VIRY.CZ

Ukazuje se mi v pravo dole ikonka jež není vidět: Load! 0.48.13, nejde odstranit četl jsem kdesi, že je to virus, no nevim jak to odstranit poradte

Dobrý večer

Poprosím o log ze Rsitu http://www.viry.cz/forum/viewtopic.php?f=13&t=105895

Snad je to spravně

Logfile of random's system information tool 1.09 (written by random/random)
Run by admin at 2012-02-03 13:08:43
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (8%) free of 38 GB
Total RAM: 191 MB (6% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:20:40, on 3.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\winword.exe
C:\Všecké Programy\Hovadiny 1\Mozzila\firefox.exe
C:\Všecké Programy\Hovadiny 1\Mozzila\plugin-container.exe
C:\Documents and Settings\admin\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FlashGet 3] "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe" -minimize
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: winword.exe.lnk = C:\WINDOWS\system32\winword.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Documents and Settings\admin\Plocha\hry\Chess\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Documents and Settings\admin\Plocha\hry\Chess\Babylon\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SMART Display Controller - Unknown owner - C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe (file missing)

--
End of file - 6857 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0, DTToolbar@toolbarnet.com:1.1.2.0185, engine@conduit.com:3.3.3.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.0.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... =CTXXXX&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Documents and Settings\admin\Plocha\plocha\programy\divx\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Všecké Programy\Hovadiny 1\Mozzila\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Všecké Programy\Hovadiny 1\Mozzila\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
FlashGet3.xpi
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Všecké Programy\Hovadiny 1\Mozzila\plugins\
libdivx.dll
np32dsw.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npnul32.dll
ShockwavePlugin.class
ssldivx.dll

C:\Všecké Programy\Hovadiny 1\Mozzila\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\
DTToolbar@toolbarnet.com
engine@conduit.com
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\
absearch-search.xml
conduit.xml
daemon-search.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"SiSUSBRG"=C:\WINDOWS\SiSUSBrg.exe [2009-04-08 106496]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2003-10-30 249856]
"SiS Tray"=C:\WINDOWS\system32\sistray.EXE [2003-10-30 667648]
"WinampAgent"=C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Winamp\winampa.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"FlashGet 3"=C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe -minimize []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^SMART Board Tools.lnk]
C:\PROGRA~1\SMARTT~1\SMARTB~1\SMARTB~2.EXE []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
winword.exe.lnk - C:\WINDOWS\system32\winword.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xFF000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Documents and Settings\admin\Plocha\bulanci.exe"="C:\Documents and Settings\admin\Plocha\bulanci.exe:*:Enabled:bulanci"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe:*:Enabled:SMART SNMPAgent"
"C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe:*:Enabled:SMART Web Server"
"C:\Program Files\SMART Technologies\SMART Board Drivers\UCGui.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\UCGui.exe:*:Enabled:SMART Display Controller Program"
"C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe"="C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe:*:Enabled:Rollcage Main Game Executable"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\admin\Plocha\hriebky\GFonline.exe"="C:\Documents and Settings\admin\Plocha\hriebky\GFonline.exe:*:Enabled:GFonline"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe"="C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Documents and Settings\admin\Plocha\hry\Counter Strike\hl.exe"="C:\Documents and Settings\admin\Plocha\hry\Counter Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\admin\Plocha\hry\Sportscargt\Spcar.exe"="C:\Documents and Settings\admin\Plocha\hry\Sportscargt\Spcar.exe:*:Enabled:Sports Car GT"
"C:\Documents and Settings\admin\Plocha\hry\Sportscargt\tccar.exe"="C:\Documents and Settings\admin\Plocha\hry\Sportscargt\tccar.exe:*:Enabled:Sports Car GT"
"C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.bin"="C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.exe"="C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.exe:*:Enabled:metin2"
"C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2client.bin"="C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\admin\Plocha\plocha\programy\torrent\uTorrent.exe"="C:\Documents and Settings\admin\Plocha\plocha\programy\torrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=iyvu9_32.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\Iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FPS1"=frapsvid.dll

======List of files/folders created in the last 1 month======

2012-02-03 13:08:49 ----D---- C:\Program Files\trend micro
2012-02-03 13:08:43 ----D---- C:\rsit
2012-01-31 15:30:03 ----D---- C:\Program Files\temp
2012-01-31 15:29:41 ----D---- C:\WINDOWS\system32\ocr
2012-01-31 15:29:41 ----D---- C:\WINDOWS\system32\Data
2012-01-31 15:29:40 ----D---- C:\WINDOWS\system32\Plugins
2012-01-21 12:24:36 ----D---- C:\Documents and Settings\admin\Data aplikací\Winamp

======List of files/folders modified in the last 1 month======

2012-02-03 13:08:49 ----RD---- C:\Program Files
2012-02-03 13:08:34 ----D---- C:\WINDOWS\Prefetch
2012-02-03 12:45:31 ----D---- C:\Documents and Settings\admin\Data aplikací\vlc
2012-02-03 09:58:14 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-03 01:08:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-02 20:49:44 ----AC---- C:\WINDOWS\winamp.ini
2012-02-02 17:12:29 ----D---- C:\Documents and Settings\admin\Data aplikací\dvdcss
2012-02-02 14:38:10 ----D---- C:\Documents and Settings\admin\Data aplikací\DAEMON Tools Lite
2012-01-31 15:29:41 ----D---- C:\WINDOWS\system32
2012-01-24 21:04:33 ----AD---- C:\WINDOWS
2012-01-24 17:24:40 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-24 17:24:12 ----SHD---- C:\WINDOWS\Installer
2012-01-24 16:58:00 ----D---- C:\WINDOWS\Temp
2012-01-24 16:57:46 ----HD---- C:\WINDOWS\inf
2012-01-24 16:56:34 ----D---- C:\WINDOWS\system32\DirectX
2012-01-17 14:41:10 ----D---- C:\Program Files\uTorrentBar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2009-04-08 36992]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-11-12 428088]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-11-12 239168]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2010-09-20 11264]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-06-28 278728]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-12-26 15440]
R2 hwpsgt;hwpsgt; C:\WINDOWS\system32\DRIVERS\hwpsgt.sys [2010-01-07 137344]
R2 lemsgt;lemsgt; C:\WINDOWS\system32\DRIVERS\lemsgt.sys [2010-01-07 9472]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-06-28 25416]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2010-09-20 427776]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 Scutum50;Scutum50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\Scutum50.sys []
S3 a22ypyrw;a22ypyrw; C:\WINDOWS\system32\drivers\a22ypyrw.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys []
S3 RT73;AirLive WT-2000USB; C:\WINDOWS\system32\DRIVERS\rt73.sys []
S3 SiS300i;SiS300i; C:\WINDOWS\system32\DRIVERS\sis300ip.sys [2001-08-17 101760]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SMART Display Controller;SMART Display Controller; C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

Dneska mám moc práce, ale budu v těch 21 : 00 nebo později...

Já jsem nemocná, nevím kdy tu budu

Otestujte na www.virustotal.com
C:\WINDOWS\system32\winword.exe

Tak se uzdrav

A díky za pomoc, idu to otestovať

)

Nevyznam se v tom, ale asi tam mám trojského koníčka, ale nic o tom Loadu

pomožte

)

Antivirus Result Update
AhnLab-V3 Win-Trojan/Xema.variant 20120122
AntiVir TR/Delf.1960448.A 20120122
Antiy-AVL Trojan/Win32.Genome.gen 20120120
Avast Win32:Trojan-gen 20120122
AVG Delf.HGJ 20120122
BitDefender Trojan.Generic.1499028 20120122
ByteHero - 20120111
CAT-QuickHeal - 20120122
ClamAV - 20120121
Commtouch - 20120122
Comodo UnclassifiedMalware 20120121
DrWeb - 20120122
Emsisoft Trojan.Generic!IK 20120122
eSafe - 20120120
eTrust-Vet - 20120121
F-Prot - 20120121
F-Secure Trojan.Generic.1499028 20120122
Fortinet - 20120122
GData Trojan.Generic.1499028 20120122
Ikarus Trojan.Generic 20120122
Jiangmin - 20120122
K7AntiVirus Trojan 20120120
Kaspersky - 20120122
McAfee Generic.dx!fyx 20120122
McAfee-GW-Edition Generic.dx!fyx 20120121
Microsoft - 20120122
NOD32 probably a variant of Win32/Agent.NGLKPMO 20120122
Norman W32/Agent.OLMO 20120122
nProtect Trojan/W32.Agent.1960448.E 20120122
Panda Trj/Agent.LSG 20120122
PCTools Trojan.Generic 20120122
Prevx - 20120122
Rising Trojan.Win32.Generic.11EA0A0C 20120118
Sophos Load! Downloader 20120122
SUPERAntiSpyware - 20120122
Symantec Trojan Horse 20120122
TheHacker - 20120122
TrendMicro TROJ_DELF.OXA 20120122
TrendMicro-HouseCall TROJ_DELF.OXA 20120122
VBA32 - 20120120
VIPRE Trojan.Win32.Generic!BT 20120122
ViRobot - 20120122
VirusBuster Trojan.Delf!3BS/y4JB5Fk 20120122

Řekla bych že ten Load souvisí s tím trojským koníčkem

. Jdem na něj

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

Zpustil jsem to a ani po hodině nic, pak jsem to opakoval a furt nic. Toho trojského koně tu už mám asi 3 roky tak je to možná tím ... No nevím možná jsem někde udělal chybu, jak se dá ten kombofix resetovat? Protože mi vytvořil na disku C ikonku jako tento počítač a v podstatě taky ukazuje všechny disky na počitači... Je to nějaké pokažené

Uděláme to jinak. Může ten sken trvat i hodinu, tak se nelekněte.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Tady máte OTL

OTL logfile created on: 5.2.2012 13:26:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\admin\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

191,48 Mb Total Physical Memory | 22,29 Mb Available Physical Memory | 11,64% Memory free
466,29 Mb Paging File | 121,59 Mb Available in Paging File | 26,08% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 4,99 Gb Free Space | 13,40% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.02.05 13:21:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
PRC - [2012.02.03 11:14:21 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Všecké Programy\Hovadiny 1\Mozzila\plugin-container.exe
PRC - [2012.02.03 11:14:19 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Všecké Programy\Hovadiny 1\Mozzila\firefox.exe
PRC - [2011.11.10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2008.10.16 11:56:20 | 001,960,448 | ---- | M] () -- C:\WINDOWS\system32\winword.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.09.28 20:21:04 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2003.12.15 08:18:08 | 000,969,216 | ---- | M] (Nullsoft) -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\winamp.exe
PRC - [2003.10.30 13:10:20 | 000,667,648 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe
PRC - [2003.10.30 13:09:36 | 000,249,856 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\Keyhook.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.03 11:14:20 | 001,014,232 | ---- | M] () -- C:\Všecké Programy\Hovadiny 1\Mozzila\js3250.dll
MOD - [2011.12.27 09:45:29 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.03.25 10:27:44 | 001,107,264 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
MOD - [2008.10.16 11:56:20 | 001,960,448 | ---- | M] () -- C:\WINDOWS\system32\winword.exe
MOD - [2008.06.29 14:24:32 | 000,168,960 | ---- | M] () -- C:\WINDOWS\system32\unrar.dll
MOD - [2008.06.18 09:14:33 | 000,031,744 | ---- | M] () -- C:\WINDOWS\system32\Plugins\YouCrypt\serienjunkies.dll
MOD - [2008.06.18 09:14:30 | 000,027,136 | ---- | M] () -- C:\WINDOWS\system32\Plugins\YouCrypt\rapidsafenet.dll
MOD - [2008.06.18 09:14:27 | 000,027,136 | ---- | M] () -- C:\WINDOWS\system32\Plugins\YouCrypt\linkbank.dll
MOD - [2008.06.18 09:14:26 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\Plugins\YouCrypt\gameblog.dll
MOD - [2008.06.18 09:14:25 | 000,052,736 | ---- | M] () -- C:\WINDOWS\system32\Plugins\YouCrypt\dxpdivxvidorg.dll
MOD - [2008.06.18 09:14:24 | 000,029,184 | ---- | M] () -- C:\WINDOWS\system32\Plugins\YouCrypt\ddlscene.dll
MOD - [2008.04.28 13:55:27 | 000,162,816 | ---- | M] () -- C:\WINDOWS\system32\sqlite3.dll
MOD - [2003.12.15 08:09:52 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\out_ds.dll
MOD - [2003.12.14 08:10:56 | 000,356,352 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\gen_ml.dll
MOD - [2003.12.14 07:34:51 | 002,150,912 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\gen_ff.dll
MOD - [2003.12.13 22:31:31 | 000,176,640 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_nsv.dll
MOD - [2003.11.29 08:45:44 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\gen_hotkeys.dll
MOD - [2003.11.17 07:03:22 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_dshow.dll
MOD - [2003.11.17 07:00:18 | 000,276,992 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_mp3.dll
MOD - [2003.11.17 06:59:07 | 000,070,144 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_cdda.dll
MOD - [2003.11.13 21:52:05 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\gen_tray.dll
MOD - [2003.06.17 19:02:38 | 000,101,888 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_midi.dll
MOD - [2003.06.15 22:13:56 | 000,226,816 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_vorbis.dll
MOD - [2003.04.15 22:06:17 | 000,054,272 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_wm.dll
MOD - [2003.03.23 09:42:11 | 000,130,560 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_mod.dll
MOD - [2002.10.07 00:00:38 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\out_wave.dll
MOD - [2002.09.01 01:10:38 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\in_wave.dll
MOD - [2002.07.21 07:46:54 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\read_file.dll
MOD - [2001.12.30 16:08:34 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\plocha\programy\Winamp\Plugins\out_disk.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SMART Display Controller)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

========== Driver Services (SafeList) ==========

DRV - [2011.11.12 18:07:20 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.11.12 17:31:49 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.09.20 16:55:55 | 000,427,776 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2010.09.20 16:55:55 | 000,011,264 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2010.01.07 15:23:29 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hwpsgt.sys -- (hwpsgt)
DRV - [2010.01.07 15:23:27 | 000,009,472 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lemsgt.sys -- (lemsgt)
DRV - [2009.06.28 11:43:24 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.06.28 11:43:19 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.04.08 18:17:51 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2008.07.10 01:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008.04.13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006.12.26 13:54:35 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2004.08.03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.08.17 19:50:46 | 000,101,760 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis300ip.sys -- (SiS300i)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Engine Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Conduit Engine Customized Web Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.0.8
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... =CTXXXX&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Documents and Settings\admin\Plocha\plocha\programy\divx\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Všecké Programy\Hovadiny 1\Mozzila\components [2012.02.03 12:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Všecké Programy\Hovadiny 1\Mozzila\plugins [2012.02.03 11:14:28 | 000,000,000 | ---D | M]

[2010.09.19 13:01:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Extensions
[2012.02.04 15:40:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions
[2011.11.18 23:45:22 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010.11.22 23:17:55 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com
[2011.04.30 07:55:51 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com
[2011.11.12 18:03:37 | 000,002,071 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\absearch-search.xml
[2011.04.30 07:55:51 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\conduit.xml
[2011.09.03 14:37:14 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\daemon-search.xml
[2012.02.04 23:57:05 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\icqplugin.xml
[2010.06.19 18:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.11.20 16:25:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\SJBKXM8M.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\SJBKXM8M.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\SJBKXM8M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
[2009.09.02 20:28:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

O1 HOSTS File: ([2010.12.07 16:12:00 | 000,426,618 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14694 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [WinampAgent] "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Winamp\winampa.exe" File not found
O4 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004..\Run: [FlashGet 3] "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe" -minimize File not found
O4 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk File not found
O4 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe File not found
O4 - Startup: C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\winword.exe.lnk = C:\WINDOWS\system32\winword.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Documents and Settings\admin\Plocha\hry\Chess\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Documents and Settings\admin\Plocha\hry\Chess\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\admin\Data aplikací\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\admin\Data aplikací\FlashGetBHO\GetAllUrl.htm ()
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48606892-4504-4C6F-9D38-05E7985C8B15}: DhcpNameServer = 192.168.3.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.08 16:05:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{48f5899a-f70b-11df-a7bf-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{48f5899a-f70b-11df-a7bf-806d6172696f}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\Iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\Iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.02.05 13:21:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
[2012.02.04 22:04:02 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.02.04 20:47:06 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.02.04 20:41:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.02.04 20:41:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.02.04 20:41:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.02.04 20:41:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.02.04 20:40:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012.02.04 20:40:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.02.03 13:49:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Nabídka Start\Programy\BS.Player
[2012.02.03 13:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Data aplikací\BSplayer
[2012.02.03 13:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh
[2012.02.03 13:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.02.03 13:08:43 | 000,000,000 | ---D | C] -- C:\rsit
[2012.01.31 15:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\temp
[2012.01.31 15:29:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ocr
[2012.01.31 15:29:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Data
[2012.01.31 15:29:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Plugins
[2012.01.21 12:24:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Data aplikací\Winamp
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.02.05 13:28:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.02.05 13:21:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
[2012.02.05 11:58:26 | 000,000,192 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012.02.05 09:49:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.04 20:47:36 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.02.04 20:17:02 | 000,083,456 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.03 13:49:15 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\BS.Player FREE.lnk
[2012.02.02 14:36:04 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.31 15:29:49 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\WarChess.exe.lnk
[2012.01.31 15:29:49 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\winword.exe.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.05 13:28:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.02.04 20:47:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.02.04 20:47:19 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.02.04 20:41:00 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.02.04 20:41:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.02.04 20:41:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.02.04 20:41:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.02.04 20:41:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.02.03 13:49:13 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\admin\Plocha\BS.Player FREE.lnk
[2012.01.31 15:29:49 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\admin\Plocha\WarChess.exe.lnk
[2012.01.31 15:29:49 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\winword.exe.lnk
[2011.11.12 19:12:22 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.10.01 22:42:56 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2011.05.30 00:20:28 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2011.04.23 09:42:33 | 000,000,849 | ---- | C] () -- C:\WINDOWS\H2_Setup.INI
[2011.04.18 17:55:21 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.04.17 17:37:32 | 000,000,710 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011.02.05 00:16:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2011.01.09 15:06:42 | 000,000,678 | ---- | C] () -- C:\WINDOWS\ChaseHQ2EvoConfig.ini
[2010.12.04 13:55:32 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010.12.04 13:53:19 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010.11.23 15:21:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.09.24 11:42:45 | 000,000,287 | ---- | C] () -- C:\WINDOWS\EReg072.dat
[2010.09.20 16:58:07 | 000,127,681 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2010.09.20 16:56:31 | 000,102,622 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2010.06.20 16:13:12 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010.06.19 19:38:52 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.06.19 15:46:44 | 000,000,307 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2010.06.17 16:07:58 | 000,000,148 | ---- | C] () -- C:\WINDOWS\dinksmallwood.ini
[2010.06.10 10:06:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2010.06.10 10:06:12 | 000,000,290 | ---- | C] () -- C:\WINDOWS\Lingua.ini
[2010.06.10 10:03:53 | 000,131,101 | ---- | C] () -- C:\WINDOWS\SETUPA1.EXE
[2010.01.07 15:23:29 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\hwpsgt.sys
[2010.01.07 15:23:27 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\lemsgt.sys
[2009.11.26 12:09:20 | 000,000,261 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2009.09.15 19:46:31 | 000,158,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.08.26 13:32:24 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.08.21 13:39:11 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2009.08.10 11:06:27 | 000,000,165 | ---- | C] () -- C:\WINDOWS\SNOW.INI
[2009.08.10 10:56:33 | 000,000,676 | ---- | C] () -- C:\WINDOWS\HAMMER.INI
[2009.08.04 15:19:38 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2009.06.28 11:43:23 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.06.28 11:43:19 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.06.25 23:08:01 | 000,000,380 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.06.25 23:05:10 | 000,000,613 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.05.06 21:00:15 | 000,083,456 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.30 08:41:08 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.04.20 14:28:11 | 000,000,524 | ---- | C] () -- C:\WINDOWS\bpfdat.dat
[2009.04.13 21:19:45 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2009.04.13 20:48:37 | 000,001,172 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009.04.13 20:47:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.04.13 20:15:13 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Data aplikací\fusioncache.dat
[2009.04.08 17:52:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.04.08 17:50:42 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.04.08 17:25:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2009.04.08 16:09:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.04.08 16:01:53 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.10.16 11:56:20 | 001,960,448 | ---- | C] () -- C:\WINDOWS\System32\winword.exe
[2008.10.16 10:07:36 | 000,001,627 | ---- | C] () -- C:\WINDOWS\System32\Load.ini
[2008.06.29 14:24:32 | 000,311,128 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2008.06.29 14:24:32 | 000,168,960 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.06.29 14:24:31 | 001,526,468 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008.04.28 13:55:27 | 000,162,816 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2006.03.02 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 13:00:00 | 000,509,340 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 13:00:00 | 000,506,124 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 13:00:00 | 000,107,964 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 13:00:00 | 000,096,306 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.04.23 21:02:10 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2003.10.01 15:30:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2003.02.19 00:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2002.10.03 13:42:27 | 000,000,034 | ---- | C] () -- C:\WINDOWS\Q3version.ini

========== LOP Check ==========

[2011.05.29 15:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Ascaron Entertainment
[2010.10.27 10:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Astroburn
[2010.12.04 14:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\BITS
[2012.02.03 14:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\BSplayer
[2010.05.11 15:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\BSplayer Pro
[2012.02.02 14:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\DAEMON Tools Lite
[2010.11.23 15:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\DAEMON Tools Pro
[2011.08.23 17:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\EurekaLog
[2010.12.04 13:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\FlashGet
[2010.12.04 13:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\FlashGetBHO
[2009.10.10 19:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\gtk-2.0
[2011.11.12 17:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\OpenCandy
[2009.04.13 21:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Opera
[2009.10.10 17:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\SMART Technologies
[2009.10.10 16:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\SMART Technologies Inc
[2011.09.06 17:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\TS3Client
[2011.12.11 13:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Unity
[2011.12.25 15:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\uTorrent
[2009.09.12 14:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.09.21 18:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.11.12 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Astroburn Lite
[2010.10.27 10:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.11.23 15:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
[2009.09.12 14:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2010.10.05 10:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.02.19 14:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SMART Technologies
[2009.12.05 11:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.02.05 12:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\The Learning Company

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"FlashGet 3" = "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe" -minimize
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"PCSpeedUp" = C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk

< >

< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2006.03.02 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 07:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 07:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: FASTFAT.SYS >
[2006.03.02 13:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.13 23:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 23:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2008.04.13 23:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 23:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.13 23:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2006.03.02 13:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2006.03.02 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2006.03.02 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
[2008.04.14 07:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2008.04.14 07:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.26 18:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 13:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 07:51:38 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 07:51:38 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 07:51:38 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 07:51:38 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 07:51:38 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 07:51:38 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 07:51:38 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2006.12.29 19:21:08 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 07:51:38 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 07:51:38 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 07:51:38 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 07:51:38 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 07:51:38 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 07:51:40 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007.04.02 20:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2006.03.02 13:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2006.03.02 13:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2006.12.29 19:02:50 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 07:51:56 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 07:52:06 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.11.12 17:31:49 | 000,428,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2012.02.02 14:36:04 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2009.04.08 17:49:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.08 17:49:57 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.08 17:49:57 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\0efb45fe14af60fce7fe141ae9ac7cc6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\0efb45fe14af60fce7fe141ae9ac7cc6\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\111513dc05eb541ecc5e6b3b1828572b\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\111513dc05eb541ecc5e6b3b1828572b\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\223e6cde91414cad15831d3a5cc70b1d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\223e6cde91414cad15831d3a5cc70b1d\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\30ac3e25776f287599e730665baf9314\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\30ac3e25776f287599e730665baf9314\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\30cb72b4ab2bd16fe5d66a6057575ed5\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\30cb72b4ab2bd16fe5d66a6057575ed5\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\3a4fa5ca80783b1912fee853479c93c4\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\3a4fa5ca80783b1912fee853479c93c4\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\456612c385c62114653e29e2afaf3676\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\456612c385c62114653e29e2afaf3676\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\4714635eedfab2ea52e0ae109642cf08\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\4714635eedfab2ea52e0ae109642cf08\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\4a6ebf52efbec44d28d5c0135c216a55\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\4a6ebf52efbec44d28d5c0135c216a55\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\4dc29e9a3768c22e70939411aaaf7904\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\4dc29e9a3768c22e70939411aaaf7904\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\508483484f3a183df6329500a0689df5\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\508483484f3a183df6329500a0689df5\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\6c7772a7f05dc62ffb377eb4a4fec463\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\6c7772a7f05dc62ffb377eb4a4fec463\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\741de8ed746d624fbf64b4b2dfcc6b20\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\741de8ed746d624fbf64b4b2dfcc6b20\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\749a50d8acbc46b72e35cabcff87e207\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\749a50d8acbc46b72e35cabcff87e207\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\788d673cc322641f5c1c9773c10767be\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\788d673cc322641f5c1c9773c10767be\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8573f895b9caebec15a2846b147c4acc\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8573f895b9caebec15a2846b147c4acc\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\94cb1155beed812ad7f0048d578b46e3\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\94cb1155beed812ad7f0048d578b46e3\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b14be4879cf03ecc842df75c5899d675\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b14be4879cf03ecc842df75c5899d675\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d2e1f16f5be8fded7ed4631ce3e9160d\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d2e1f16f5be8fded7ed4631ce3e9160d\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\daf6462a9e66fc383a4d4a0ae0f63852\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\daf6462a9e66fc383a4d4a0ae0f63852\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\e1d56846412df84708a3244922d10045\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e1d56846412df84708a3244922d10045\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\e2a232d55639014e09b06bb202e33806\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e2a232d55639014e09b06bb202e33806\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\fd674b0793556498419dc6d88ead9cda\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\fd674b0793556498419dc6d88ead9cda\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\fe61c629c8f74ff0b36cb17d266219b9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\fe61c629c8f74ff0b36cb17d266219b9\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.04.03 08:12:37 | 000,000,041 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\.zreglib
[2009.04.08 17:51:32 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2009.05.29 14:42:12 | 000,925,696 | ---- | M] (Pamela-Systems) -- C:\Documents and Settings\All Users\Data Aplikací\Skype\Plugins\Plugins\1C858F44FD20414EA6E3ACFBA01EBBD2\MoodEditor.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2009.11.24 18:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Adobe
[2009.05.04 16:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\AdobeUM
[2011.05.29 15:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Ascaron Entertainment
[2010.10.27 10:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Astroburn
[2010.12.04 14:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\BITS
[2012.02.03 14:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\BSplayer
[2010.05.11 15:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\BSplayer Pro
[2012.02.02 14:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\DAEMON Tools Lite
[2010.11.23 15:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\DAEMON Tools Pro
[2012.02.02 17:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\dvdcss
[2011.08.23 17:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\EurekaLog
[2010.12.04 13:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\FlashGet
[2010.12.04 13:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\FlashGetBHO
[2009.10.10 19:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\gtk-2.0
[2009.04.08 16:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Identities
[2009.11.24 18:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Macromedia
[2012.02.04 20:22:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\admin\Data aplikací\Microsoft
[2010.09.19 13:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Mozilla
[2011.11.12 17:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\OpenCandy
[2009.04.13 21:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Opera
[2010.06.10 13:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Skype
[2010.01.15 20:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\skypePM
[2009.10.10 17:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\SMART Technologies
[2009.10.10 16:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\SMART Technologies Inc
[2011.09.02 16:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Sun
[2009.04.30 08:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\teamspeak2
[2011.09.06 17:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\TS3Client
[2011.12.11 13:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Unity
[2011.12.25 15:43:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\uTorrent
[2012.02.03 13:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\vlc
[2012.01.21 12:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Winamp
[2009.12.19 18:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2009.04.08 17:51:32 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\admin\Data aplikací\desktop.ini

< %APPDATA%\*.exe /s >
[2011.11.12 17:32:01 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\OpenCandy\OpenCandy_F9FC635EBF4B4E669BDFB8219418CCEB\LatestDLMgr.exe
[2011.08.01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\admin\Data aplikací\OpenCandy\OpenCandy_F9FC635EBF4B4E669BDFB8219418CCEB\pcspeedup.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-24 22:04:30

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 1

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.02.05 13:28:59 | 000,000,512 | ---- | M] () MD5=3898ABFE9D18CD384A4385C00D3A73F9 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 500 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:807B1A1C3F745A6E

< End of report >

A zde je Extras

OTL Extras logfile created on: 5.2.2012 13:26:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\admin\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

191,48 Mb Total Physical Memory | 22,29 Mb Available Physical Memory | 11,64% Memory free
466,29 Mb Paging File | 121,59 Mb Available in Paging File | 26,08% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 4,99 Gb Free Space | 13,40% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Všecké Programy\Hovadiny 1\Mozzila\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"12001:UDP" = 12001:UDP:*:Enabled:SMART WebServer Handshake Multicast Port

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
"C:\Documents and Settings\admin\Plocha\bulanci.exe" = C:\Documents and Settings\admin\Plocha\bulanci.exe:*:Enabled:bulanci
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe" = C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe:*:Enabled:SMART SNMPAgent
"C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe" = C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe:*:Enabled:SMART Web Server
"C:\Program Files\SMART Technologies\SMART Board Drivers\UCGui.exe" = C:\Program Files\SMART Technologies\SMART Board Drivers\UCGui.exe:*:Enabled:SMART Display Controller Program
"C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe" = C:\Program Files\Psygnosis\Rollcage\Direct3D\Rollcage.exe:*:Enabled:Rollcage Main Game Executable
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
"C:\Documents and Settings\admin\Plocha\hriebky\GFonline.exe" = C:\Documents and Settings\admin\Plocha\hriebky\GFonline.exe:*:Enabled:GFonline
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe" = C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe:*:Enabled:Flashget3
"C:\Documents and Settings\admin\Plocha\hry\Counter Strike\hl.exe" = C:\Documents and Settings\admin\Plocha\hry\Counter Strike\hl.exe:*:Enabled:Half-Life Launcher
"C:\Documents and Settings\admin\Plocha\hry\Sportscargt\Spcar.exe" = C:\Documents and Settings\admin\Plocha\hry\Sportscargt\Spcar.exe:*:Enabled:Sports Car GT
"C:\Documents and Settings\admin\Plocha\hry\Sportscargt\tccar.exe" = C:\Documents and Settings\admin\Plocha\hry\Sportscargt\tccar.exe:*:Enabled:Sports Car GT
"C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.bin" = C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.bin:*:Enabled:metin2
"C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.exe" = C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2.exe:*:Enabled:metin2
"C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2client.bin" = C:\Documents and Settings\admin\Plocha\hry\Metin2\Metin2\metin2client.bin:*:Enabled:metin2client
"C:\Documents and Settings\admin\Plocha\plocha\programy\torrent\uTorrent.exe" = C:\Documents and Settings\admin\Plocha\plocha\programy\torrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{F06FF53A-2B02-4328-B158-4C4C73216BC9}_is1" = Battle Mages
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Audacity_is1" = Audacity 1.2.6
"BSPlayerf" = BS.Player FREE
"Caesar 3" = Caesar 3
"Celtic kings" = Keltští králové
"CloneCD" = CloneCD
"C-Media Audio Driver" = C-Media WDM Audio Driver
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dračí oko" = Dračí oko
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Golden Axe II (Fusion 3.64 emulation)" = Golden Axe II (Fusion 3.64 emulation)
"Golden Axe III (Fusio 3.64 emulatio)" = Golden Axe III (Fusio 3.64 emulatio)
"Harry Potter CZ" = Harry Potter CZ
"Heroes of Might and Magic III Complete CZ" = Heroes of Might and Magic III Complete CZ
"Hitman - Codename 47" = Hitman - Codename 47
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Indeo® software" = Indeo® software
"Lingua Land" = Lingua Land
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Might and Magic® VI" = Might and Magic® VI
"Mozilla Firefox (3.6.26)" = Mozilla Firefox (3.6.26)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Polda II_is1" = Polda II
"Port Royale 2" = Port Royale 2
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"Racer" = Racer
"Sierra Utilities" = Sierra Utilities
"SiS 661FX_760_741_M661FX_M760_M741" = SiS 661FX_760_741_M661FX_M760_M741
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.1.2012 9:00:44 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.0.5.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.1.2012 8:21:48 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.0.5.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 24.1.2012 12:17:34 | Computer Name = HOME-PC | Source = | ID = 0
Description =

Error - 24.1.2012 12:17:34 | Computer Name = HOME-PC | Source = | ID = 0
Description =

Error - 28.1.2012 7:24:44 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:24:44 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:31:58 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:32:42 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:35:31 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.1.2012 9:48:28 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.2.4363, chybující modul
captlib.dll, verze 9.0.4.13, adresa chyby 0x0002424a.

[ Application Events ]
Error - 8.1.2012 9:00:44 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.0.5.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.1.2012 8:21:48 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.0.5.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 24.1.2012 12:17:34 | Computer Name = HOME-PC | Source = | ID = 0
Description =

Error - 24.1.2012 12:17:34 | Computer Name = HOME-PC | Source = | ID = 0
Description =

Error - 28.1.2012 7:24:44 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:24:44 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:31:58 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:32:42 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.1.2012 7:35:31 | Computer Name = HOME-PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.1.2012 9:48:28 | Computer Name = HOME-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.2.4363, chybující modul
captlib.dll, verze 9.0.4.13, adresa chyby 0x0002424a.

[ OSession Events ]
Error - 3.6.2009 13:52:42 | Computer Name = HOME-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 31217 seconds with 7260 seconds of active time. This session ended with
a crash.

[ System Events ]
Error - 4.2.2012 7:03:46 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.

Error - 4.2.2012 8:03:52 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.

Error - 4.2.2012 8:04:16 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.

Error - 4.2.2012 15:03:37 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba Scutum50 NDIS Protocol Driver neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 4.2.2012 15:03:37 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba SMART Display Controller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4.2.2012 17:39:42 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby Dnscache.

Error - 4.2.2012 18:43:34 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba Scutum50 NDIS Protocol Driver neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 4.2.2012 18:43:34 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba SMART Display Controller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 5.2.2012 4:50:01 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba Scutum50 NDIS Protocol Driver neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 5.2.2012 4:50:01 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000
Description = Služba SMART Display Controller neuspěla při spuštění v důsledku následující
chyby: %%2

< End of report >

Od pondělí do pátku tu asi nebudu, tak se na mě prosím nezlobte, za týden to můžéme zase trošku pořešit

děkuji za vaši pomoc a trpělivost

Už jsem tu

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 500 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:807B1A1C3F745A6E
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Documents and Settings\admin\Plocha\hry\Chess\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Documents and Settings\admin\Plocha\hry\Chess\Babylon\Utils\BabylonIEPI.dll/Action.htm File not found
O4 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004..\Run: [FlashGet 3] "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Farej Zmrdee\FlashGet\FlashGet3.exe" -minimize File not found
O4 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk File not found
O4 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe File not found
O4 - Startup: C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\winword.exe.lnk = C:\WINDOWS\system32\winword.exe ()
O4 - HKLM..\Run: [WinampAgent] "C:\Documents and Settings\admin\Plocha\plocha\KURVA programy\Winamp\winampa.exe" File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
[2011.11.18 23:45:22 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2010.11.22 23:17:55 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com
[2011.04.30 07:55:51 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com
[2011.11.12 18:03:37 | 000,002,071 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\absearch-search.xml
[2011.04.30 07:55:51 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\conduit.xml
[2011.09.03 14:37:14 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\daemon-search.xml
[2012.02.04 23:57:05 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\icqplugin.xml
[2010.06.19 18:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.11.20 16:25:36 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\SJBKXM8M.DEFAULT\EXTENSIONS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\SJBKXM8M.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\SJBKXM8M.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Engine Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Conduit Engine Customized Web Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.0.8
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q="
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1214440339-1715567821-839522115-1004\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\System32\ezsidmv.dat
C:\Documents and Settings\All Users\Data aplikací\.zreglib
C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\winword.exe.lnk
C:\WINDOWS\system32\winword.exe

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

Tak tady to je

Můžu zase až ode dneška

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
ADS C:\WINDOWS:807B1A1C3F745A6E deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??????\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\FlashGet 3 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\PCSpeedUp deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\winword.exe.lnk moved successfully.
C:\WINDOWS\system32\winword.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
C:\Program Files\uTorrentBar\prxtbuTo0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\lib folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\DTToolbar@toolbarnet.com folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\extensions\engine@conduit.com folder moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\absearch-search.xml moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\sjbkxm8m.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Conduit Engine Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Conduit Engine Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.suggest.enabled
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
Prefs.js: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.8.0.8 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.as ... =CTXXXX&q=" removed from keyword.URL
HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Prev Search Bar| /E : value set successfully!
HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1214440339-1715567821-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1214440339-1715567821-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\prxtbuTo0.dll not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002554_.tmp moved successfully.
C:\WINDOWS\SET21.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP479.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4AC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP590.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5BC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP633.tmp folder moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0efb45fe14af60fce7fe141ae9ac7cc6\BITA0.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\111513dc05eb541ecc5e6b3b1828572b\BITA6.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\BITA2.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\BIT9F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\223e6cde91414cad15831d3a5cc70b1d\BIT8F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\30ac3e25776f287599e730665baf9314\BIT9C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\30cb72b4ab2bd16fe5d66a6057575ed5\BIT8E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\3a4fa5ca80783b1912fee853479c93c4\BITA3.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\456612c385c62114653e29e2afaf3676\download\BIT27.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\4714635eedfab2ea52e0ae109642cf08\BITA7.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\4a6ebf52efbec44d28d5c0135c216a55\download\BIT107.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\4dc29e9a3768c22e70939411aaaf7904\BIT7F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\508483484f3a183df6329500a0689df5\BIT9E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\6c7772a7f05dc62ffb377eb4a4fec463\BIT89.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\741de8ed746d624fbf64b4b2dfcc6b20\BITA5.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\749a50d8acbc46b72e35cabcff87e207\download\BIT22.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\788d673cc322641f5c1c9773c10767be\download\BIT180.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\BIT9D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\8573f895b9caebec15a2846b147c4acc\download\BIT108.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\94cb1155beed812ad7f0048d578b46e3\download\BIT198.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b14be4879cf03ecc842df75c5899d675\BITA1.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\BIT79.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\d2e1f16f5be8fded7ed4631ce3e9160d\BITA9.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\daf6462a9e66fc383a4d4a0ae0f63852\BIT80.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e1d56846412df84708a3244922d10045\BITA4.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\e2a232d55639014e09b06bb202e33806\BIT84.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\fd674b0793556498419dc6d88ead9cda\download\BITAD.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\fe61c629c8f74ff0b36cb17d266219b9\BIT82.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\.zreglib moved successfully.
File\Folder C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\winword.exe.lnk not found.
File\Folder C:\WINDOWS\system32\winword.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 1095009154 bytes
->Temporary Internet Files folder emptied: 82319737 bytes
->Java cache emptied: 19508879 bytes
->FireFox cache emptied: 102677386 bytes
->Opera cache emptied: 6342532 bytes
->Flash cache emptied: 167113 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 194285 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28591210 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 26409052 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 298,00 mb

[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 02102012_133839

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

VIRY.CZ

Problém s Load! 0.48.13

Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13

Re: Problém s Load! 0.48.13