232960]
"8789533.exe"=C:\WINDOWS\TEMP\8789533.exe [2011-07-17 232960]
"conhost"=C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe [2011-07-21 173056]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-04 67128]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-21 68856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" vwipsti_.dll e1.dll C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-22 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-09-20 441136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-06-28 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ICQ\Icq.exe"="C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials"
"C:\Program Files\ApexDC++\ApexDC.exe"="C:\Program Files\ApexDC++\ApexDC.exe:*:Enabled:ApexDC++"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\StreamCast\Morpheus\Morpheus.exe"="C:\Program Files\StreamCast\Morpheus\Morpheus.exe:*:Enabled:Morpheus"
"C:\Program Files\Singles\singles.exe"="C:\Program Files\Singles\singles.exe:*:Disabled:singles"
"C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:M5Shell"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Games\Paintball2\paintball2.exe"="C:\Games\Paintball2\paintball2.exe:*:Enabled:paintball2"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Jakub Máša\Local Settings\Temporary Internet Files\Content.IE5\00K5HBBO\bulanci[1].exe"="C:\Documents and Settings\Jakub Máša\Local Settings\Temporary Internet Files\Content.IE5\00K5HBBO\bulanci[1].exe:*:Enabled:bulanci[1]"
"C:\Program Files\FlightGear\bin\win32\fgfs.exe"="C:\Program Files\FlightGear\bin\win32\fgfs.exe:*:Enabled:fgfs"
"C:\Program Files\Vektor Space\VektorSpace.exe"="C:\Program Files\Vektor Space\VektorSpace.exe:*:Enabled:VektorSpace Multiplayer Alpha Executable"
"C:\Program Files\Aspyr\Tony Hawks Pro Skater 4\Game\Skate4.exe"="C:\Program Files\Aspyr\Tony Hawks Pro Skater 4\Game\Skate4.exe:*:Enabled:Skate4"
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe"="C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"C:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe"="C:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\EA GAMES\MOHAA\moh_Breakthrough.exe"="C:\Program Files\EA GAMES\MOHAA\moh_Breakthrough.exe:*:Enabled:Medal of Honor Allied Assault(tm) Breakthrough"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\Miranda\miranda32.exe"="C:\Program Files\Miranda\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Ubisoft\Gearbox Software\BrothersInArmsEiB\System\EiB.exe"="C:\Program Files\Ubisoft\Gearbox Software\BrothersInArmsEiB\System\EiB.exe:*:Enabled:Brothers In Arms Earned In Blood"
"C:\Q3Ademo\quake3.exe"="C:\Q3Ademo\quake3.exe:*:Enabled:quake3"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Games\cs16\hl.exe"="C:\Games\cs16\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\viphone communicator\viphone communicator.exe"="C:\Program Files\viphone communicator\viphone communicator.exe:*:Enabled:viphone communicator"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe"="C:\Program Files\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo)"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion"
"C:\Documents and Settings\Jakub Máša\Dokumenty\Downloads\Flash-Player.exe"="C:\Documents and Settings\Jakub Máša\Dokumenty\Downloads\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Jakub Máša\Dokumenty\Downloads\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.tray-3-0\svchost.exe"="C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\WINDOWS\update.tray-3-0-lnk\svchost.exe"="C:\WINDOWS\update.tray-3-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0-lnk\svchost.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.divx"=divx.dll
"vidc.div4"=DivXc32f.dll
"vidc.div3"=DivXc32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.mp43"=mpg4c32.dll
"msacm.l3radius"=l3codecp.acm
"msacm.divxa"=divxa32.acm
"msacm.vorbis"=Vorbis.acm
"msacm.a3d"=a3d.dll
"msacm.ogg"=ogg.dll
"msacm.vorbisenc"=vorbisenc.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.DVSD"=pdvcodec.dll

======List of files/folders created in the last 1 month======

2011-08-24 15:01:23 ----D---- C:\Program Files\trend micro
2011-08-24 15:01:06 ----D---- C:\rsit
2011-08-24 14:17:11 ----D---- C:\WINDOWS\LastGood
2011-08-24 14:17:07 ----A---- C:\WINDOWS\system32\drivers\Lbd.sys
2011-08-24 14:16:55 ----D---- C:\Program Files\Ad-Aware
2011-08-24 14:16:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-08-24 14:12:05 ----D---- C:\Program Files\COMODO
2011-08-24 14:07:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2011-08-24 13:51:40 ----D---- C:\Programy

======List of files/folders modified in the last 1 month======

2011-08-24 15:01:23 ----RD---- C:\Program Files
2011-08-24 15:01:09 ----D---- C:\WINDOWS\Temp
2011-08-24 14:25:56 ----HD---- C:\WINDOWS\inf
2011-08-24 14:19:34 ----SD---- C:\WINDOWS\Tasks
2011-08-24 14:17:19 ----SHD---- C:\WINDOWS\Installer
2011-08-24 14:17:14 ----D---- C:\WINDOWS\system32\drivers
2011-08-24 14:17:11 ----D---- C:\WINDOWS
2011-08-24 14:17:07 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-08-24 14:16:59 ----D---- C:\WINDOWS\WinSxS
2011-08-24 14:12:17 ----D---- C:\WINDOWS\system32
2011-08-24 13:51:41 ----SD---- C:\Documents and Settings\Radek\Data aplikací\Microsoft
2011-08-24 13:36:28 ----D---- C:\WINDOWS\Prefetch
2011-08-24 13:30:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-24 13:29:06 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-28 12:28:17 ----A---- C:\WINDOWS\iecheck_iplist.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-07-21 64512]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-02-21 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-20 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2006-09-05 3968]
R1 InCDPass;InCdPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-06-09 26784]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-05-30 33792]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2005-08-18 11473]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-10-26 3786944]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-22 1522688]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Ad-Aware\KernExplorer.sys []
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-12-07 47360]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SlowDownCPU;SlowDownCPU; \??\C:\WINDOWS\INF\MSI\SlowDownCPU\NTGLM7X.sys []
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2004-06-09 85360]
S0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-30 97504]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-30 242600]
S1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-30 29400]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
S3 a4do3wq1;a4do3wq1; C:\WINDOWS\system32\drivers\a4do3wq1.sys []
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-08-13 129408]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 MA8630C;MA8630C; C:\WINDOWS\system32\DRIVERS\MA8630C.sys [2004-09-14 23248]
S3 MA8630M;MA8630M; C:\WINDOWS\system32\DRIVERS\MA8630M.sys [2005-01-25 25428]
S3 MA8630U;MA8630U; C:\WINDOWS\system32\DRIVERS\MA8630U.sys [2006-10-11 45312]
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2005-08-18 49867]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
S3 RushTopDevice;RushTopDevice; \??\C:\WINDOWS\INF\MSI\SlowDownCPU\RushTop.sys []
S3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-02-01 260288]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-22 405504]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-06-28 312880]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-06-09 766004]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Ad-Aware\AAWService.exe [2011-07-21 2151640]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-18 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-04-15 201440]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-18 340480]
R2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe [2011-07-15 483328]
R2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe [2011-07-17 232960]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-07-15 1170432]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-03-29 516096]
S2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-28 135664]
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-28 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Dobré odpoledne

,

Stáhněte MBAM a vložte sem jeho log podle návodu zde, při výběru skenu zvolte Úplný sken.

Zatím nic nemažte, MBAM může mít falešné detekce!

Jen se zeptám. Neměl bych vypnout nástroj pro obnovu systému? MBAM jede už 5 hodin a zdá se mi že se to točí pořád dokola kolem těch souborů. Nemám na to celej den.

Tak tímto krokem samozřejmě můžete sken urychlit.

Tak, konečně hotovo po asi 7 hodinách a vypnutí "obnovy"

A protože to má 500 000 znaků, tak jsem to hodil na uložto.
http://www.uloz.to/10072590/mbam-log-20 ... -59-41-txt

No to je teda zoo

... Všechno smazat.

Pozor! Tato utilita má velkou schopnost mazat a její použití je určeno výhradně členům týmu tohoto fóra. Svévolné použití může vést ke zboření a reinstalaci systému

Stáhněte ComboFix a uložte jej na Plochu.

Vypněte všechny rezidentní štíty antivirů a všechny programy běžící na pozadí.

Spusťte ComboFix s administrátorským oprávněním.

Potvrďte licenční podmínky a případně i instalaci konzoly pro zotavení

Během skenu nechte počítač naprosto v klidu.

Sken trvá zhruba 15 minut, ale doba se může lišit v závislosti na stavu systému

Po dokončení skenu se zobrazí log (pokud by se neotevřel, lze jej nalézt na systémovém disku jako ComboFix.txt), obsah logu vložte sem

ComboFixu si do dalšího pokynu nevšímejte

Jen se ještě zeptám. Všechno smazat pomocí MBAM? Pořád je otevřen nebo až combofixem?
Vzhledem k tomu že PC není moje, bych nerad smazal něco potřebnýho.

MBAMem.

Takže jsem to smazal MBAMEM

Zkusil Combofix. Ale pořád píše že je spuštěn NOD32 štít. Přitom na PC nemůžu najít instalační složku. Je tam sice složka jedna, ale v ní je jen jeden soubor. V centrum zabezpečení to taky píše jako antivit NOD32. Přitom není ani spuštěn ve správci. Hledal jsem NOD nebo eset. Nic jinýho mě nenapadlo pod čím by se mohl spouštět. Byl ještě pod "odebrat programy", tam to psalo že je již zřejmě odinstalován a jestli chci odebrat zástupce, tak jsem dal odebrat.

Takže jsem ten combofix spustil i když psal že jede NOD.
Zasekl se u fáze 2. Dál nejede ani vypnout nejde. A ještě chtěl nainstalovat něco pro odstraňování odolnějších virů atd. Jenže chce připojení k internetu. Ale PC nepřipojím kvůli obavám že by začal odesílat do sítě nějaký spamy atd. Už jsem s tím měl problémy na svým PC. Potom by mě odpojili, musel by přijít jejich technik cosi zkontrolovat a já pěkně zacvakat

Jsou tu 4 účty. Je možný že by byl spuštěn NOD z nějakýho jinýho

Je tam FB vir, takže i kdyby NOD byl nainstalovaný, nefunguje. Projedeme to tedy manuálně a ComboFix pustíme nakonec, pokud půjde. Kdoví, co tenhle počítač všechno skrývá

Stáhněte OTL.

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
*crack* /s
*keygen* /s
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL
http://www.uloz.to/10075145/otl-txt

EXTRAS
http://www.uloz.to/10075147/extras-txt

OTL logfile created on: 25.8.2011 21:59:57 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Radek\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,29 Mb Total Physical Memory | 215,00 Mb Available Physical Memory | 42,05% Memory free
1,22 Gb Paging File | 0,72 Gb Available in Paging File | 59,36% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 9,61 Gb Free Space | 6,44% Space Free | Partition Type: NTFS
Drive J: | 966,09 Mb Total Space | 862,60 Mb Free Space | 89,29% Space Free | Partition Type: FAT32

Computer Name: KAREL | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.25 21:49:22 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Radek\Plocha\OTL.exe
PRC - [2011.07.21 14:59:06 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware\AAWService.exe
PRC - [2011.07.21 14:59:06 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware\AAWTray.exe
PRC - [2011.07.21 12:24:49 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\dwm.exe
PRC - [2011.07.21 12:24:21 | 000,173,056 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe
PRC - [2011.07.18 11:35:20 | 000,340,480 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.18 11:35:20 | 000,340,480 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.17 18:44:25 | 000,232,960 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
PRC - [2011.07.15 16:34:57 | 000,110,592 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
PRC - [2011.07.15 16:32:12 | 000,483,328 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011.07.15 16:32:12 | 000,483,328 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011.07.15 16:09:49 | 001,170,432 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
PRC - [2011.06.30 09:37:28 | 001,793,712 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.06.30 09:37:06 | 002,554,696 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.06.28 12:16:43 | 006,731,312 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
PRC - [2007.06.28 12:16:19 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
PRC - [2007.03.04 11:29:29 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2007.02.13 15:00:14 | 000,061,440 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe
PRC - [2006.06.01 13:32:12 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005.10.24 08:45:16 | 000,090,112 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005.07.19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005.06.08 15:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005.06.08 14:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2005.02.25 04:22:38 | 000,208,896 | ---- | M] () -- C:\WINDOWS\inf\MSI\SlowDownCPU\SlowDownCPU.exe
PRC - [2005.01.25 06:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAAE.EXE
PRC - [2004.06.09 00:42:22 | 000,766,004 | ---- | M] () -- C:\Program Files\Ahead\InCD\incdsrv.exe
PRC - [2004.06.09 00:42:20 | 000,974,898 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2000.10.16 09:37:36 | 000,032,768 | R--- | M] () -- C:\WINDOWS\system32\rmctrl.exe

========== Modules (No Company Name) ==========

MOD - [2011.07.21 14:59:08 | 000,589,184 | ---- | M] () -- C:\Program Files\Ad-Aware\RPAPI.dll
MOD - [2011.07.21 14:59:08 | 000,430,568 | ---- | M] () -- C:\Program Files\Ad-Aware\Viprebridge.dll
MOD - [2011.07.21 14:59:08 | 000,308,560 | ---- | M] () -- C:\Program Files\Ad-Aware\Vipre.dll
MOD - [2011.07.21 12:24:49 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\dwm.exe
MOD - [2011.07.21 12:24:21 | 000,173,056 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe
MOD - [2011.07.18 11:35:20 | 000,340,480 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
MOD - [2011.07.17 18:44:25 | 000,232,960 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
MOD - [2011.07.15 16:34:57 | 000,110,592 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
MOD - [2011.07.15 16:32:12 | 000,483,328 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
MOD - [2011.07.15 16:09:49 | 001,170,432 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
MOD - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
MOD - [2009.11.03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.11.03 16:51:26 | 000,039,712 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2007.03.04 00:14:27 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2006.12.06 19:13:54 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.12.03 15:53:06 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005.02.25 04:22:38 | 000,208,896 | ---- | M] () -- C:\WINDOWS\inf\MSI\SlowDownCPU\SlowDownCPU.exe
MOD - [2005.02.22 08:47:30 | 000,143,360 | ---- | M] () -- C:\WINDOWS\inf\MSI\SlowDownCPU\RushTop.dll
MOD - [2004.06.09 00:42:24 | 000,364,593 | ---- | M] () -- C:\Program Files\Ahead\InCD\incdunt.dll
MOD - [2004.06.09 00:42:22 | 000,766,004 | ---- | M] () -- C:\Program Files\Ahead\InCD\incdsrv.exe
MOD - [2004.06.09 00:42:22 | 000,757,812 | ---- | M] () -- C:\Program Files\Ahead\InCD\incdapi.dll
MOD - [2002.10.05 01:04:26 | 000,092,672 | ---- | M] () -- C:\WINDOWS\system32\vorbis.dll
MOD - [2002.10.05 01:04:18 | 000,021,504 | ---- | M] () -- C:\WINDOWS\system32\ogg.dll
MOD - [2000.10.16 09:37:36 | 000,036,864 | R--- | M] () -- C:\WINDOWS\system32\ctrldll.dll
MOD - [2000.10.16 09:37:36 | 000,032,768 | R--- | M] () -- C:\WINDOWS\system32\rmctrl.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (NOD32krn)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.07.21 14:59:06 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.07.18 11:35:20 | 000,340,480 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
SRV - [2011.07.17 18:44:25 | 000,232,960 | ---- | M] () [Auto | Running] -- C:\WINDOWS\sysdriver32.exe -- (srvsysdriver32)
SRV - [2011.07.15 16:32:12 | 000,483,328 | ---- | M] () [Auto | Running] -- C:\WINDOWS\update.2\svchost.exe -- (srviecheck)
SRV - [2011.07.15 16:09:49 | 001,170,432 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
SRV - [2011.06.30 09:37:28 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.01.03 18:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2007.06.28 12:16:19 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)
SRV - [2004.06.09 00:42:22 | 000,766,004 | ---- | M] () [Auto | Running] -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv)
SRV - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - [2011.07.21 14:59:08 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011.07.21 14:59:08 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011.06.30 09:38:16 | 000,097,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011.06.30 09:38:14 | 000,242,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.06.30 09:38:14 | 000,029,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.10.20 10:15:38 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010.03.20 11:57:51 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.09.26 14:05:20 | 000,502,208 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007.06.28 12:16:12 | 000,011,000 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver)
DRV - [2006.11.22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006.10.11 10:00:10 | 000,045,312 | R--- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma8630u.sys -- (MA8630U)
DRV - [2006.09.05 18:03:16 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln)
DRV - [2006.05.30 15:18:52 | 000,033,792 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2006.03.22 05:56:22 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.21 13:12:00 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.10.26 10:08:26 | 003,786,944 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.08.18 05:44:50 | 000,049,867 | R--- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mardp2k.sys -- (MaRdPnp)
DRV - [2005.08.18 05:44:44 | 000,011,473 | R--- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MaVc2K.sys -- (MaVctrl)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.27 11:32:52 | 001,317,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005.05.27 11:31:28 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.03.04 05:10:26 | 000,074,496 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.02.22 08:47:44 | 000,039,040 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\inf\MSI\SlowDownCPU\RushTop.sys -- (RushTopDevice)
DRV - [2005.01.25 09:31:58 | 000,025,428 | R--- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma8630m.sys -- (MA8630M)
DRV - [2004.11.01 11:12:36 | 000,023,424 | ---- | M] (Your Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\inf\MSI\SlowDownCPU\NTGLM7X.SYS -- (SlowDownCPU)
DRV - [2004.09.14 12:12:18 | 000,023,248 | R--- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma8630c.sys -- (MA8630C)
DRV - [2004.09.14 06:55:44 | 000,088,960 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2004.06.09 00:42:24 | 000,085,360 | ---- | M] () [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2004.06.09 00:42:24 | 000,026,784 | ---- | M] (Ahead Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2004.04.26 02:49:56 | 000,381,056 | R--- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004.02.24 05:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.google.com
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Program Files\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL (Morpheus)
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57980

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Data aplikací\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007.08.23 17:44:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.19 16:00:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.19 16:00:33 | 000,000,000 | ---D | M]

[2010.01.21 00:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Extensions
[2011.06.23 19:02:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\extensions
[2010.01.22 20:45:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.09.29 16:04:06 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.01.21 00:01:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.23 19:02:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-1.xml
[2008.10.29 09:22:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-2.xml
[2008.12.02 14:05:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-3.xml
[2010.08.03 21:34:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-4.xml
[2011.06.23 18:52:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-5.xml
[2008.03.31 10:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin.gif
[2008.03.31 10:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin.src
[2008.07.10 14:50:23 | 000,000,962 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin.xml
[2011.07.18 11:40:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.19 23:27:06 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.08.23 17:45:04 | 000,000,000 | ---D | M] (DivX Settings) -- C:\Program Files\Mozilla Firefox\extensions\divx@partners.mozilla.com
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\RADEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IF0QWLL6.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\RADEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\IF0QWLL6.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2008.12.20 21:27:29 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.08.31 18:55:02 | 000,118,000 | ---- | M] () -- C:\Program Files\mozilla firefox\components\qippipe.dll
[2008.03.24 20:21:00 | 002,889,088 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2011.06.19 15:59:46 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.06.19 15:59:46 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.06.19 15:59:46 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.06.19 15:59:46 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.06.19 15:59:46 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.07.28 12:27:55 | 000,203,160 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MorpheusToolbar BHO) - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL (Morpheus)
O2 - BHO: (no name) - {54B62CEF-8A07-4d3c-A2EF-DDF184264374} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Program Files\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (no name) - {A8884FF9-41CF-4A85-AC9A-CB4567AD72E4} - No CLSID value found.
O2 - BHO: (no name) - {ADC3B2AC-F30B-4A2A-9865-1C96C7D58483} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: () - {D73F49B1-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL (Morpheus)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Morpheus Toolbar) - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL (Morpheus)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (&Seznam Lištička) - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [!AVG Anti-Spyware] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (GRISOFT s.r.o.)
O4 - HKLM..\Run: [1568991.exe] C:\Documents and Settings\Jakub Máša\Local Settings\Temp\1568991.exe ()
O4 - HKLM..\Run: [3470417.exe] C:\WINDOWS\TEMP\3470417.exe ()
O4 - HKLM..\Run: [729719.exe] C:\Documents and Settings\Jakub Máša\Local Settings\Temp\729719.exe ()
O4 - HKLM..\Run: [8215445.exe] C:\WINDOWS\TEMP\8215445.exe ()
O4 - HKLM..\Run: [8789533.exe] C:\WINDOWS\TEMP\8789533.exe ()
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Adobe Photoshop Lightroom\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe ()
O4 - HKLM..\Run: [SlowDownCPU] C:\WINDOWS\inf\MSI\SlowDownCPU\SlowDownCPU.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Jakub Máša\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms.LNK = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 8376447873 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/webplayer/stag ... taller.cab (DivXBrowserPlugin Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.ostrava.unas.cz/kamery/AxisCamControl.cab (CamImage Class)
O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009 Winlogon: Shell - (C:\Documents and Settings\Radek\Data aplikací\dwm.exe) - C:\Documents and Settings\Radek\Data aplikací\dwm.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.13 22:33:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (OODDRMBS) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.a3d - C:\WINDOWS\System32\a3d.dll (Sensaura Ltd)
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa - C:\WINDOWS\System32\divxa32.acm (build Pinky.cz)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3radius - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.ogg - C:\WINDOWS\System32\ogg.dll ()
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.vorbisenc - C:\WINDOWS\System32\vorbisenc.dll ()
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - C:\WINDOWS\System32\divxc32.dll (build Pinky.cz)
Drivers32: vidc.div4 - C:\WINDOWS\System32\divxc32f.dll (Pinky.cz)
Drivers32: vidc.divx - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.DVSD - C:\WINDOWS\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.08.25 21:57:15 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Radek\Plocha\OTL.exe
[2011.08.25 21:24:42 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.08.25 20:54:26 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.08.25 20:19:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.08.25 20:19:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.08.25 20:19:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.08.25 20:19:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.08.25 19:56:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Radek\Recent
[2011.08.25 19:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.08.25 19:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.08.25 19:38:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.08.25 19:37:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.08.25 19:33:23 | 004,182,373 | R--- | C] (Swearware) -- C:\Documents and Settings\Radek\Plocha\ComboFix.exe
[2011.08.24 15:16:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radek\Data aplikací\Malwarebytes
[2011.08.24 15:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.24 15:01:06 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.24 14:17:07 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011.08.24 14:16:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Lavasoft
[2011.08.24 14:16:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
[2011.08.24 14:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware
[2011.08.24 14:12:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\COMODO
[2011.08.24 14:12:05 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011.08.24 14:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Comodo
[2011.08.24 13:51:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Radek\Nabídka Start\Programy\HiJackThis
[2011.08.24 13:51:40 | 000,000,000 | ---D | C] -- C:\Programy
[2007.12.07 23:58:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Radek\Data aplikací\pcouffin.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.08.25 21:53:36 | 000,012,700 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.25 21:53:34 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.25 21:51:04 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.08.25 21:50:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.25 21:49:22 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Radek\Plocha\OTL.exe
[2011.08.25 21:41:20 | 000,004,487 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\24B2.078
[2011.08.25 20:11:00 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1847444920-2511039311-3333254768-1007UA.job
[2011.08.25 20:09:15 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.08.25 20:08:17 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2011.08.25 19:59:34 | 000,000,556 | ---- | M] () -- C:\Documents and Settings\Radek\Dokumenty\cc_20110825_195932.reg
[2011.08.25 19:59:05 | 000,002,176 | ---- | M] () -- C:\Documents and Settings\Radek\Dokumenty\cc_20110825_195903.reg
[2011.08.25 19:58:37 | 000,475,896 | ---- | M] () -- C:\Documents and Settings\Radek\Dokumenty\cc_20110825_195810.reg
[2011.08.25 19:44:10 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\$_hpcst$.hpc
[2011.08.25 19:37:33 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.25 19:25:10 | 004,182,373 | R--- | M] (Swearware) -- C:\Documents and Settings\Radek\Plocha\ComboFix.exe
[2011.08.25 18:11:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1847444920-2511039311-3333254768-1007Core.job
[2011.08.25 14:48:19 | 000,000,492 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Markéta Mášová.job
[2011.08.24 15:15:50 | 000,002,444 | -H-- | M] () -- C:\aaw7boot.cmd
[2011.08.24 14:12:41 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2011.08.24 13:51:51 | 000,002,523 | ---- | M] () -- C:\Documents and Settings\Radek\Plocha\HiJackThis.lnk
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.25 20:19:41 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.08.25 20:19:41 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.08.25 20:19:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.08.25 20:19:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.08.25 20:19:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.08.25 19:59:33 | 000,000,556 | ---- | C] () -- C:\Documents and Settings\Radek\Dokumenty\cc_20110825_195932.reg
[2011.08.25 19:59:04 | 000,002,176 | ---- | C] () -- C:\Documents and Settings\Radek\Dokumenty\cc_20110825_195903.reg
[2011.08.25 19:58:14 | 000,475,896 | ---- | C] () -- C:\Documents and Settings\Radek\Dokumenty\cc_20110825_195810.reg
[2011.08.25 19:44:10 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Radek\Data aplikací\$_hpcst$.hpc
[2011.08.24 15:15:13 | 000,002,444 | -H-- | C] () -- C:\aaw7boot.cmd
[2011.08.24 14:17:37 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.08.24 14:12:41 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO Firewall.lnk
[2011.08.24 13:51:41 | 000,002,523 | ---- | C] () -- C:\Documents and Settings\Radek\Plocha\HiJackThis.lnk
[2011.07.21 12:24:49 | 000,182,272 | ---- | C] () -- C:\Documents and Settings\Radek\Data aplikací\dwm.exe
[2011.07.21 12:24:23 | 000,004,487 | ---- | C] () -- C:\Documents and Settings\Radek\Data aplikací\24B2.078
[2011.07.18 11:35:26 | 000,169,472 | ---- | C] () -- C:\WINDOWS\gbot111.exe
[2011.07.17 18:44:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
[2011.07.15 16:37:41 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
[2011.07.15 16:35:01 | 000,110,592 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
[2011.07.15 16:31:57 | 000,232,960 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
[2011.07.15 16:31:07 | 000,232,960 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2010.10.20 10:15:39 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2010.04.17 09:57:28 | 000,000,028 | ---- | C] () -- C:\WINDOWS\MotionDVSTUDIO.INI
[2010.01.23 11:25:42 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.01.23 11:25:40 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.01.23 11:25:27 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.01.23 11:25:27 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.01.23 11:25:21 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.01.23 11:25:09 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.10.06 19:35:41 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.09.27 15:38:55 | 000,020,628 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.05.29 21:07:42 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.12.18 20:23:00 | 000,138,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.12.18 20:22:43 | 000,201,440 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008.12.18 20:22:13 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008.12.17 20:22:49 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dsez7408.dat
[2008.12.02 13:34:59 | 000,003,439 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.12.21 22:10:52 | 000,000,043 | ---- | C] () -- C:\WINDOWS\prdelka.INI
[2007.12.07 23:58:19 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Radek\Data aplikací\ezpinst.exe
[2007.12.07 23:58:19 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\Radek\Data aplikací\pcouffin.cat
[2007.12.07 23:58:19 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Radek\Data aplikací\pcouffin.inf
[2007.11.07 13:30:58 | 000,000,289 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2007.08.24 12:05:08 | 000,001,508 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007.07.12 23:17:55 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Radek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.06 18:09:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VideoExe.INI
[2007.03.06 17:53:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI
[2007.03.06 17:50:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MelodyExe.INI
[2007.03.06 17:12:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FileMgrExe.INI
[2007.03.06 17:10:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MessageExe.INI
[2007.02.23 19:37:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
[2007.02.23 19:37:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2007.02.23 19:37:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI
[2007.02.17 17:02:30 | 000,001,582 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.01.18 17:37:20 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2007.01.18 17:37:20 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007.01.08 12:33:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006.12.09 21:23:53 | 000,000,373 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006.11.10 20:15:20 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2006.10.18 18:01:01 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2006.10.14 21:15:33 | 000,036,972 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2006.09.26 16:20:35 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2006.09.23 19:11:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006.09.20 15:04:45 | 000,000,070 | ---- | C] () -- C:\WINDOWS\Morpheus.INI
[2006.09.20 14:59:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\mo001.dat
[2006.09.20 14:58:54 | 000,341,584 | ---- | C] () -- C:\WINDOWS\System32\uninstall.exe
[2006.09.18 22:21:48 | 001,317,152 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2006.09.18 22:21:48 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006.09.18 22:19:05 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2006.09.18 22:17:45 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
[2006.09.18 21:23:06 | 000,086,214 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2006.09.18 21:23:06 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2006.09.18 21:23:06 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2006.09.18 21:23:06 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2006.09.18 21:23:06 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2006.09.18 21:23:06 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2006.09.18 21:23:06 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2006.09.18 21:23:06 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2006.09.18 21:23:06 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2006.09.18 21:23:06 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2006.09.18 21:23:06 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2006.09.18 21:23:06 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2006.09.18 21:23:06 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2006.09.18 21:23:06 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2006.09.18 21:23:06 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2006.09.18 21:23:06 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2006.09.18 21:23:06 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006.09.18 21:18:54 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDED68ECHP.ini
[2006.09.18 19:31:24 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\ctrldll.dll
[2006.09.18 19:31:24 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\rmctrl.exe
[2006.09.18 19:17:18 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.09.18 18:59:17 | 000,000,676 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2006.09.18 18:54:44 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL
[2006.09.18 18:22:02 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.09.18 16:05:51 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.05.30 15:18:18 | 000,085,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\InCDfs.sys
[2005.09.14 00:27:53 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.09.14 00:27:12 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.09.14 00:22:02 | 000,157,184 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.09.14 00:21:43 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.09.14 00:21:36 | 000,429,172 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2005.09.14 00:21:36 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2005.09.14 00:21:36 | 000,078,294 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2005.09.14 00:21:36 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2005.09.14 00:21:28 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.09.14 00:21:26 | 000,432,778 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005.09.14 00:21:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005.09.14 00:21:26 | 000,067,734 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005.09.14 00:21:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005.09.14 00:21:26 | 000,004,486 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005.09.14 00:21:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005.09.14 00:21:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.09.14 00:21:21 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005.09.14 00:21:21 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005.09.14 00:21:17 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005.09.14 00:21:13 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005.09.13 23:17:20 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2005.09.13 23:17:12 | 000,121,995 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005.09.13 22:34:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005.09.13 22:31:39 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.02.01 16:10:30 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\exasd_.dll
[2003.08.20 21:12:36 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\MADLib.dll
[2003.07.16 13:09:32 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.05.08 00:27:48 | 000,902,318 | ---- | C] () -- C:\WINDOWS\System32\mos.exe
[2002.10.06 20:42:58 | 000,105,472 | ---- | C] () -- C:\WINDOWS\System32\oggds.dll
[2002.10.05 01:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:26 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 01:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002.05.17 22:18:30 | 000,039,936 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[1999.12.02 07:12:00 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\msconsysi.dat
[1999.04.11 22:54:20 | 000,281,600 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[1999.01.27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998.07.30 16:02:04 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\NUMERALG.DLL
[1998.03.03 10:37:32 | 000,182,784 | ---- | C] () -- C:\WINDOWS\System32\DAOLIBS.DLL
[1997.06.13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1996.02.23 21:34:48 | 000,014,629 | ---- | C] () -- C:\WINDOWS\System32\declw.dll
[1996.02.22 19:09:20 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\decln.dll

========== LOP Check ==========

[2009.09.26 14:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg7
[2010.03.20 11:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.09.26 14:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2010.01.19 23:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.08.02 15:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\JollyBear
[2006.10.17 21:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MumboJumbo
[2010.04.17 09:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Panasonic
[2008.10.26 21:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2008.12.04 21:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2008.08.02 17:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2006.09.18 21:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2009.11.25 11:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2006.12.10 16:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Atari
[2009.08.19 11:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\AVG7
[2006.10.06 20:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Balloon Express
[2006.09.20 15:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\BearShare
[2007.09.07 19:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\COWON
[2010.03.20 15:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\DAEMON Tools Lite
[2007.12.07 14:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Dcads Advanced Toolbar
[2010.03.28 14:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Euro4
[2010.06.19 12:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Facebook
[2006.12.12 12:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\flightgear.org
[2006.12.12 20:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\fltk.org
[2006.10.27 19:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\funkitron
[2009.12.26 13:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Hide IP NG
[2010.01.19 23:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\ICQ
[2007.05.30 20:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\ICQ Toolbar
[2006.09.19 09:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\ICQLite
[2008.06.28 19:29:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\MobileAction
[2006.10.06 16:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Morpheus
[2008.10.26 21:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Simply Super Software
[2006.09.20 19:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\Zoner
[2006.09.18 18:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG7
[2007.01.12 12:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Atari
[2009.06.22 11:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\AVG7
[2008.01.28 11:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\COWON
[2008.07.03 21:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQ
[2007.06.04 20:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQ Toolbar
[2007.11.03 17:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQLite
[2008.05.16 09:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Vso
[2011.08.25 21:51:04 | 000,000,450 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"LDM" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -- [2007.03.04 11:29:29 | 000,067,128 | ---- | M] (Logitech Inc.)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.06.01 13:32:12 | 000,094,208 | ---- | M] (Nero AG)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2007.06.21 07:53:50 | 000,068,856 | ---- | M] (Google Inc.)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.01.27 16:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Adobe
[2008.04.05 21:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Apple Computer
[2007.01.12 12:41:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Atari
[2009.06.22 11:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\AVG7
[2008.01.28 11:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\COWON
[2008.01.18 12:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Google
[2005.09.13 23:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Help
[2008.07.03 21:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQ
[2007.06.04 20:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQ Toolbar
[2007.11.03 17:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\ICQLite
[2005.09.13 22:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Identities
[2006.11.22 22:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Macromedia
[2011.08.24 15:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Malwarebytes
[2011.08.25 19:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Media Player Classic
[2011.08.24 13:51:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Radek\Data aplikací\Microsoft
[2007.09.15 13:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Mozilla
[2010.05.23 15:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Real
[2007.03.17 21:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Skype
[2008.12.02 14:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Sun
[2007.09.15 13:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Talkback
[2008.05.16 09:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radek\Data aplikací\Vso

< %APPDATA%\*.exe /s >
[2011.07.21 12:24:49 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\dwm.exe
[2007.12.07 23:58:19 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\ezpinst.exe
[2011.07.21 12:24:21 | 000,173,056 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe
[2011.08.24 13:51:41 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Radek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.17 15:57:28 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\I386\AUTOCHK.EXE

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009.12.22 20:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.17 15:57:28 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:hal.dll
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.17 15:57:28 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:Changer.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: IASTOR.SYS >
[2004.03.24 18:00:00 | 000,274,816 | ---- | M] (Intel Corporation) MD5=9B5D077B6033BB41AB5AF0E28E566164 -- C:\driver\rai\intel\ICH5R\Floppy\iastor.sys
[2004.03.23 06:13:58 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\driver\rai\intel\ICH6R\Floppy\iastor.sys

< MD5 for: ISAPNP.SYS >
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.12.04 10:10:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2003.04.16 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2004.01.13 11:36:00 | 000,063,744 | ---- | M] (NVIDIA Corporation) MD5=06F86506555644CBA020CD2CFFE28668 -- C:\driver\Chi\nvidia\NvAtaBus.sys

< MD5 for: NVRAID.SYS >
[2004.01.13 11:36:00 | 000,057,472 | ---- | M] (NVIDIA Corporation) MD5=E182F94D65DEDA3668C23EE5BC8E980F -- C:\driver\Chi\nvidia\nvraid.sys

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.17 15:49:28 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2011.07.18 11:35:20 | 000,340,480 | ---- | M] () MD5=1733B4BD3F88618E348977328B384762 -- C:\WINDOWS\update.5.0\svchost.exe
[2011.07.15 16:09:49 | 001,170,432 | -H-- | M] () MD5=2ED651EA0565B4C3C0F7F4EE372FEFC7 -- C:\WINDOWS\update.1\svchost.exe
[2011.07.15 16:09:49 | 001,170,432 | -H-- | M] () MD5=2ED651EA0565B4C3C0F7F4EE372FEFC7 -- C:\WINDOWS\update.tray-3-0-lnk\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2011.07.15 16:32:12 | 000,483,328 | ---- | M] () MD5=EFB19E06A994F184B781A3C948E77E6E -- C:\WINDOWS\update.2\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2004.03.29 07:45:32 | 000,073,600 | ---- | M] (VIA Technologies inc,.ltd) MD5=65864ABA65EEE06EA586009301834E43 -- C:\driver\rai\via\VIARaid\driver\2003IA32\viamraid.sys
[2004.03.29 07:45:32 | 000,073,600 | ---- | M] (VIA Technologies inc,.ltd) MD5=65864ABA65EEE06EA586009301834E43 -- C:\driver\rai\via\VIARaid\driver\Win2000\viamraid.sys
[2004.03.29 07:45:36 | 000,073,600 | ---- | M] (VIA Technologies inc,.ltd) MD5=65864ABA65EEE06EA586009301834E43 -- C:\driver\rai\via\VIARaid\driver\Winxp\viamraid.sys

< MD5 for: VIASRAID.SYS >
[2003.08.05 08:14:30 | 000,077,056 | ---- | M] (VIA Technologies inc,.ltd) MD5=2EAB80850163B2A123D09F34574BEDCF -- C:\driver\rai\via\SataRaid\SATA\2003IA32\viasraid.sys
[2003.08.05 08:14:32 | 000,077,056 | ---- | M] (VIA Technologies inc,.ltd) MD5=2EAB80850163B2A123D09F34574BEDCF -- C:\driver\rai\via\SataRaid\SATA\Winxp\viasraid.sys
[2003.08.05 08:14:30 | 000,078,796 | ---- | M] (VIA Technologies inc,.ltd) MD5=4E5C34099227570FB04CBEEE11B1BCA3 -- C:\driver\rai\via\SataRaid\SATA\Win2000\viasraid.sys
[2003.08.05 08:14:32 | 000,080,240 | ---- | M] (VIA Technologies inc,.ltd) MD5=7B49F476B041FC1F316A9386D598E998 -- C:\driver\rai\via\SataRaid\SATA\Winnt40\viasraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.20 11:57:51 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2005.09.14 00:25:41 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005.09.14 00:25:40 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005.09.14 00:25:40 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.08.25 21:53:36 | 000,012,700 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< *crack* /s >
[2007.05.04 13:14:31 | 000,000,371 | ---- | M] () -- \Documents and Settings\Jakub Máša\Cookies\jakub máša@likecrack[2].txt
[2007.05.04 13:14:31 | 000,000,086 | ---- | M] () -- \Documents and Settings\Jakub Máša\Cookies\jakub máša@www.likecrack[2].txt
[2007.03.10 22:16:04 | 000,040,579 | ---- | M] () -- \Documents and Settings\Jakub Máša\Plocha\ATEAM\kubiček-pupiček\downloads\Torrents\Removed\GTA[1].Grand.Theft.Auto.San.Andreas.DVD.with.CRACK(1).torrent
[2003.12.05 13:52:40 | 000,000,796 | ---- | M] () -- \Program Files\GTA San Andreas\data\Decision\Craig\crack1.ped
[2006.10.05 21:34:39 | 000,174,904 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.dds
[2006.01.26 18:10:32 | 000,174,861 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m02_sec_03_PC\m02_s3_PC_floorcrack.rsb
[2006.01.26 18:10:32 | 000,349,613 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m02_sec_03_PC\m02_s3_PC_floorcracked.rsb
[2006.01.26 18:11:46 | 001,398,189 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m07_sec_01_pc\m07_decal_cracks.rsb
[2006.01.26 18:11:48 | 001,398,189 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m07_sec_01_pc\m07_s1_concrete_crack_02.rsb
[2006.01.26 18:12:12 | 000,349,613 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m08_sec_02_PC\m08_s2_PC_floorcrackdecal1.rsb
[2006.01.26 18:13:00 | 000,011,077 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m10_sec_02_pc\M10_S1_crackedgrnd.rsb
[2006.01.26 18:13:12 | 000,087,405 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m11_sec_01_pc\m11_pc_edgecrack.rsb
[2006.01.26 18:13:28 | 000,087,525 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m11_sec_02_pc\m11_pc_crackg.rsb
[2006.01.26 18:13:28 | 000,087,405 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m11_sec_02_pc\m11_pc_edgecrack.rsb
[2006.01.26 18:13:38 | 000,349,613 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m12_sec_01_pc\M12_s1_PC_ceilingcrack01.rsb
[2006.01.26 18:13:48 | 000,349,613 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\m12_sec_03_pc\m12_s3_PC_conwallcracked.rsb
[2006.01.26 18:15:26 | 000,011,077 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\mp07_rt_syria\mp07_jvm_ceiling_cracked.rsb
[2006.01.26 18:16:12 | 000,087,469 | R--- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\map\mpcl_03_bunkers\mpcl_03_cracks1.rsb
[2006.01.26 18:18:50 | 000,032,933 | ---- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\textures\cracked_glass.rsb
[2006.01.26 18:19:08 | 000,349,613 | ---- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\textures\object\obj_d_crack01.rsb
[2006.01.26 18:19:08 | 001,398,189 | ---- | M] () -- \Program Files\Ubisoft\Red Storm Entertainment\Rainbow Six Lockdown\data\textures\object\obj_d_crack02_faint.rsb

< *keygen* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:54997B77

< End of report >

OTL Extras logfile created on: 25.8.2011 21:59:57 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Radek\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,29 Mb Total Physical Memory | 215,00 Mb Available Physical Memory | 42,05% Memory free
1,22 Gb Paging File | 0,72 Gb Available in Paging File | 59,36% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 9,61 Gb Free Space | 6,44% Space Free | Partition Type: NTFS
Drive J: | 966,09 Mb Total Space | 862,60 Mb Free Space | 89,29% Space Free | Partition Type: FAT32

Computer Name: KAREL | User Name: Radek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"DisableThumbnailCache" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Program Files\ICQ\Icq.exe" = C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ -- (ICQ Inc.)
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials -- (Nero AG)
"C:\Program Files\ApexDC++\ApexDC.exe" = C:\Program Files\ApexDC++\ApexDC.exe:*:Enabled:ApexDC++
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\StreamCast\Morpheus\Morpheus.exe" = C:\Program Files\StreamCast\Morpheus\Morpheus.exe:*:Enabled:Morpheus -- (Streamcast)
"C:\Program Files\Singles\singles.exe" = C:\Program Files\Singles\singles.exe:*:Disabled:singles
"C:\Program Files\Morpheus\Morpheus.exe" = C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:M5Shell
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Games\Paintball2\paintball2.exe" = C:\Games\Paintball2\paintball2.exe:*:Enabled:paintball2 -- ()
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\Jakub Máša\Local Settings\Temporary Internet Files\Content.IE5\00K5HBBO\bulanci[1].exe" = C:\Documents and Settings\Jakub Máša\Local Settings\Temporary Internet Files\Content.IE5\00K5HBBO\bulanci[1].exe:*:Enabled:bulanci[1]
"C:\Program Files\FlightGear\bin\win32\fgfs.exe" = C:\Program Files\FlightGear\bin\win32\fgfs.exe:*:Enabled:fgfs
"C:\Program Files\Vektor Space\VektorSpace.exe" = C:\Program Files\Vektor Space\VektorSpace.exe:*:Enabled:VektorSpace Multiplayer Alpha Executable
"C:\Program Files\Aspyr\Tony Hawks Pro Skater 4\Game\Skate4.exe" = C:\Program Files\Aspyr\Tony Hawks Pro Skater 4\Game\Skate4.exe:*:Enabled:Skate4
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe" = C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)
"C:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe" = C:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\EA GAMES\MOHAA\moh_Breakthrough.exe" = C:\Program Files\EA GAMES\MOHAA\moh_Breakthrough.exe:*:Enabled:Medal of Honor Allied Assault(tm) Breakthrough
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET -- ()
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe" = C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC
"C:\Program Files\Miranda\miranda32.exe" = C:\Program Files\Miranda\miranda32.exe:*:Enabled:Miranda IM
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\Ubisoft\Gearbox Software\BrothersInArmsEiB\System\EiB.exe" = C:\Program Files\Ubisoft\Gearbox Software\BrothersInArmsEiB\System\EiB.exe:*:Enabled:Brothers In Arms Earned In Blood
"C:\Q3Ademo\quake3.exe" = C:\Q3Ademo\quake3.exe:*:Enabled:quake3 -- ()
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2
"C:\Games\cs16\hl.exe" = C:\Games\cs16\hl.exe:*:Enabled:Half-Life Launcher
"C:\Program Files\Valve\hlds.exe" = C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher -- (Valve)
"C:\Program Files\viphone communicator\viphone communicator.exe" = C:\Program Files\viphone communicator\viphone communicator.exe:*:Enabled:viphone communicator -- (Unient)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\ICQLite\ICQLite.exe" = C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe" = C:\Program Files\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo) -- (Ubisoft Entertainment)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe" = C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion -- (Ensemble Studios)
"C:\Documents and Settings\Jakub Máša\Dokumenty\Downloads\Flash-Player.exe" = C:\Documents and Settings\Jakub Máša\Dokumenty\Downloads\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Jakub Máša\Dokumenty\Downloads\Flash-Player.exe
"C:\WINDOWS\update.1\svchost.exe" = C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe -- ()
"C:\WINDOWS\update.tray-3-0\svchost.exe" = C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe
"C:\WINDOWS\update.2\svchost.exe" = C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe -- ()
"C:\WINDOWS\update.tray-3-0-lnk\svchost.exe" = C:\WINDOWS\update.tray-3-0-lnk\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0-lnk\svchost.exe -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0260AB54-8507-46A5-ADA7-E5F2C5327408}" = Windows Live Messenger
"{052B4734-CD9B-468F-B25D-D1E136B2C95A}" = Ad-Aware
"{06EB36A8-E0AD-4F0E-9AC9-6112763D8153}" = InfoMapa 11
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}" = ATI Catalyst Install Manager
"{1DC4E424-5D92-4C92-B1E1-4BE4318E7136}" = James Cameron's AVATAR(tm): THE GAME (Demo)
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22790903-F948-432C-9004-3E0088A649F0}" = STORMWARE POHODA CZ Start
"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}" = Windows Live Sign-in Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2631E55A-3BD5-4D43-AB08-648D1CDDF482}" = Microsoft Speech API 5.1
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 18
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38AC0DF3-3DF4-4D15-9870-A43060F6FF42}}_is1" = ActiveSolid 2.5.6
"{3A08D157-C9C7-459D-8ACF-0720A227BA04}" = Stunt Playground
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3BB33584-3860-4772-AEE9-D8E61F552896}" = Tom Clancy's Rainbow Six: Lockdown
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{43F8F1E5-C740-4293-A309-EA9DD6474DB1}" = MotionDV STUDIO 5.3E LE for DV
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4816702A-0879-4499-0085-ACFC0F65E811}" = NHL 2004
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{67451DB8-E4DD-48F3-B6A9-C0FB81829489}" = STORMWARE POHODA CZ Start
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68249B78-B714-11D7-88E8-0050DA21757E}" = Java 2 Runtime Environment Standard Edition v1.3.1_18
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73DD6B69-02CB-4DA8-A0E0-FC56EE13EB18}" = SweetIM for Messenger 2.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111551630}" = Hidden Expedition Titanic
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111838910}" = Travelogue 360 Paris
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112614887}" = Big City Adventure San Francisco
"{846232AE-EF8E-43F2-8540-B150A9EAE004}" = Microsoft .NET Framework (Czech)
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DB9D717-0908-4E86-B6A1-019EB94D1422}" = STORMWARE POHODA CZ Start
"{8E081E58-546E-4746-93E9-8A138F10BDB6}" = STORMWARE POHODA CZ Start
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A97D672-6C93-4DFA-B527-DE005A761495}" = Video Stream Driver for Panasonic DVC
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A918DE8A-98C8-0920-0000-000000260006}" = Nokia 6230i USB - Handset Manager V9.2
"{A918DE8A-98C8-0920-0000-000000260030}" = Nokia 6111/6270 USB - Handset Manager V9.2
"{A918DE8A-98C8-0920-0001-000000000000}" = Multimediální ukázky
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1029-7646-CE0000000001}" = Adobe Reader 6.0 CE
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{C4A0C307-053A-4335-8B28-60E901DB1029}" = Nero 7 Essentials
"{CBCDEDF3-A2E5-4402-8E9E-E2C23DBE1DA8}" = Adobe Photoshop Lightroom
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01727B1-9DAF-11D4-8A5B-00500499FAAB}" = WAY Home Europe
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E5278EFA-F252-4920-A39A-55F57F6B5A6F}" = STORMWARE POHODA CZ Start
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2004
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Mythology Expansion Pack 1.0" = Age of Mythology Gold
"ATI Display Driver" = ATI Display Driver
"AVGAntiSpyware75" = AVG Anti-Spyware 7.5
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DcadsGames" = Dcads Games Collection
"DcadsToolBar" = Dcads Advanced Toolbar
"DeepBurner v1.1.0.98" = DeepBurner v1.1.0.98
"DrillBook (NEW GENERATION)_is1" = DrillBook 2.0 (NEW GENERATION)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab Platinum_is1" = DVDFab Platinum 3.0.5.5
"EAX Unified" = EAX Unified
"EPSON Printer and Utilities" = Software tiskárny EPSON
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"GameSpy Arcade" = GameSpy Arcade
"Grey Olltwit's Ice Hockey" = Grey Olltwit's Ice Hockey
"GTA San Andreas_is1" = GTA San Andreas
"ICQ" = ICQ
"ICQToolbar" = ICQ Toolbar
"Icy Tower v1.3.1_is1" = Icy Tower v1.3.1
"IDEA 10 NG_is1" = IDEA 10 NG
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InCD!UninstallKey" = Ahead InCD
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{9A97D672-6C93-4DFA-B527-DE005A761495}" = Video Stream Driver for Panasonic DVC
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.6.1
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1029)" = Microsoft .NET Framework (Czech) v1.0.3705
"MorpheusToolbar Uninstall" = Morpheus Toolbar
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Network Play System (Patching)" = Network Play System (Patching)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSS" = Norton Security Scan
"Paintball2" = Paintball2 Alpha build 016
"Panorama Perfect Lite_is1" = Panorama Perfect Lite version 1.6.2
"Pharaoh" = Pharaoh
"PhotoFiltre" = PhotoFiltre
"PhotoFiltre Studio" = PhotoFiltre Studio
"Picasa 3" = Picasa 3
"QcDrv" = ##CAMERADRIVERNAME##
"QIP Infium JadrisPack 3.0.3b" = QIP Infium JadrisPack 3.0.3b
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"ST6UNST #1" = Alík - Šetřič obrazovky
"SZNToolbar" = Seznam Lištička
"The Sims" = The Sims
"Update Service" = Update Service
"Uživatelská příručka ESD68" = Uživatelská příručka ESD68
"viphone communicator_is1" = viphone communicator
"VorbisCodec" = Ogg Vorbis ACM Codec
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.4.2011 15:55:26 | Computer Name = KAREL | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
explorer.exe, verze 6.0.2900.5512, adresa chyby 0x00031111.

Error - 28.4.2011 13:15:12 | Computer Name = KAREL | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul gcswf32.dll,
verze 10.2.154.25, adresa chyby 0x001428bd.

Error - 9.6.2011 14:19:06 | Computer Name = KAREL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.6.2011 14:36:48 | Computer Name = KAREL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 16.6.2011 17:19:09 | Computer Name = KAREL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.6.2011 12:06:39 | Computer Name = KAREL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msnmsgr.exe, verze 8.1.178.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.6.2011 8:50:22 | Computer Name = KAREL | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.7.2011 11:12:13 | Computer Name = KAREL | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul gcswf32.dll,
verze 10.3.181.34, adresa chyby 0x0013f97f.

Error - 15.7.2011 10:32:12 | Computer Name = KAREL | Source = Application Error | ID = 1000
Description = Chybující aplikace logitechdesktopmessenger.exe, verze 2.52.21.16,
chybující modul backweb.dll, verze 8.1.1.50, adresa chyby 0x0008b1b1.

Error - 16.7.2011 8:04:00 | Computer Name = KAREL | Source = Application Error | ID = 1000
Description = Chybující aplikace logitechdesktopmessenger.exe, verze 2.52.21.16,
chybující modul backweb.dll, verze 8.1.1.50, adresa chyby 0x0008b1b1.

[ System Events ]
Error - 25.8.2011 14:25:20 | Computer Name = KAREL | Source = Service Control Manager | ID = 7034
Description = Služba InCD File System Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 25.8.2011 14:46:17 | Computer Name = KAREL | Source = Service Control Manager | ID = 7000
Description = Služba AMON neuspěla při spuštění v důsledku následující chyby: %%2

Error - 25.8.2011 14:46:45 | Computer Name = KAREL | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 25.8.2011 14:53:22 | Computer Name = KAREL | Source = Service Control Manager | ID = 7034
Description = Služba srvbtcclient byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 25.8.2011 14:53:22 | Computer Name = KAREL | Source = Service Control Manager | ID = 7034
Description = Služba srviecheck byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 25.8.2011 14:53:22 | Computer Name = KAREL | Source = Service Control Manager | ID = 7034
Description = Služba wxpdrivers byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 25.8.2011 14:56:54 | Computer Name = KAREL | Source = Service Control Manager | ID = 7034
Description = Služba srvsysdriver32 byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 25.8.2011 14:56:54 | Computer Name = KAREL | Source = Service Control Manager | ID = 7034
Description = Služba InCD File System Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 25.8.2011 15:51:01 | Computer Name = KAREL | Source = Service Control Manager | ID = 7000
Description = Služba AMON neuspěla při spuštění v důsledku následující chyby: %%2

Error - 25.8.2011 15:51:29 | Computer Name = KAREL | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.

< End of report >

Spusťte znovu OTL, do okna dole vložte následující skript a stiskněte tlačítko Opravit. Po restartu se otevře log, ten sem prosím vložte.

Kód: Vybrat vše

:Commands
[EmptyTemp]
[ResetHosts]
[EmptyFlash]
[Clearallrestorepoints]

:Services
ICQ Service
srvbtcclient
srvsysdriver32
srviecheck
wxpdrivers

:Files
C:\Program Files\ICQ6Toolbar
C:\Program Files\DAEMON Tools Toolbar
C:\Windows\update.?
C:\Windows\update.?.?
C:\Program Files\GTA San Andreas\*.exe /s
C:\WINDOWS\TEMP\* /s

:OTL
PRC - [2011.07.21 12:24:49 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\dwm.exe
PRC - [2011.07.21 12:24:21 | 000,173,056 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe
PRC - [2011.07.18 11:35:20 | 000,340,480 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.18 11:35:20 | 000,340,480 | ---- | M] () -- C:\WINDOWS\update.5.0\svchost.exe
PRC - [2011.07.17 18:44:25 | 000,232,960 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
PRC - [2011.07.15 16:34:57 | 000,110,592 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
PRC - [2011.07.15 16:32:12 | 000,483,328 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011.07.15 16:32:12 | 000,483,328 | ---- | M] () -- C:\WINDOWS\update.2\svchost.exe
PRC - [2011.07.15 16:09:49 | 001,170,432 | -H-- | M] () -- C:\WINDOWS\update.1\svchost.exe
SRV - File not found [Disabled | Stopped] -- -- (NOD32krn)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Program Files\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL (Morpheus)
IE - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
[2010.01.21 00:01:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.23 19:02:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-1.xml
[2008.10.29 09:22:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-2.xml
[2008.12.02 14:05:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-3.xml
[2010.08.03 21:34:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-4.xml
[2011.06.23 18:52:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin-5.xml
[2008.03.31 10:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin.gif
[2008.03.31 10:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin.src
[2008.07.10 14:50:23 | 000,000,962 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Mozilla\Firefox\Profiles\if0qwll6.default\searchplugins\icqplugin.xml
[2010.01.19 23:27:06 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.08.23 17:45:04 | 000,000,000 | ---D | M] (DivX Settings) -- C:\Program Files\Mozilla Firefox\extensions\divx@partners.mozilla.com
[2008.12.20 21:27:29 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.08.31 18:55:02 | 000,118,000 | ---- | M] () -- C:\Program Files\mozilla firefox\components\qippipe.dll
O2 - BHO: (MorpheusToolbar BHO) - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL (Morpheus)
O2 - BHO: (no name) - {54B62CEF-8A07-4d3c-A2EF-DDF184264374} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Program Files\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (no name) - {A8884FF9-41CF-4A85-AC9A-CB4567AD72E4} - No CLSID value found.
O2 - BHO: (no name) - {ADC3B2AC-F30B-4A2A-9865-1C96C7D58483} - No CLSID value found.
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Morpheus Toolbar) - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL (Morpheus)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [1568991.exe] C:\Documents and Settings\Jakub Máša\Local Settings\Temp\1568991.exe ()
O4 - HKLM..\Run: [3470417.exe] C:\WINDOWS\TEMP\3470417.exe ()
O4 - HKLM..\Run: [729719.exe] C:\Documents and Settings\Jakub Máša\Local Settings\Temp\729719.exe ()
O4 - HKLM..\Run: [8215445.exe] C:\WINDOWS\TEMP\8215445.exe ()
O4 - HKLM..\Run: [8789533.exe] C:\WINDOWS\TEMP\8789533.exe ()
O4 - HKLM..\Run: [conhost] C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKU\S-1-5-21-1847444920-2511039311-3333254768-1009..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2011.07.18 11:35:26 | 000,169,472 | ---- | C] () -- C:\WINDOWS\gbot111.exe
[2007.05.30 20:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub Máša\Data aplikací\ICQ Toolbar
[2011.07.21 12:24:49 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\dwm.exe
[2007.12.07 23:58:19 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\ezpinst.exe
[2011.07.21 12:24:21 | 000,173,056 | ---- | M] () -- C:\Documents and Settings\Radek\Data aplikací\Microsoft\conhost.exe
[2007.05.04 13:14:31 | 000,000,371 | ---- | M] () -- \Documents and Settings\Jakub Máša\Cookies\jakub máša@likecrack[2].txt
[2007.05.04 13:14:31 | 000,000,086 | ---- | M] () -- \Documents and Settings\Jakub Máša\Cookies\jakub máša@www.likecrack[2].txt
[2007.03.10 22:16:04 | 000,040,579 | ---- | M] () -- \Documents and Settings\Jakub Máša\Plocha\ATEAM\kubiček-pupiček\downloads\Torrents\Removed\GTA[1].Grand.Theft.Auto.San.Andreas.DVD.with.CRACK(1).torrent

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"swg"=-
"MSMSGS"=-

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"=-
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"=-
"C:\Program Files\ApexDC++\ApexDC.exe"=-
"C:\Program Files\Morpheus\Morpheus.exe"=-
"C:\WINDOWS\update.1\svchost.exe"=-
"C:\WINDOWS\update.tray-3-0\svchost.exe"=-
"C:\WINDOWS\update.2\svchost.exe"=-
"C:\WINDOWS\update.tray-3-0-lnk\svchost.exe"=-

VIRY.CZ

Naprosta kontrola PC

Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC

Re: Naprosta kontrola PC