kontrola logu

[kyky66]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jitka at 2010-11-23 21:22:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 79 GB (53%) free of 150 GB
Total RAM: 3327 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:22:27, on 23.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
E:\Program Files\klávesnice\SetPoint\SetPoint.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
E:\Program Files\mozilla\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
E:\icq\ICQ6.5\ICQ.exe
C:\Documents and Settings\Jitka\Plocha\HijackThis\RSIT-lepsi.exe
C:\Program Files\trend micro\Jitka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = E:\OFFICESXP\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\icq\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\icq\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca2fcd12ac4984) (gupdate1ca2fcd12ac4984) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBService - Unknown owner - E:\Program Files\Invisible Browsing\servers\IBService.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10973 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2004-05-12 744960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-24 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-24 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-24 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-07-09 13533184]
"OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
"QuickTime Task"=E:\QuickTime\qttask.exe [2009-05-26 413696]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-09-07 198160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"nwiz"=nwiz.exe /install []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-13 39408]
"OEXPRESS"= []
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
E:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpSharkk]
E:\IpSharkk\IpSharkk.exe /auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - E:\Program Files\klávesnice\SetPoint\SetPoint.exe
Microsoft Office.lnk - E:\OFFICESXP\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"F:\assassin\AssassinsCreed_Dx9.exe"="F:\assassin\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"F:\assassin\AssassinsCreed_Dx10.exe"="F:\assassin\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"F:\assassin\AssassinsCreed_Launcher.exe"="F:\assassin\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"F:\Empire Earth\Empire Earth.exe"="F:\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Documents and Settings\Jitka\Local Settings\Temp\Rar$EX00.891\StrongDC.exe"="C:\Documents and Settings\Jitka\Local Settings\Temp\Rar$EX00.891\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"E:\Program Files\Electronic Arts\EADM\Core.exe"="E:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"E:\Documents and Settings\Jitka\Dokumenty\uTorrent.exe"="E:\Documents and Settings\Jitka\Dokumenty\uTorrent.exe:*:Enabled:µTorrent"
"F:\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe"="F:\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"F:\Heroes of Might and Magic V Collector Edition\bin\H5_Game.exe"="F:\Heroes of Might and Magic V Collector Edition\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"E:\Hamachi\hamachi.exe"="E:\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"E:\IpSharkk\IpSharkk.exe"="E:\IpSharkk\IpSharkk.exe:*:Enabled:IpSharkk"
"E:\icq\ICQ6.5\ICQ.exe"="E:\icq\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\TmNationsForever\TmForever.exe"="F:\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"F:\TrackMania United\TmUnited.exe"="F:\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"F:\Sacred\Sacred.exe"="F:\Sacred\Sacred.exe:*:Enabled:Sacred"
"F:\Sacred 2\system\s2gs.exe"="F:\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"F:\Sacred 2\system\sacred2.exe"="F:\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-11-23 19:04:18 ----D---- C:\rsit
2010-11-23 19:04:18 ----D---- C:\Program Files\trend micro
2010-11-22 18:08:16 ----D---- C:\WINDOWS\SxsCaPendDel
2010-10-27 23:23:15 ----A---- C:\WINDOWS\xobglu32.dll
2010-10-27 23:23:15 ----A---- C:\WINDOWS\xobglu16.dll
2010-10-27 17:04:54 ----D---- C:\Program Files\uTorrent
2010-10-24 20:01:29 ----D---- C:\Documents and Settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers
2010-10-24 20:01:20 ----D---- C:\Program Files\DVDVideoSoft
2010-10-24 20:01:20 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-10-24 15:19:54 ----D---- C:\Documents and Settings\Jitka\Data aplikací\PSpad
2010-10-24 15:19:50 ----D---- C:\Program Files\PSPad editor

======List of files/folders modified in the last 1 months======

2010-11-23 19:08:36 ----D---- C:\WINDOWS\Temp
2010-11-23 19:04:18 ----D---- C:\Program Files
2010-11-23 18:58:00 ----D---- C:\WINDOWS\system32
2010-11-23 18:58:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-22 23:54:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-22 20:37:21 ----AD---- C:\WINDOWS
2010-11-22 19:08:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-22 18:08:17 ----D---- C:\Program Files\Common Files
2010-11-22 18:08:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-11-22 18:08:16 ----SHD---- C:\WINDOWS\Installer
2010-11-22 18:07:58 ----HD---- C:\Config.Msi
2010-11-22 18:07:54 ----D---- C:\Program Files\DivX
2010-11-22 18:06:50 ----D---- C:\WINDOWS\system32\drivers
2010-11-22 18:06:38 ----D---- C:\WINDOWS\Prefetch
2010-11-19 15:51:37 ----D---- C:\Documents and Settings\Jitka\Data aplikací\Skype
2010-11-19 15:34:26 ----D---- C:\Documents and Settings\Jitka\Data aplikací\skypePM
2010-11-18 22:20:39 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-14 17:41:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-13 17:10:22 ----D---- C:\Xilinx92i
2010-10-27 22:10:56 ----D---- C:\The Sims 3 Povolání snů
2010-10-27 18:48:20 ----D---- C:\Documents and Settings\Jitka\Data aplikací\uTorrent
2010-10-24 21:30:52 ----D---- C:\Documents and Settings\Jitka\Data aplikací\ICQ
2010-10-24 20:23:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-02-28 114048]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-02-27 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-08-05 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-08-05 41936]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 XilinxPC4Driver;XilinxPC4Driver; C:\WINDOWS\System32\drivers\XPC4DRVR.SYS [2007-05-18 16000]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-13 4754944]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-06-25 36864]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-01-23 62992]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-01-23 78864]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-07-09 6011808]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 100496]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 111312]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2008-07-03 193696]
S3 abm432mz;abm432mz; C:\WINDOWS\system32\drivers\abm432mz.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Jitka\LOCALS~1\Temp\catchme.sys []
S3 dmodusb;dmodusb; C:\WINDOWS\system32\DRIVERS\dmodusb.sys [2009-05-11 26240]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-25 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2009-04-13 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2009-04-13 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2009-04-13 94064]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2009-04-13 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2009-04-13 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2009-04-13 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2009-04-13 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2009-04-13 79488]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 XilinxFirmwareEmbeddedLoader;XilinxFirmwareEmbeddedLoader; C:\WINDOWS\System32\Drivers\xusb_xup.sys [2007-05-18 17408]
S3 XilinxFirmwareEmbeddedLpLoader;XilinxFirmwareEmbeddedLpLoader; C:\WINDOWS\System32\Drivers\xusb_emb.sys [2007-05-18 17408]
S3 XilinxFirmwareLoader;XilinxFirmwareLoader; C:\WINDOWS\System32\Drivers\xusbdfwu.sys [2007-05-18 17280]
S3 XilinxFirmwareLpLoader;XilinxFirmwareLpLoader; C:\WINDOWS\System32\Drivers\xusb_xlp.sys [2007-05-18 17280]
S3 XilinxFirmwareXpressLoader;XilinxFirmwareXpressLoader; C:\WINDOWS\System32\Drivers\xusb_xpr.sys [2007-05-18 16768]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-09 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-07-09 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca2fcd12ac4984;Služba Google Update (gupdate1ca2fcd12ac4984); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-07 133104]
S2 IBService;IBService; E:\Program Files\Invisible Browsing\servers\IBService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-05 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-31 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]

-----------------EOF-----------------

[kyky66]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jitka at 2010-11-23 21:22:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 79 GB (53%) free of 150 GB
Total RAM: 3327 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:22:27, on 23.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
E:\Program Files\klávesnice\SetPoint\SetPoint.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
E:\Program Files\mozilla\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
E:\icq\ICQ6.5\ICQ.exe
C:\Documents and Settings\Jitka\Plocha\HijackThis\RSIT-lepsi.exe
C:\Program Files\trend micro\Jitka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = E:\OFFICESXP\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\icq\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\icq\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca2fcd12ac4984) (gupdate1ca2fcd12ac4984) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBService - Unknown owner - E:\Program Files\Invisible Browsing\servers\IBService.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10973 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2004-05-12 744960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-24 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-24 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-24 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-07-09 13533184]
"OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
"QuickTime Task"=E:\QuickTime\qttask.exe [2009-05-26 413696]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-09-07 198160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"nwiz"=nwiz.exe /install []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-13 39408]
"OEXPRESS"= []
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
E:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpSharkk]
E:\IpSharkk\IpSharkk.exe /auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - E:\Program Files\klávesnice\SetPoint\SetPoint.exe
Microsoft Office.lnk - E:\OFFICESXP\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"F:\assassin\AssassinsCreed_Dx9.exe"="F:\assassin\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"F:\assassin\AssassinsCreed_Dx10.exe"="F:\assassin\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"F:\assassin\AssassinsCreed_Launcher.exe"="F:\assassin\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"F:\Empire Earth\Empire Earth.exe"="F:\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Documents and Settings\Jitka\Local Settings\Temp\Rar$EX00.891\StrongDC.exe"="C:\Documents and Settings\Jitka\Local Settings\Temp\Rar$EX00.891\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"E:\Program Files\Electronic Arts\EADM\Core.exe"="E:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"E:\Documents and Settings\Jitka\Dokumenty\uTorrent.exe"="E:\Documents and Settings\Jitka\Dokumenty\uTorrent.exe:*:Enabled:µTorrent"
"F:\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe"="F:\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"F:\Heroes of Might and Magic V Collector Edition\bin\H5_Game.exe"="F:\Heroes of Might and Magic V Collector Edition\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"E:\Hamachi\hamachi.exe"="E:\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"E:\IpSharkk\IpSharkk.exe"="E:\IpSharkk\IpSharkk.exe:*:Enabled:IpSharkk"
"E:\icq\ICQ6.5\ICQ.exe"="E:\icq\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\TmNationsForever\TmForever.exe"="F:\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"F:\TrackMania United\TmUnited.exe"="F:\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"F:\Sacred\Sacred.exe"="F:\Sacred\Sacred.exe:*:Enabled:Sacred"
"F:\Sacred 2\system\s2gs.exe"="F:\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"F:\Sacred 2\system\sacred2.exe"="F:\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-11-23 19:04:18 ----D---- C:\rsit
2010-11-23 19:04:18 ----D---- C:\Program Files\trend micro
2010-11-22 18:08:16 ----D---- C:\WINDOWS\SxsCaPendDel
2010-10-27 23:23:15 ----A---- C:\WINDOWS\xobglu32.dll
2010-10-27 23:23:15 ----A---- C:\WINDOWS\xobglu16.dll
2010-10-27 17:04:54 ----D---- C:\Program Files\uTorrent
2010-10-24 20:01:29 ----D---- C:\Documents and Settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers
2010-10-24 20:01:20 ----D---- C:\Program Files\DVDVideoSoft
2010-10-24 20:01:20 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-10-24 15:19:54 ----D---- C:\Documents and Settings\Jitka\Data aplikací\PSpad
2010-10-24 15:19:50 ----D---- C:\Program Files\PSPad editor

======List of files/folders modified in the last 1 months======

2010-11-23 19:08:36 ----D---- C:\WINDOWS\Temp
2010-11-23 19:04:18 ----D---- C:\Program Files
2010-11-23 18:58:00 ----D---- C:\WINDOWS\system32
2010-11-23 18:58:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-22 23:54:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-22 20:37:21 ----AD---- C:\WINDOWS
2010-11-22 19:08:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-22 18:08:17 ----D---- C:\Program Files\Common Files
2010-11-22 18:08:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-11-22 18:08:16 ----SHD---- C:\WINDOWS\Installer
2010-11-22 18:07:58 ----HD---- C:\Config.Msi
2010-11-22 18:07:54 ----D---- C:\Program Files\DivX
2010-11-22 18:06:50 ----D---- C:\WINDOWS\system32\drivers
2010-11-22 18:06:38 ----D---- C:\WINDOWS\Prefetch
2010-11-19 15:51:37 ----D---- C:\Documents and Settings\Jitka\Data aplikací\Skype
2010-11-19 15:34:26 ----D---- C:\Documents and Settings\Jitka\Data aplikací\skypePM
2010-11-18 22:20:39 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-14 17:41:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-13 17:10:22 ----D---- C:\Xilinx92i
2010-10-27 22:10:56 ----D---- C:\The Sims 3 Povolání snů
2010-10-27 18:48:20 ----D---- C:\Documents and Settings\Jitka\Data aplikací\uTorrent
2010-10-24 21:30:52 ----D---- C:\Documents and Settings\Jitka\Data aplikací\ICQ
2010-10-24 20:23:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-02-28 114048]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-02-27 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-08-05 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-08-05 41936]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 XilinxPC4Driver;XilinxPC4Driver; C:\WINDOWS\System32\drivers\XPC4DRVR.SYS [2007-05-18 16000]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-13 4754944]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-06-25 36864]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-01-23 62992]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-01-23 78864]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-07-09 6011808]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 100496]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 111312]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2008-07-03 193696]
S3 abm432mz;abm432mz; C:\WINDOWS\system32\drivers\abm432mz.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Jitka\LOCALS~1\Temp\catchme.sys []
S3 dmodusb;dmodusb; C:\WINDOWS\system32\DRIVERS\dmodusb.sys [2009-05-11 26240]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-25 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\k510bus.sys [2009-04-13 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2009-04-13 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2009-04-13 94064]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2009-04-13 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2009-04-13 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2009-04-13 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2009-04-13 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2009-04-13 79488]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 XilinxFirmwareEmbeddedLoader;XilinxFirmwareEmbeddedLoader; C:\WINDOWS\System32\Drivers\xusb_xup.sys [2007-05-18 17408]
S3 XilinxFirmwareEmbeddedLpLoader;XilinxFirmwareEmbeddedLpLoader; C:\WINDOWS\System32\Drivers\xusb_emb.sys [2007-05-18 17408]
S3 XilinxFirmwareLoader;XilinxFirmwareLoader; C:\WINDOWS\System32\Drivers\xusbdfwu.sys [2007-05-18 17280]
S3 XilinxFirmwareLpLoader;XilinxFirmwareLpLoader; C:\WINDOWS\System32\Drivers\xusb_xlp.sys [2007-05-18 17280]
S3 XilinxFirmwareXpressLoader;XilinxFirmwareXpressLoader; C:\WINDOWS\System32\Drivers\xusb_xpr.sys [2007-05-18 16768]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-09 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-07-09 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca2fcd12ac4984;Služba Google Update (gupdate1ca2fcd12ac4984); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-07 133104]
S2 IBService;IBService; E:\Program Files\Invisible Browsing\servers\IBService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-05 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-31 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]

-----------------EOF-----------------

[motji]

Hezké dopoledne

Jaké máte problémy s počítačem?

[kyky66]

Dobry den,
tak chtela jsem zkontrolovat log a jinak mi celkem blbne mechanika kdyz chci aby vyjela tak ji zmacknu a nekdy sama odsebe vyjede a zajede nekdy aniz bych mackala tlacitko tak vyjede ... nekdy zase nejde zajet

[motji]

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[kyky66]

OTL1
OTL logfile created on: 24.11.2010 17:11:36 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Jitka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,05 Gb Total Space | 77,22 Gb Free Space | 52,87% Space Free | Partition Type: NTFS
Drive E: | 100,11 Gb Total Space | 92,73 Gb Free Space | 92,63% Space Free | Partition Type: NTFS
Drive F: | 150,01 Gb Total Space | 14,94 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
Drive G: | 200,01 Gb Total Space | 123,62 Gb Free Space | 61,81% Space Free | Partition Type: NTFS

Computer Name: WINXP | User Name: Jitka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.24 17:10:50 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jitka\Plocha\OTL.exe
PRC - [2010.06.28 21:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.06.28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.01.09 16:50:29 | 000,908,248 | ---- | M] (Mozilla Corporation) -- E:\Program Files\mozilla\firefox.exe
PRC - [2009.09.13 15:39:12 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.09.07 16:09:07 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.12.29 11:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.10.19 13:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.30 02:52:06 | 000,688,128 | ---- | M] (Logitech Inc.) -- E:\Program Files\klávesnice\SetPoint\SetPoint.exe
PRC - [2007.01.23 16:44:00 | 000,101,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.exe
PRC - [2006.11.13 12:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006.11.13 12:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2003.05.08 11:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe


========== Modules (SafeList) ==========

MOD - [2010.11.24 17:10:50 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jitka\Plocha\OTL.exe
MOD - [2008.07.25 12:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008.07.25 12:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2007.01.30 02:47:46 | 000,044,544 | ---- | M] (Logitech Inc.) -- E:\Program Files\klávesnice\SetPoint\lgscroll.dll
MOD - [2003.05.08 11:00:46 | 000,159,744 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE2.0\OpHookSE2.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- E:\Program Files\Invisible Browsing\servers\IBService.exe -- (IBService)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.06.28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.06.28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.06.28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.03.05 21:09:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.10.19 13:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2005.11.14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Jitka\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.08.05 13:08:04 | 000,111,312 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2010.08.05 13:08:04 | 000,100,496 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010.08.05 13:08:04 | 000,041,936 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2010.08.05 13:08:02 | 000,143,184 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2010.06.28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.06.28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.06.28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.06.28 21:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.06.28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.28 21:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.06.25 17:49:55 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.05.11 22:49:02 | 000,026,240 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmodusb.sys -- (dmodusb)
DRV - [2009.04.13 10:58:25 | 000,094,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2009.04.13 10:58:25 | 000,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2009.04.13 10:58:25 | 000,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2009.04.13 10:58:25 | 000,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2009.04.13 10:58:25 | 000,058,288 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM)
DRV - [2009.04.13 10:58:25 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2009.04.13 10:58:25 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2009.04.13 10:58:25 | 000,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2009.02.28 12:15:48 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009.02.27 18:32:59 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.07.09 12:02:00 | 006,011,808 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.07.03 18:59:54 | 000,193,696 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008.06.25 17:47:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.06.13 10:11:16 | 004,754,944 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.05.18 22:12:12 | 000,017,408 | ---- | M] (Xilinx, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb_emb.sys -- (XilinxFirmwareEmbeddedLpLoader)
DRV - [2007.05.18 22:12:12 | 000,017,408 | ---- | M] (Xilinx, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb_xup.sys -- (XilinxFirmwareEmbeddedLoader)
DRV - [2007.05.18 22:12:12 | 000,017,280 | ---- | M] (Xilinx, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb_xlp.sys -- (XilinxFirmwareLpLoader)
DRV - [2007.05.18 22:12:12 | 000,017,280 | ---- | M] (Xilinx, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusbdfwu.sys -- (XilinxFirmwareLoader)
DRV - [2007.05.18 22:12:12 | 000,016,768 | ---- | M] (Xilinx, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\xusb_xpr.sys -- (XilinxFirmwareXpressLoader)
DRV - [2007.05.18 22:12:12 | 000,016,000 | ---- | M] (Xilinx, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XPC4DRVR.SYS -- (XilinxPC4Driver)
DRV - [2007.01.23 16:45:00 | 000,078,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007.01.23 16:44:00 | 000,062,992 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007.01.23 16:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2006.09.18 13:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.09.18 13:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.09.18 13:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.09.18 13:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.09.18 13:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.09.18 13:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.09.18 13:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.08.09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://verysafesearch.com/search.php?clid=486&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://centrum.cz"
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.22
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {63414328-3ab4-2c84-6c41-5a473c4b2ff7}:1.0
FF - prefs.js..extensions.enabledItems: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "http://verysafesearch.com/search.php?clid=486&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: E:\Program Files\mozilla\components [2010.10.25 13:13:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: E:\Program Files\mozilla\plugins [2010.10.23 18:04:05 | 000,000,000 | ---D | M]

[2009.05.09 13:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Extensions
[2010.11.24 17:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions
[2009.12.04 16:02:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.22 14:14:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010.10.19 16:56:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010.01.11 18:58:07 | 000,000,000 | ---D | M] (FBFan) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2010.06.05 14:19:51 | 000,000,000 | ---D | M] (QAssistant) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
[2010.03.21 13:18:08 | 000,000,000 | ---D | M] (U Flv) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
[2009.07.19 13:00:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.24 20:01:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.12 13:50:20 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009.09.14 16:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\illimitux@illimitux.net
[2010.11.23 19:04:25 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin-1.xml
[2009.08.05 12:30:50 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin-2.xml
[2009.09.12 11:24:33 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin-3.xml
[2009.10.29 11:34:53 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin-4.xml
[2009.11.07 09:21:06 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin-5.xml
[2009.12.18 09:34:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin-6.xml
[2010.01.09 16:50:44 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin-7.xml
[2008.03.31 08:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin.gif
[2008.03.31 08:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin.src
[2009.03.18 14:02:42 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\icqplugin.xml
[2010.01.21 22:04:04 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\searchplugins\web-search.xml

O1 HOSTS File: ([2010.07.06 20:20:29 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = E:\Program Files\klávesnice\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = E:\OFFICESXP\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-2111687655-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\icq\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\icq\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jitka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jitka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.28 00:48:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a54c8f7c-87f6-11de-a88c-002215ed7d8a}\Shell\AutoRun\command - "" = H:\.\EncryptionTool\MaxtorEncryption.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\Iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\Iyvu9_32.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308550258917376)

========== Files/Folders - Created Within 30 Days ==========

[2010.11.24 17:10:45 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jitka\Plocha\OTL.exe
[2010.11.23 19:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.23 19:04:18 | 000,000,000 | ---D | C] -- C:\rsit
[2010.11.22 18:46:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jitka\Recent
[2010.11.22 18:08:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010.11.21 16:50:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jitka\Plocha\Stužkovák 19. 11
[2010.11.21 16:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jitka\Plocha\Stužkovací večírek E4.B
[2010.11.14 20:03:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jitka\Plocha\Nová složka (5)
[2010.11.14 19:25:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jitka\Plocha\zaměstnání
[2010.11.09 16:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jitka\Plocha\vampire diaries
[2010.10.28 17:07:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jitka\Dokumenty\Electronic Arts
[2010.10.27 17:04:54 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.01.11 19:13:04 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jitka\Data aplikací\pcouffin.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[24 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Jitka\Dokumenty\*.tmp files -> C:\Documents and Settings\Jitka\Dokumenty\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.24 17:12:58 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.11.24 17:12:58 | 000,431,648 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.11.24 17:12:58 | 000,078,694 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.11.24 17:12:58 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.24 17:10:50 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jitka\Plocha\OTL.exe
[2010.11.24 17:09:06 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.11.24 17:08:38 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.24 17:08:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.23 21:42:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.22 18:30:46 | 069,631,554 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\Werich a Voskovec- Caesar.zip
[2010.11.22 17:33:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.21 16:47:58 | 129,306,012 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\E4.B Stužkovák 19. 11.rar
[2010.11.21 16:25:24 | 065,830,846 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\Stužkovací večírek E4.B(2).rar
[2010.11.18 22:21:03 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Jitka\default.pls
[2010.11.18 22:20:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.15 20:12:43 | 000,095,744 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\knížky.doc
[2010.11.15 17:35:04 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Jitka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.12 20:52:29 | 346,218,408 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\The.Vampire.Diaries.S02E09.HDTV.XviD-2HD.avi.part
[2010.11.03 16:24:38 | 006,979,028 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\Odborné.rar
[2010.11.01 21:27:56 | 000,231,707 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\elektropojekta.JPG
[2010.10.30 19:06:52 | 001,249,129 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\Bez názvu 1.jpg
[2010.10.28 19:48:59 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\Zástupce - TS3EP03.lnk
[2010.10.28 19:46:37 | 1047,527,424 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part2.rar
[2010.10.28 19:00:26 | 1047,527,424 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part4.rar
[2010.10.28 18:34:54 | 1047,527,424 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part3.rar
[2010.10.28 18:29:54 | 1047,527,424 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part1.rar
[2010.10.28 18:04:36 | 781,828,581 | ---- | M] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part5.rar
[2010.10.27 23:23:15 | 000,063,488 | ---- | M] () -- C:\WINDOWS\xobglu16.dll
[2010.10.27 23:23:15 | 000,023,552 | ---- | M] () -- C:\WINDOWS\xobglu32.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[24 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Jitka\Dokumenty\*.tmp files -> C:\Documents and Settings\Jitka\Dokumenty\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.22 18:04:26 | 069,631,554 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\Werich a Voskovec- Caesar.zip
[2010.11.21 16:20:09 | 065,830,846 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\Stužkovací večírek E4.B(2).rar
[2010.11.21 15:35:00 | 129,306,012 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\E4.B Stužkovák 19. 11.rar
[2010.11.15 18:55:52 | 000,095,744 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\knížky.doc
[2010.11.12 17:26:07 | 346,218,408 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\The.Vampire.Diaries.S02E09.HDTV.XviD-2HD.avi.part
[2010.11.03 16:24:17 | 006,979,028 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\Odborné.rar
[2010.11.01 21:27:56 | 000,231,707 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\elektropojekta.JPG
[2010.10.30 19:05:18 | 001,249,129 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\Bez názvu 1.jpg
[2010.10.28 19:48:59 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\Zástupce - TS3EP03.lnk
[2010.10.28 16:01:24 | 781,828,581 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part5.rar
[2010.10.28 16:00:59 | 1047,527,424 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part4.rar
[2010.10.28 16:00:35 | 1047,527,424 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part3.rar
[2010.10.28 16:00:09 | 1047,527,424 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part2.rar
[2010.10.28 15:59:23 | 1047,527,424 | ---- | C] () -- C:\Documents and Settings\Jitka\Plocha\the-sims-3-ambitions-vitality-part1.rar
[2010.10.27 23:23:15 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2010.10.27 23:23:15 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2010.06.08 18:28:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Data aplikací\$_hpcst$.hpc
[2010.05.23 16:12:02 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jitka\Data aplikací\$_hpcst$.hpc
[2010.05.14 19:32:47 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.14 19:32:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.04.22 13:26:56 | 000,191,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.02.27 20:08:51 | 000,004,994 | ---- | C] () -- C:\WINDOWS\MC9demo.INI
[2010.02.05 06:56:06 | 000,000,112 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.01.11 19:13:05 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\Jitka\Data aplikací\pcouffin.log
[2010.01.11 19:13:04 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Jitka\Data aplikací\inst.exe
[2010.01.11 19:13:04 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jitka\Data aplikací\pcouffin.cat
[2010.01.11 19:13:04 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jitka\Data aplikací\pcouffin.inf
[2009.10.06 16:29:40 | 000,176,640 | ---- | C] () -- C:\WINDOWS\System32\c5uninst.dll
[2009.10.06 16:29:40 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\IDUNINST.DLL
[2009.10.04 18:41:17 | 000,002,238 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.09.30 18:40:20 | 000,290,904 | ---- | C] () -- C:\WINDOWS\System32\vc6-re200l.dll
[2009.09.02 15:32:57 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2009.07.31 15:28:53 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.06.14 14:12:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6f.DLL
[2009.06.14 14:06:20 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009.06.09 20:20:33 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.04.05 08:54:13 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009.04.05 08:54:13 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009.04.05 08:54:13 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009.04.05 08:53:23 | 000,000,204 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009.03.29 13:29:11 | 000,000,163 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2009.03.20 16:25:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.03.17 21:42:44 | 000,000,126 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2009.03.16 16:52:37 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009.03.13 18:12:16 | 000,000,068 | ---- | C] () -- C:\WINDOWS\MyProg.ini
[2009.02.28 16:57:30 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2009.02.28 02:16:40 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Jitka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.28 02:01:34 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009.02.28 02:01:34 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009.02.28 02:01:30 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009.02.28 02:01:30 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009.02.28 01:43:36 | 000,032,759 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.02.28 01:32:34 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.02.28 01:32:18 | 000,032,367 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.02.28 01:32:18 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.02.28 00:43:00 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.02.27 22:13:14 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.02.27 18:32:58 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.07.09 12:02:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.07.09 12:02:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.07.09 12:02:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.07.09 12:02:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.07.09 12:02:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002.10.15 23:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002.05.13 10:16:19 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[1996.02.01 16:25:42 | 000,943,616 | ---- | C] () -- C:\WINDOWS\System32\dfolder.dll

[kyky66]

OTL2
========== LOP Check ==========

[2009.08.13 16:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\2DBoy
[2009.02.28 12:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2009.03.29 13:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
[2010.07.06 18:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2009.03.05 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2009.02.27 18:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.24 12:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2009.07.19 12:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.04.19 18:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2009.03.30 18:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Meridian93
[2010.09.11 12:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.06.14 14:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2009.06.14 14:06:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanWizard
[2009.04.13 11:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.10.24 20:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2009.05.31 15:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.04.02 16:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.05.31 15:01:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.04.25 11:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Alawar
[2010.08.05 12:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\AnvSoft
[2009.04.07 17:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Artogon
[2009.05.08 14:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Ashampoo
[2009.10.29 20:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Auslogics
[2010.09.05 11:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\avidemux
[2009.03.30 17:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Bioshock
[2009.03.04 21:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Canneverbe_Limited
[2009.09.30 15:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Canon
[2009.02.28 19:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\COWON
[2009.02.27 18:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DAEMON Tools
[2009.02.27 18:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DAEMON Tools Lite
[2009.02.27 18:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DAEMON Tools Pro
[2009.11.12 18:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DataCast
[2009.12.07 18:30:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Dev-Cpp
[2010.10.24 20:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers
[2010.08.01 15:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\EleFun Games
[2009.04.08 18:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\FashionCrazeChech
[2009.03.16 20:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\GetRightToGo
[2009.12.17 18:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\GHISLER
[2009.03.13 18:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Hide IP NG
[2009.07.15 19:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\HideIP
[2010.10.24 21:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\ICQ
[2010.04.19 18:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\LangSoft
[2009.06.14 14:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\ScanSoft
[2009.06.15 15:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\SprillBermudeChech
[2010.07.28 19:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Synthesia
[2009.04.13 11:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Teleca
[2009.02.27 21:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Thinstall
[2009.05.31 15:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\TuneUp Software
[2009.04.02 16:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Ubisoft
[2010.09.05 14:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\URSE Games
[2010.10.27 18:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\uTorrent
[2009.08.13 14:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\VitySoft
[2010.01.11 19:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Vso
[2009.05.02 17:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Xilinx
[2009.04.21 13:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Alawar
[2009.03.17 20:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Ashampoo
[2009.03.09 15:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\COWON
[2009.06.13 15:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\SprillBermudeChech
[2009.04.13 10:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Teleca
[2009.07.19 19:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinka\Data aplikací\COWON
[2009.12.07 06:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinka\Data aplikací\Dev-Cpp
[2009.08.25 17:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinka\Data aplikací\ICQ
[2010.09.11 12:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinka\Data aplikací\ScanSoft
[2009.10.02 06:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinka\Data aplikací\Teleca

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.12.29 11:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007.08.03 13:51:06 | 000,202,024 | ---- | M] (Nero AG)
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.09.13 15:39:12 | 000,039,408 | ---- | M] (Google Inc.)
"OEXPRESS" =
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 12:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[24 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.01.26 20:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Adobe
[2009.04.25 11:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Alawar
[2010.08.05 12:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\AnvSoft
[2009.07.18 11:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Apple Computer
[2009.04.07 17:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Artogon
[2009.05.08 14:37:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Ashampoo
[2009.10.29 20:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Auslogics
[2010.09.05 11:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\avidemux
[2009.03.30 17:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Bioshock
[2009.03.04 21:19:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Canneverbe_Limited
[2009.09.30 15:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Canon
[2009.02.28 19:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\COWON
[2009.02.27 18:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DAEMON Tools
[2009.02.27 18:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DAEMON Tools Lite
[2009.02.27 18:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DAEMON Tools Pro
[2009.11.12 18:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DataCast
[2009.12.07 18:30:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Dev-Cpp
[2010.09.05 11:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DivX
[2010.08.05 13:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\dvdcss
[2010.10.24 20:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers
[2010.08.01 15:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\EleFun Games
[2010.08.31 09:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\ESTsoft
[2009.04.08 18:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\FashionCrazeChech
[2009.03.16 20:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\GetRightToGo
[2009.12.17 18:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\GHISLER
[2009.10.02 13:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Google
[2009.09.07 19:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Hamachi
[2009.03.20 17:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Help
[2009.03.13 18:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Hide IP NG
[2009.07.15 19:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\HideIP
[2009.10.21 16:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\HP
[2010.03.21 13:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\HPAppData
[2010.10.24 21:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\ICQ
[2009.02.28 00:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Identities
[2009.03.09 10:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\InstallShield
[2010.04.19 18:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\LangSoft
[2009.03.05 19:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Logitech
[2009.03.22 10:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Macromedia
[2010.09.08 17:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Malwarebytes
[2010.05.23 16:12:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jitka\Data aplikací\Microsoft
[2009.05.09 13:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Mozilla
[2009.03.19 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Nero
[2010.10.24 15:56:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\PSpad
[2010.03.04 16:05:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Real
[2009.06.14 14:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\ScanSoft
[2010.05.08 19:01:09 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jitka\Data aplikací\SecuROM
[2010.11.19 15:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Skype
[2010.11.19 15:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\skypePM
[2009.04.13 11:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Sony Ericsson
[2009.06.15 15:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\SprillBermudeChech
[2009.05.09 14:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Sun
[2009.02.28 01:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Symantec
[2010.07.28 19:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Synthesia
[2009.05.06 20:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\teamspeak2
[2009.04.13 11:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Teleca
[2009.02.27 21:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Thinstall
[2009.05.31 15:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\TuneUp Software
[2009.04.02 16:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Ubisoft
[2010.09.05 14:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\URSE Games
[2010.10.27 18:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\uTorrent
[2009.08.13 14:58:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\VitySoft
[2010.01.11 19:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Vso
[2009.02.27 22:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\WinRAR
[2009.05.02 17:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jitka\Data aplikací\Xilinx

< %APPDATA%\*.exe /s >
[2010.01.11 19:13:04 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\inst.exe
[2009.08.07 19:33:57 | 000,011,264 | R--- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD91693.exe
[2009.08.07 19:33:57 | 000,018,944 | R--- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Microsoft\Installer\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}\Icon7BD916931.exe
[2009.03.05 20:13:51 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
[2009.03.05 20:13:07 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Microsoft\Installer\{C89C8D86-4423-4A58-AA40-DD259ACE07C1}\ARPPRODUCTICON.exe
[2009.05.19 20:53:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Jitka\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.06.25 12:37:34 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Jitka\Data aplikací\Real\Update\setup3.10\setup.exe


< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 12:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2005.03.14 02:55:08 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=0E66B538096A6529D1AC66E78EB0D5C8 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2005.03.14 02:17:17 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=6129E70F3D2F1E60860C930EBEAF92C2 -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.02.27 18:32:59 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.02.28 00:39:53 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.02.28 00:39:53 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.02.28 00:39:53 | 000,487,424 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.11.24 17:09:06 | 000,000,104 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.11.24 17:12:58 | 000,078,694 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.11.24 17:12:58 | 000,068,156 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.11.24 17:12:58 | 000,431,648 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.11.24 17:12:58 | 000,435,260 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.11.24 17:12:58 | 001,028,188 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.11.22 17:33:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

[kyky66]

OTL Extras logfile created on: 24.11.2010 17:11:36 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Jitka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,05 Gb Total Space | 77,22 Gb Free Space | 52,87% Space Free | Partition Type: NTFS
Drive E: | 100,11 Gb Total Space | 92,73 Gb Free Space | 92,63% Space Free | Partition Type: NTFS
Drive F: | 150,01 Gb Total Space | 14,94 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
Drive G: | 200,01 Gb Total Space | 123,62 Gb Free Space | 61,81% Space Free | Partition Type: NTFS

Computer Name: WINXP | User Name: Jitka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1454471165-2111687655-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Program Files\mozilla\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "E:\OFFICESXP\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\OFFICESXP\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\Program Files\QIP\qip.exe" = E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"F:\assassin\AssassinsCreed_Dx9.exe" = F:\assassin\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"F:\assassin\AssassinsCreed_Dx10.exe" = F:\assassin\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"F:\assassin\AssassinsCreed_Launcher.exe" = F:\assassin\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"F:\Empire Earth\Empire Earth.exe" = F:\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth -- ()
"C:\Documents and Settings\Jitka\Local Settings\Temp\Rar$EX00.891\StrongDC.exe" = C:\Documents and Settings\Jitka\Local Settings\Temp\Rar$EX00.891\StrongDC.exe:*:Enabled:StrongDC++ -- File not found
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"E:\Program Files\Electronic Arts\EADM\Core.exe" = E:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"E:\Documents and Settings\Jitka\Dokumenty\uTorrent.exe" = E:\Documents and Settings\Jitka\Dokumenty\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"F:\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe" = F:\Heroes of Might and Magic V - Tribes of the East\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V -- File not found
"F:\Heroes of Might and Magic V Collector Edition\bin\H5_Game.exe" = F:\Heroes of Might and Magic V Collector Edition\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V -- ()
"E:\Hamachi\hamachi.exe" = E:\Hamachi\hamachi.exe:*:Enabled:Hamachi -- File not found
"E:\IpSharkk\IpSharkk.exe" = E:\IpSharkk\IpSharkk.exe:*:Enabled:IpSharkk -- File not found
"E:\icq\ICQ6.5\ICQ.exe" = E:\icq\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"F:\TmNationsForever\TmForever.exe" = F:\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"F:\TrackMania United\TmUnited.exe" = F:\TrackMania United\TmUnited.exe:*:Enabled:TmUnited -- File not found
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- File not found
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"F:\Sacred\Sacred.exe" = F:\Sacred\Sacred.exe:*:Enabled:Sacred -- (Ascaron Entertainment GmbH)
"F:\Sacred 2\system\s2gs.exe" = F:\Sacred 2\system\s2gs.exe:*:Enabled:Sacred 2 Game Server -- (Ascaron Entertainment GmbH)
"F:\Sacred 2\system\sacred2.exe" = F:\Sacred 2\system\sacred2.exe:*:Enabled:Sacred 2 -- (Ascaron Entertainment GmbH)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{04CB9967-A8BB-468C-ABA6-CE87328712BE}" = BloodRayne 2
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}" = Arcanum
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Luxusní bydlení – Kolekce
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764DC542-D3D1-49D4-9BA5-8C7DAD18DE8E}" = Oracle VM VirtualBox 3.2.8
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{8653730A-683D-4C42-BB18-6471291D5DEA}" = Canon MP Navigator 1.1
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}" = Nero 8
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FD0CA9-884F-4525-97B8-0AE6179302E6}" = F2100
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A59BB15D-51B7-F12B-4548-8C0368243441}" = EA Download Manager UI
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B04880D4-D900-4FE2-8BB3-707122801B0B}_is1" = Bambulky 1.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C89C8D86-4423-4A58-AA40-DD259ACE07C1}" = KhalSetup
"{CDC7BEC8-D631-4e36-81D7-FC3689209AA6}" = F2100_Help
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D335AC77-6F59-46D6-9082-F74A9F7E0FC3}" = Canon MP Drivers 7.0
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D95ED581-3C67-4BB4-AA50-DDCC6A97226D}" = ArcSoft PhotoStudio 5.5
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA5B4DB8-BF9A-4E23-B7FB-0A387A3A0E8F}" = Free JavaScript Editor 4.7
"{EB026BC8-E00C-499D-BD87-89A0566BEB0E}" = AVRStudio4
"{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min
"{F68563C0-2CCD-4799-A014-017A370D627B}" = Sběratelská edice Heroes of Might and Magic V
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA200000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 2.0
"{FC906D5C-91F9-4DA4-A765-6DCBB669F317}" = Sony Ericsson PC Suite
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Ledova kralovna}_is1" = Ledová královna 1.0
"{Moje cukrárna 2}_is1" = Moje cukrárna 2 1.0
"A5332BD2FF67A591A9CF2EAF5A30AF3B28B6A15E" = Windows Driver Package - Digilent (dmodusb) USB (05/11/2009 2.1)
"Ad-aware 6 Personal" = Ad-aware 6 Personal
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"ALUpdate_is1" = ALTools Update
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.1
"Ashampoo Burning Studio 8_is1" = Ashampoo Burning Studio 8.04
"avast5" = avast! Free Antivirus
"AVI ReComp" = AVI ReComp 1.2.3
"AviSynth" = AviSynth 2.5
"CBuilder5" = Borland C++Builder 5
"CCleaner" = CCleaner (remove only)
"CDex" = CDex extraction audio
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Digilent Software" = Digilent Software
"DVD Shrink_is1" = DVD Shrink 3.2
"EA Download Manager" = EA Download Manager
"EAGLE 4.16r2" = EAGLE 4.16r2
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"Faraónovo tajemství" = Faraónovo tajemství
"Fish Fillets" = Fish Fillets
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free PDF to Word Converter_is1" = Free PDF to Word Converter 1.5
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"HijackThis" = HijackThis 1.99.1
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Indeo® software" = Indeo® software
"LIŠKA RYŠKA - ZÁHADA BERMUDSKÉHO TROJÚHELNÍKU" = LIŠKA RYŠKA - ZÁHADA BERMUDSKÉHO TROJÚHELNÍKU
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Módní salón" = Módní salón
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neat Image_is1" = Neat Image v5.9 Pro+
"Neposeda" = Neposeda
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Numericon" = Numericon
"NVIDIA Drivers" = NVIDIA Drivers
"Peter2.23 Lite" = Petr 2.23 Lite
"Polární dobrodružství 2" = Polární dobrodružství 2
"Posel Smrti 2_is1" = Posel Smrti 2
"Posel smrti_is1" = Posel smrti 1.2
"PSPad editor_is1" = PSPad editor
"rajče.net_is1" = rajče verze 57 sestavení 192
"RealPlayer 12.0" = RealPlayer
"Sacred_is1" = Sacred
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 3.32
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
"Tajemná písmena" = Tajemná písmena
"Totalcmd" = Total Commander (Remove or Repair)
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VobSub" = VobSub v2.23 (Remove Only)
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"WIC" = Windows Imaging Component
"WinAVI VideoConverter_is1" = WinAVI VideoConverter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"wx-devcpp" = wx-devcpp 6.10.2 (4.9.9.2)
"Xilinx ISE 9.2i" = Xilinx ISE 9.2i
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.1.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1454471165-2111687655-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Domestav Architekt" = Domestav Architekt
"QIP 2005" = QIP 2005 8092
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 27.2.2009 13:32:13 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

Error - 27.2.2009 13:34:04 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

Error - 27.2.2009 15:03:30 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

Error - 27.2.2009 15:15:08 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

Error - 27.2.2009 15:35:57 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

Error - 5.9.2009 13:06:38 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

Error - 5.9.2009 13:08:58 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

Error - 6.11.2009 14:46:22 | Computer Name = WINXP | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 19.10.2010 12:36:30 | Computer Name = WINXP | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft ActiveSync -- Error.No valid source could be found
for product Microsoft ActiveSync. The Windows Installer cannot continue.

Error - 21.10.2010 11:42:46 | Computer Name = WINXP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace DivX Plus Player.exe, verze 10.2.1.13, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.10.2010 12:11:42 | Computer Name = WINXP | Source = Application Error | ID = 1000
Description = Chybující aplikace game.exe, verze 1.0.0.0, chybující modul ls3df.dll,
verze 0.0.0.0, adresa chyby 0x0005ac2e.

Error - 27.10.2010 18:31:57 | Computer Name = WINXP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace snowcraft.exe, verze 6.5.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.11.2010 12:08:17 | Computer Name = WINXP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Photoshop.exe, verze 10.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.11.2010 12:39:10 | Computer Name = WINXP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace realplay.exe, verze 12.0.0.301, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.11.2010 12:59:05 | Computer Name = WINXP | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x08c39299.

Error - 9.11.2010 13:27:18 | Computer Name = WINXP | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x04929290.

Error - 12.11.2010 12:22:31 | Computer Name = WINXP | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 9.0.0.4503, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17.11.2010 5:02:48 | Computer Name = WINXP | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 7.0.6000.16981, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x628e12b0.

[ OSession Events ]
Error - 9.5.2009 11:34:52 | Computer Name = WINXP | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

[ System Events ]
Error - 22.11.2010 15:43:16 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 22.11.2010 15:43:17 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 23.11.2010 13:53:43 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 23.11.2010 13:53:44 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 23.11.2010 13:53:55 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 23.11.2010 13:54:05 | Computer Name = WINXP | Source = Service Control Manager | ID = 7000
Description = Služba IBService neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 24.11.2010 12:08:49 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 24.11.2010 12:08:56 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 24.11.2010 12:08:56 | Computer Name = WINXP | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 24.11.2010 12:09:06 | Computer Name = WINXP | Source = Service Control Manager | ID = 7000
Description = Služba IBService neuspěla při spuštění v důsledku následující chyby:
%%2


< End of report >

[motji]

To nevypadá na virový problém .

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[kyky66]

tak nevim prave jsem se divala uz aj na internetu jestli stim mel nekdo problem, tak to tam resili ale konec byl vymazany takze nevim zda to nejak vyresili . Dekuji za jste si udelala na me cas.

[motji]

Nehažte flintu do žita . Spustte ten combofix, vyčistíme počítač a pokud bude problém přetrvávat, pošlu sem odborníka na HW

[kyky66]

ComboFix 10-11-27.01 - Jitka 2010-11-28 13:11:57.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.3327.2712 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jitka\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ST6UNST.000
c:\windows\system\olepro32.dll
c:\windows\system32\midas.dll
E:\Uninstall.exe
E:\WinRAR.exe
G:\install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-28 )))))))))))))))))))))))))))))))
.

2010-11-28 12:04 . 2010-11-28 12:03 390144 ----a-w- c:\windows\system32\CF17131.exe
2010-11-28 11:57 . 2010-11-28 11:57 390144 ----a-w- c:\windows\system32\CF15861.exe
2010-11-28 11:29 . 2010-11-28 11:29 390144 ----a-w- c:\windows\system32\CF10482.exe
2010-11-28 07:38 . 2010-11-28 07:38 390144 ----a-w- c:\windows\system32\CF30767.exe
2010-11-28 07:38 . 2010-11-28 07:34 390144 ----a-w- c:\windows\system32\CF29987.exe
2010-11-23 18:04 . 2010-11-23 20:22 -------- d-----w- c:\program files\trend micro
2010-11-23 18:04 . 2010-11-23 18:04 -------- d-----w- C:\rsit
2010-11-22 17:08 . 2010-11-22 19:36 -------- d-----w- c:\windows\SxsCaPendDel

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-27 22:23 . 2010-10-27 22:23 63488 ----a-w- c:\windows\xobglu16.dll
2010-10-27 22:23 . 2010-10-27 22:23 23552 ----a-w- c:\windows\xobglu32.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-13 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-09 13533184]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"QuickTime Task"="e:\quicktime\qttask.exe" [2009-05-26 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-07 198160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"nwiz"="nwiz.exe" [2008-07-09 1657376]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Logitech SetPoint.lnk - e:\program files\kl vesnice\SetPoint\SetPoint.exe [2009-3-5 688128]
Microsoft Office.lnk - e:\officesxp\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"f:\\assassin\\AssassinsCreed_Dx9.exe"=
"f:\\assassin\\AssassinsCreed_Dx10.exe"=
"f:\\assassin\\AssassinsCreed_Launcher.exe"=
"f:\\Empire Earth\\Empire Earth.exe"=
"e:\\Documents and Settings\\Jitka\\Dokumenty\\uTorrent.exe"=
"f:\\Heroes of Might and Magic V Collector Edition\\bin\\H5_Game.exe"=
"e:\\icq\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"f:\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"f:\\Sacred\\Sacred.exe"=
"f:\\Sacred 2\\system\\s2gs.exe"=
"f:\\Sacred 2\\system\\sacred2.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-02-27 717296]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-02-27 165456]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2010-09-24 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2010-09-24 41936]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-27 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-07-19 222456]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2010-08-05 111312]
S2 gupdate1ca2fcd12ac4984;Služba Google Update (gupdate1ca2fcd12ac4984);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 133104]
S2 IBService;IBService;e:\program files\Invisible Browsing\servers\IBService.exe --> e:\program files\Invisible Browsing\servers\IBService.exe [?]
S3 dmodusb;dmodusb;c:\windows\system32\drivers\dmodusb.sys [2010-08-02 26240]
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\drivers\k510bus.sys [2009-04-13 58288]
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\drivers\k510mdfl.sys [2009-04-13 8336]
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\drivers\k510mdm.sys [2009-04-13 94064]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2010-08-05 100496]
S3 XilinxFirmwareEmbeddedLoader;XilinxFirmwareEmbeddedLoader;c:\windows\system32\drivers\xusb_xup.sys [2010-08-02 17408]
S3 XilinxFirmwareEmbeddedLpLoader;XilinxFirmwareEmbeddedLpLoader;c:\windows\system32\drivers\xusb_emb.sys [2010-08-02 17408]
S3 XilinxFirmwareLoader;XilinxFirmwareLoader;c:\windows\system32\drivers\xusbdfwu.sys [2010-08-02 17280]
S3 XilinxFirmwareLpLoader;XilinxFirmwareLpLoader;c:\windows\system32\drivers\xusb_xlp.sys [2010-08-02 17280]
S3 XilinxFirmwareXpressLoader;XilinxFirmwareXpressLoader;c:\windows\system32\drivers\xusb_xpr.sys [2010-08-02 16768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-09-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 15:08]

2010-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-07 15:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = local
IE: E&xport to Microsoft Excel - e:\office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - e:\office10\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Jitka\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://verysafesearch.com/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://centrum.cz
FF - prefs.js: keyword.URL - hxxp://verysafesearch.com/search.php?clid=486&q=
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: e:\program files\Reader\browser\nppdf32.dll
FF - plugin: e:\quicktime\Plugins\npqtplugin.dll
FF - plugin: e:\quicktime\Plugins\npqtplugin2.dll
FF - plugin: e:\quicktime\Plugins\npqtplugin3.dll
FF - plugin: e:\quicktime\Plugins\npqtplugin4.dll
FF - plugin: e:\quicktime\Plugins\npqtplugin5.dll
FF - plugin: e:\quicktime\Plugins\npqtplugin6.dll
FF - plugin: e:\quicktime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - e:\program files\mozilla\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - e:\program files\mozilla\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Extension: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Extension: Illimitux: illimitux@illimitux.net - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\illimitux@illimitux.net
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Get Styles: {6236BA26-C117-4007-928C-DE0716C7FA80} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Extension: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Extension: FBFan: {6236BA26-C117-4007-928C-DE0716C7FA99} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
FF - Extension: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Extension: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Extension: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Extension: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Extension: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Extension: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-OEXPRESS - (no file)
MSConfigStartUp-EA Core - e:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-IpSharkk - e:\ipsharkk\IpSharkk.exe
AddRemove-EAGLE 4.16r2 - e:\program files\DeIsL1.isu
AddRemove-WinRAR archiver - E:\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-28 13:14
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1454471165-2111687655-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:97,59,6a,24,eb,b7,2b,19,f1,11,87,d1,d7,f2,d2,a8,22,2e,77,98,b1,
88,5e,3a,73,42,a1,12,e4,c7,f0,c6,8a,68,97,80,0d,4c,f8,68,8d,18,12,e8,5d,b4,\
"rkeysecu"=hex:39,8e,b4,03,43,b1,cb,7f,cd,57,48,f4,e3,f0,30,67
.
Celkový čas: 2010-11-28 13:15:04
ComboFix-quarantined-files.txt 2010-11-28 12:15

Před spuštěním: Volných bajtů: 82,809,114,624
Po spuštění: Volných bajtů: 82,761,752,576

- - End Of File - - B699FA4A1EB13EB115EEE9D7D93BDE00

[motji]

Tyto programy na disku E znáte, chcete je zpět?
E:\Uninstall.exe
E:\WinRAR.exe
G:\install.exe

[kyky66]

Tak ten winRAR bych chtela urcite zpatky aj tu unistall na tom E ... ale tedkaj bouhuzel nevim co je to na tom G

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

DeQuarantine::
E:\Uninstall.exe.vir
E:\WinRAR.exe.vir
G:\install.exe.vir

Firefox::
FF - ProfilePath - c:\documents and settings\Jitka\Data aplikací\Mozilla\Firefox\Profiles\y4v7ovo2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://verysafesearch.com/search.php?clid=486&q=
FF - prefs.js: keyword.URL - hxxp://verysafesearch.com/search.php?clid=486&q=

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci