Kontrola logu prosím

[couback]

Logfile of random's system information tool 1.06 (written by random/random)
Run by David at 2010-04-04 16:42:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 48 GB (20%) free of 238 GB
Total RAM: 1023 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:20, on 4.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\David\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Documents and Settings\David\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\David\Plocha\David.exe
C:\Documents and Settings\David\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ministryofsound.com/Radio/RadioHomePage.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\David\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [QIP2005] C:\Program Files\QIP\qip.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Jádro Plánovače úloh SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
O4 - Startup: Registration Assassin.LNK = C:\Program Files\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe
O4 - Startup: winesm32.exe
O4 - Global Startup: Místní vyhledávání.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1746971453
O17 - HKLM\System\CCS\Services\Tcpip\..\{696331C5-82FA-4137-9529-8355EF00E120}: NameServer = 192.168.0.1,62.210.161.226
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8705 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\toolbaru.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-30 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-01-11 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-06-15 6803456]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2006-07-11 69632]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2006-07-07 348160]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2006-11-24 487424]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-11 286720]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-04-29 921600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SolidWorks_CheckForUpdates"=C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe [2009-03-20 7308584]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\David\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-17 135664]
"QIP2005"=C:\Program Files\QIP\qip.exe [2009-08-13 3276288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2005-06-15 6803456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2005-06-15 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2007-01-20 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-12-06 69216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2006-07-07 348160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2006-07-11 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2007-05-11 738968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Desktop Search.lnk]
C:\PROGRA~1\WINDOW~4\WINDOW~3.EXE /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^David^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Místní vyhledávání.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\David\Nabídka Start\Programy\Po spuštění
Jádro Plánovače úloh SolidWorks.lnk - C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
Registration Assassin.LNK - C:\Program Files\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe
winesm32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\CNAB4RPK.EXE"="C:\WINDOWS\system32\CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\WgaTray.exe"="C:\WINDOWS\system32\WgaTray.exe:*:Enabled:ENABLE"
"C:\Program Files\WinFast\WFDTV\DTVSchdl.exe"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe:*:Enabled:ENABLE"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-04 16:24:45 ----A---- C:\WINDOWS\system32\Dvbpws.dll
2010-04-03 18:29:25 ----A---- C:\ComboFix.txt
2010-03-31 19:31:00 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-30 20:36:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
2010-03-30 20:36:22 ----D---- C:\Program Files\CentrumczToolbar
2010-03-30 20:28:50 ----A---- C:\WINDOWS\system32\javaws.exe
2010-03-30 20:28:49 ----A---- C:\WINDOWS\system32\javaw.exe
2010-03-30 20:28:49 ----A---- C:\WINDOWS\system32\java.exe
2010-03-30 19:13:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-03-30 19:12:59 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-03-17 22:03:33 ----D---- C:\WINDOWS\temp
2010-03-17 20:47:48 ----A---- C:\WINDOWS\system32\CF22027.exe
2010-03-17 20:41:17 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-03-17 19:41:59 ----D---- C:\rsit
2010-03-16 21:19:11 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-16 21:16:34 ----D---- C:\Program Files\Lavasoft
2010-03-14 12:11:50 ----D---- C:\Documents and Settings\David\Data aplikací\SolidWorks 2009
2010-03-14 01:15:31 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2010-03-13 17:06:52 ----D---- C:\Program Files\AGEIA Technologies
2010-03-13 17:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB917013$
2010-03-13 17:01:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-03-13 17:01:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-03-13 17:01:26 ----D---- C:\SolidWorks Data (2)
2010-03-13 17:00:48 ----D---- C:\Program Files\Common Files\Manažer instalací SolidWorks
2010-03-13 16:58:13 ----D---- C:\WINDOWS\SolidWorks
2010-03-13 16:58:09 ----D---- C:\Documents and Settings\David\Data aplikací\IM
2010-03-11 21:49:25 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-10 09:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

======List of files/folders modified in the last 1 months======

2010-04-04 16:24:45 ----D---- C:\WINDOWS\system32
2010-04-04 16:23:49 ----SD---- C:\WINDOWS\Tasks
2010-04-04 16:20:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-04 15:04:19 ----D---- C:\WINDOWS
2010-04-04 14:51:10 ----D---- C:\Qoobox
2010-04-03 18:29:44 ----D---- C:\WINDOWS\system32\drivers
2010-04-03 18:25:22 ----D---- C:\WINDOWS\Prefetch
2010-04-03 18:22:58 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-03 18:17:05 ----A---- C:\WINDOWS\system.ini
2010-04-03 18:12:14 ----D---- C:\WINDOWS\AppPatch
2010-04-03 17:57:43 ----D---- C:\Program Files\Common Files
2010-03-31 19:31:16 ----HD---- C:\WINDOWS\inf
2010-03-31 19:31:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 17:58:35 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 20:38:25 ----D---- C:\Documents and Settings\David\Data aplikací\Mozilla
2010-03-30 20:37:04 ----D---- C:\Program Files\Mozilla Firefox
2010-03-30 20:36:22 ----D---- C:\Program Files
2010-03-30 20:29:42 ----SHD---- C:\WINDOWS\Installer
2010-03-30 20:29:40 ----D---- C:\Program Files\Common Files\Java
2010-03-30 20:28:12 ----D---- C:\Program Files\Java
2010-03-28 17:07:48 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-28 10:11:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-22 18:41:45 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-03-20 11:49:01 ----D---- C:\Program Files\QIP
2010-03-18 19:38:34 ----SHD---- C:\WINDOWS\CSC
2010-03-16 21:23:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-16 21:19:46 ----D---- C:\WINDOWS\WinSxS
2010-03-16 21:16:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-03-16 20:01:23 ----D---- C:\WINDOWS\security
2010-03-16 18:10:40 ----A---- C:\WINDOWS\imsins.BAK
2010-03-16 18:10:25 ----D---- C:\WINDOWS\system32\inetsrv
2010-03-16 18:06:30 ----RSD---- C:\WINDOWS\assembly
2010-03-16 18:06:29 ----D---- C:\Program Files\OpenOffice.org 2.3
2010-03-16 18:03:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-16 18:03:18 ----D---- C:\Program Files\EA GAMES
2010-03-15 20:14:22 ----D---- C:\WINDOWS\ERDNT
2010-03-13 19:01:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\SolidWorks
2010-03-13 19:00:51 ----D---- C:\Documents and Settings\David\Data aplikací\SolidWorks
2010-03-13 17:28:17 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-13 17:21:16 ----SD---- C:\Documents and Settings\David\Data aplikací\Microsoft
2010-03-13 17:21:01 ----D---- C:\Program Files\SolidWorks
2010-03-13 17:18:19 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2010-03-13 17:12:39 ----D---- C:\WINDOWS\system32\config
2010-03-13 17:09:11 ----RSD---- C:\WINDOWS\Fonts
2010-03-13 17:03:21 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-13 17:03:19 ----D---- C:\Program Files\Windows Desktop Search
2010-03-13 17:02:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-10 09:29:01 ----A---- C:\WINDOWS\win.ini
2010-03-10 09:28:08 ----D---- C:\Program Files\Movie Maker
2010-03-10 06:43:10 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-03-10 06:43:04 ----A---- C:\WINDOWS\system32\browseui.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-01-20 31644]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 WFCXVCAP;WinFast TV Video Capture Driver; C:\WINDOWS\system32\drivers\wfcxvcap.sys [2006-01-26 167296]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-01-13 3844288]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-06-15 3200256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver; C:\WINDOWS\system32\drivers\wfcxdtun.sys [2006-01-26 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver; C:\WINDOWS\system32\drivers\wfcxtcap.sys [2006-01-26 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver; C:\WINDOWS\system32\drivers\wfcxxbar.sys [2006-01-26 10368]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-09-17 25544]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\WINDOWS\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\WINDOWS\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-05-02 717296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-30 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-04-29 507904]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-06-15 127043]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2007-08-18 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WSearch;Vyhledávání systému Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-30 1265264]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-28 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-03-19 83240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-08 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2007-11-25 79360]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Zdravím


Doporučuji odinstalovat Ad-Aware.


Vložte sem log C:\ComboFix.txt

Nedoporučuji používat ComboFix z vlastní iniciativy, může dojít k poškození systému!


Doporučuji odinstalovat:
C:\Program Files\BitLord\BitLord.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.


Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte program, poté klikněte na Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[couback]

ComboFix 10-04-03.02 - David 04.04.2010 17:36:29.10.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.652 [GMT 2:00]
Spuštěný z: c:\documents and settings\David\Dokumenty\Downloads\ComboFix.exe
AV: Eset NOD32 Antivirus 2.51 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Dvbpws.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-04 do 2010-04-04 )))))))))))))))))))))))))))))))
.

2010-03-30 18:36 . 2010-03-30 18:36 -------- d-----w- c:\program files\CentrumczToolbar
2010-03-30 17:12 . 2010-03-30 18:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-17 18:47 . 2010-03-17 18:47 390144 ----a-w- c:\windows\system32\CF22027.exe
2010-03-17 17:41 . 2010-03-17 17:43 -------- d-----w- C:\rsit
2010-03-16 19:23 . 2010-03-16 19:23 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-16 19:16 . 2010-04-04 15:10 -------- d-----w- c:\program files\Lavasoft
2010-03-14 14:33 . 2008-04-13 23:15 52864 -c--a-w- c:\windows\system32\dllcache\dmusic.sys
2010-03-14 14:33 . 2008-04-13 23:15 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-03-14 14:33 . 2008-04-13 23:16 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-03-14 14:33 . 2008-04-13 23:16 15232 ----a-w- c:\windows\system32\drivers\mpe.sys
2010-03-14 14:33 . 2008-04-13 23:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-03-14 14:33 . 2008-04-13 23:16 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys
2010-03-14 14:33 . 2008-04-13 23:15 2944 -c--a-w- c:\windows\system32\dllcache\drmkaud.sys
2010-03-14 14:33 . 2008-04-13 23:15 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2010-03-13 23:15 . 2010-03-13 23:15 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-03-13 15:06 . 2010-03-13 15:06 -------- d-----w- c:\program files\AGEIA Technologies
2010-03-13 15:01 . 2010-03-13 15:02 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-03-13 15:01 . 2010-03-13 15:06 -------- d-----w- C:\SolidWorks Data (2)
2010-03-13 15:00 . 2010-03-13 15:00 -------- d-----w- c:\program files\Common Files\Manažer instalací SolidWorks
2010-03-13 14:58 . 2010-03-13 15:01 -------- d-----w- c:\windows\SolidWorks
2010-03-11 19:49 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-10 06:15 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-10 04:43 . 2010-03-10 04:43 1025024 -c----w- c:\windows\system32\dllcache\browseui.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-04 15:09 . 2007-07-18 16:04 -------- d-----w- c:\program files\BitLord
2010-03-30 18:29 . 2007-11-13 19:29 -------- d-----w- c:\program files\Common Files\Java
2010-03-30 18:28 . 2007-11-13 19:30 -------- d-----w- c:\program files\Java
2010-03-28 08:11 . 2006-03-02 12:00 86226 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 08:11 . 2006-03-02 12:00 449888 ----a-w- c:\windows\system32\perfh005.dat
2010-03-20 09:49 . 2008-12-10 18:59 -------- d-----w- c:\program files\QIP
2010-03-16 16:06 . 2007-11-25 18:30 -------- d-----w- c:\program files\OpenOffice.org 2.3
2010-03-16 16:03 . 2009-10-04 16:26 -------- d-----w- c:\program files\EA GAMES
2010-03-16 16:03 . 2007-07-08 10:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-13 15:21 . 2009-01-22 15:21 -------- d-----w- c:\program files\SolidWorks
2010-03-13 15:18 . 2007-11-25 13:53 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2010-03-13 15:03 . 2007-09-17 14:43 -------- d-----w- c:\program files\Windows Desktop Search
2010-03-02 17:18 . 2007-11-25 13:58 -------- d-----w- c:\program files\DWGeditor
2010-02-26 05:43 . 2006-03-02 12:00 668160 ------w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-17 17:43 . 2009-11-06 20:36 -------- d-----w- c:\program files\Opera
.

((((((((((((((((((((((((((((( SnapShot@2010-03-17_20.01.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-04 15:12 . 2010-04-04 15:12 16384 c:\windows\temp\Perflib_Perfdata_5c4.dat
+ 2009-07-25 08:41 . 2008-07-08 12:59 18296 c:\windows\system32\spmsg.dll
+ 2006-03-02 12:00 . 2010-03-28 08:11 67448 c:\windows\system32\perfc009.dat
- 2006-03-02 12:00 . 2009-12-09 16:58 67448 c:\windows\system32\perfc009.dat
+ 2009-02-20 08:12 . 2010-02-26 05:43 81920 c:\windows\system32\dllcache\ieencode.dll
- 2009-02-20 08:12 . 2009-12-22 05:09 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2006-03-02 12:00 . 2010-02-26 05:43 627200 c:\windows\system32\urlmon.dll
- 2006-03-02 12:00 . 2009-12-22 05:09 627200 c:\windows\system32\urlmon.dll
- 2006-03-02 12:00 . 2009-12-09 16:58 432492 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2010-03-28 08:11 432492 c:\windows\system32\perfh009.dat
+ 2010-03-30 18:28 . 2010-03-30 18:28 153376 c:\windows\system32\javaws.exe
+ 2010-03-30 18:28 . 2010-03-30 18:28 145184 c:\windows\system32\javaw.exe
+ 2010-03-30 18:28 . 2010-03-30 18:28 145184 c:\windows\system32\java.exe
+ 2006-03-02 12:00 . 2010-02-26 05:43 251904 c:\windows\system32\iepeers.dll
- 2006-03-02 12:00 . 2008-04-14 03:21 251904 c:\windows\system32\iepeers.dll
- 2008-04-21 06:45 . 2009-12-22 05:09 668160 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-21 06:45 . 2010-02-26 05:43 668160 c:\windows\system32\dllcache\wininet.dll
+ 2008-06-26 08:14 . 2010-02-26 05:43 627200 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-26 08:14 . 2009-12-22 05:09 627200 c:\windows\system32\dllcache\urlmon.dll
- 2006-03-02 12:00 . 2008-04-14 03:21 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2006-03-02 12:00 . 2010-02-26 05:43 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2010-03-30 18:29 . 2010-03-30 18:29 180224 c:\windows\Installer\120eac4.msi
+ 2010-03-30 18:28 . 2010-03-30 18:28 576000 c:\windows\Installer\120eabf.msi
- 2006-03-02 12:00 . 2009-12-22 05:09 1510400 c:\windows\system32\shdocvw.dll
+ 2006-03-02 12:00 . 2010-03-10 04:43 1510400 c:\windows\system32\shdocvw.dll
+ 2006-03-02 12:00 . 2010-02-26 05:43 3094016 c:\windows\system32\mshtml.dll
+ 2008-06-26 08:14 . 2010-03-10 04:43 1510400 c:\windows\system32\dllcache\shdocvw.dll
- 2008-06-26 08:14 . 2009-12-22 05:09 1510400 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-04-21 06:45 . 2010-02-26 05:43 3094016 c:\windows\system32\dllcache\mshtml.dll
- 2006-03-02 12:00 . 2008-04-14 03:21 1025024 c:\windows\system32\browseui.dll
+ 2006-03-02 12:00 . 2010-03-10 04:43 1025024 c:\windows\system32\browseui.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\David\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-17 135664]
"QIP2005"="c:\program files\QIP\qip.exe" [2009-08-13 3276288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-01-11 577536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-06-15 6803456]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2006-07-11 69632]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2006-07-07 348160]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 487424]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-04-29 921600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SolidWorks_CheckForUpdates"="c:\program files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe" [2009-03-19 7308584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\David\Nabˇdka Start\Programy\Po spuçtŘnˇ\
J dro Pl novaźe Łloh SolidWorks.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [2009-3-19 869672]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Mˇstnˇ vyhled v nˇ.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Desktop Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Desktop Search.lnk
backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^David^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\David\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 03:22 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-05 20:55 54832 -c--a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2005-06-15 09:20 6803456 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2005-06-15 09:20 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2005-06-15 09:20 1519616 -c--a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2007-01-20 07:09 200704 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2006-12-06 16:37 69216 -c----w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-09-25 00:11 132496 -c--a-w- c:\program files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2006-07-07 16:15 348160 ----a-w- c:\program files\WinFast\WFDTV\WFWIZ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
2006-07-11 15:10 69632 ----a-w- c:\program files\WinFast\WFDTV\DTVSchdl.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\CNAB4RPK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\WgaTray.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DTVSchdl.exe"=
"c:\\Program Files\\QIP\\qip.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25024:TCP"= 25024:TCP:BitComet 25024 TCP
"25024:UDP"= 25024:UDP:BitComet 25024 UDP
"9842:TCP"= 9842:TCP:*:Disabled:SolidNetworkManager
"9842:UDP"= 9842:UDP:*:Disabled:SolidNetworkManager

R2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [8.7.2007 12:56 167296]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [8.7.2007 12:56 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [8.7.2007 12:56 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [8.7.2007 12:58 10368]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [1.12.2007 14:17 9446]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks\swScheduler\DTSCoordinatorService.exe [19.3.2009 12:31 83240]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.9.2005 8:01 2799808]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.5.2008 14:23 717296]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ministryofsound.com/Radio/RadioHomePage.aspx
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
Trusted Zone: mojebanka.cz
TCP: {696331C5-82FA-4137-9529-8355EF00E120} = 192.168.0.1,62.210.161.226
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\documents and settings\David\Data aplikací\Mozilla\Firefox\Profiles\qyccvh5t.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - hxxp://centrum.cz/firefox
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - component: c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils2.dll
FF - component: c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils3.dll
FF - component: c:\program files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components\IGeared_cetrumczp_xputils35.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-04 17:58
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-776561741-162531612-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(828)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2010-04-04 18:04:54
ComboFix-quarantined-files.txt 2010-04-04 16:04
ComboFix2.txt 2010-03-17 20:03
ComboFix3.txt 2010-03-16 15:02
ComboFix4.txt 2010-03-16 14:04
ComboFix5.txt 2010-04-03 15:37

Před spuštěním: Volných bajtů: 50 581 417 984
Po spuštění: Volných bajtů: 50 634 919 936

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 4F1D779818A8E23C6EB554E42D138254

[Caroprd111]

Ještě ten OTL.

[couback]

OTL logfile created on: 4.4.2010 18:14:25 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\David\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 529,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 47,18 Gb Free Space | 20,26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAVID-8CEFED1CA
Current User Name: David
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.04 18:13:18 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David\Dokumenty\Downloads\OTL.exe
PRC - [2010.03.28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Documents and Settings\David\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2009.03.20 01:30:12 | 007,308,584 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe
PRC - [2008.04.29 18:04:46 | 000,507,904 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.07.11 17:10:54 | 000,069,632 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2006.07.07 18:15:12 | 000,348,160 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2006.01.11 15:08:36 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005.03.22 17:00:00 | 000,057,344 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB4RPK.EXE
PRC - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2010.04.04 18:13:18 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David\Dokumenty\Downloads\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009.03.19 12:31:52 | 000,083,240 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.29 18:04:46 | 000,507,904 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2007.11.25 15:55:06 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2005.11.14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005.09.23 08:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
SRV - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2008.05.02 14:23:09 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.29 18:04:46 | 000,502,368 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\changer.sys -- (Changer)
DRV - [2008.04.14 01:10:28 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2007.10.09 23:02:34 | 000,019,968 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vncmirror.dll -- (vncmirror)
DRV - [2007.09.17 20:25:39 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2007.01.20 09:11:07 | 000,031,644 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006.11.30 16:14:22 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45unic.sys -- (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM)
DRV - [2006.11.30 16:14:14 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45obex.sys -- (se45obex)
DRV - [2006.11.30 16:14:10 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mgmt.sys -- (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.30 16:14:10 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45nd5.sys -- (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS)
DRV - [2006.11.30 16:14:04 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdm.sys -- (se45mdm)
DRV - [2006.11.30 16:14:04 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45mdfl.sys -- (se45mdfl)
DRV - [2006.11.30 16:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM)
DRV - [2006.11.02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
DRV - [2006.01.26 18:18:56 | 000,021,248 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfcxdtun.sys -- (wfcxdtun)
DRV - [2006.01.26 18:17:26 | 000,010,368 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfcxxbar.sys -- (wfcxxbar)
DRV - [2006.01.26 12:19:56 | 000,167,296 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wfcxvcap.sys -- (WFCXVCAP)
DRV - [2006.01.26 12:16:46 | 000,015,872 | R--- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfcxtcap.sys -- (wfcxtcap)
DRV - [2006.01.13 13:39:48 | 003,844,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.18 10:52:06 | 000,093,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.15 11:20:00 | 003,200,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.04.05 20:22:30 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.05 20:22:28 | 000,033,536 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.03.09 15:53:00 | 000,042,496 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.01.06 17:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004.11.05 11:08:06 | 000,670,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004.05.02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ministryofsound.com/Radio/RadioHomePage.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "http://centrum.cz/firefox"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.202.012.001
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared [2010.03.30 20:36:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.30 20:37:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.30 20:37:00 | 000,000,000 | ---D | M]

[2010.03.30 20:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Mozilla\Extensions
[2010.04.04 14:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\qyccvh5t.default\extensions
[2010.04.04 14:29:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\David\Data aplikací\Mozilla\Firefox\Profiles\qyccvh5t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.30 20:38:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.12.09 17:23:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.02.12 00:11:32 | 000,001,425 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.04.03 18:16:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll File not found
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SolidWorks_CheckForUpdates] C:\Program Files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe (Dassault Systèmes SolidWorks Corp.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Místní vyhledávání.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\David\Nabídka Start\Programy\Po spuštění\Jádro Plánovače úloh SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe (Dassault Systèmes SolidWorks Corp.)
O4 - Startup: C:\Documents and Settings\David\Nabídka Start\Programy\Po spuštění\Registration Assassin.LNK = C:\Program Files\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe File not found
O4 - Startup: C:\Documents and Settings\David\Nabídka Start\Programy\Po spuštění\winesm32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\imon.dll (Eset )
O15 - HKCU\..Trusted Domains: mojebanka.cz ([]https in Důvěryhodné servery)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1746971453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 62.240.161.227
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\David\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\David\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.08 12:23:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.04 17:32:48 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.04.04 17:32:41 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.04.04 17:32:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.04.04 17:32:37 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.03.30 20:39:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Data aplikací\Centrum.cz Toolbar
[2010.03.30 20:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
[2010.03.30 20:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\CentrumczToolbar
[2010.03.30 20:28:50 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.03.30 20:28:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.03.30 20:28:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.03.30 19:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.03.30 19:12:59 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010.03.28 22:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Plocha\Jitka Charvátová
[2010.03.17 22:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.03.17 20:47:48 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF22027.exe
[2010.03.17 19:42:06 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\David\Plocha\David.exe
[2010.03.17 19:41:59 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.16 21:23:44 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.03.16 21:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010.03.16 17:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Plocha\himym
[2010.03.14 16:34:37 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010.03.14 16:34:35 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010.03.14 16:34:33 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010.03.14 16:34:31 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010.03.14 16:34:31 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010.03.14 16:34:29 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010.03.14 16:34:28 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010.03.14 16:34:28 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010.03.14 16:34:16 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdaudio.sys
[2010.03.14 16:34:13 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010.03.14 16:34:13 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010.03.14 16:34:09 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010.03.14 16:34:07 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010.03.14 16:34:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010.03.14 16:34:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.03.14 16:34:03 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010.03.14 16:34:02 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010.03.14 16:34:01 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010.03.14 16:33:59 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010.03.14 16:33:58 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2010.03.14 16:33:58 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010.03.14 16:33:56 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010.03.14 16:33:54 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010.03.14 12:11:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Data aplikací\SolidWorks 2009
[2010.03.14 01:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010.03.13 17:21:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Dokumenty\SolidWorks Visual Studio Tools for Applications
[2010.03.13 17:06:52 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010.03.13 17:02:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Dokumenty\Visual Studio 2005
[2010.03.13 17:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Data aplikací\Microsoft Help
[2010.03.13 17:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010.03.13 17:01:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
[2010.03.13 17:01:26 | 000,000,000 | ---D | C] -- C:\SolidWorks Data (2)
[2010.03.13 17:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Manažer instalací SolidWorks
[2010.03.13 16:58:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SolidWorks
[2010.03.13 16:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Data aplikací\IM
[2010.03.11 21:49:25 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.03.10 08:15:05 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.03.10 06:43:04 | 001,025,024 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2009.07.25 10:49:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.01.23 14:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Adobe
[2009.01.22 17:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.02.14 09:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.11.24 18:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2007.07.08 12:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2007.07.08 12:23:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.04 18:04:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.04 17:58:57 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.04 17:12:28 | 000,013,684 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.04 17:12:11 | 000,026,682 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.04 17:12:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.04 17:11:24 | 010,223,616 | -H-- | M] () -- C:\Documents and Settings\David\NTUSER.DAT
[2010.04.04 17:11:24 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\David\ntuser.ini
[2010.04.04 17:10:53 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Microsoft Office Word 2003.lnk
[2010.04.03 18:16:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.04.03 15:11:44 | 366,889,796 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Smallville.S09E16.HDTv-XviD.EN.avi
[2010.04.01 15:53:50 | 000,238,592 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.01 14:44:39 | 722,264,411 | ---- | M] () -- C:\Documents and Settings\David\Plocha\R(1).wmv
[2010.04.01 12:51:53 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Google Chrome.lnk
[2010.03.31 12:00:30 | 000,037,550 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Lost.S06E10.HDTV-XVID-NOTV.srt
[2010.03.31 10:04:36 | 367,444,950 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Lost.S06E10.HDTV-XVID-NOTV.avi
[2010.03.31 00:32:17 | 000,046,277 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Chuck.S03E12.HDTV.XviD-LOL.srt
[2010.03.30 20:37:08 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.03.30 20:28:21 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.03.30 20:28:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.03.30 20:28:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.03.30 20:28:20 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.03.30 20:28:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010.03.30 15:48:45 | 366,759,936 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Chuck.S03E12.HDTV.XviD-LOL.avi
[2010.03.29 20:02:56 | 002,318,336 | ---- | M] () -- C:\Documents and Settings\David\Plocha\pujcovna.mdb
[2010.03.28 17:07:48 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.28 10:11:32 | 000,449,888 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 10:11:32 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 10:11:32 | 000,086,226 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 10:11:32 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.28 10:11:31 | 001,050,486 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.24 12:21:16 | 000,032,983 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Lost.S06E09.REPACK.HDTV.XviD-NoTV.srt
[2010.03.24 02:45:28 | 367,117,198 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Lost.S06E09.REPACK.HDTV.XviD-NoTV.avi
[2010.03.23 18:31:46 | 000,035,649 | ---- | M] () -- C:\Documents and Settings\David\Plocha\how.i.met.your.mother.s05e18.hdtv.xvid-fqm.srt
[2010.03.23 17:21:55 | 183,612,336 | ---- | M] () -- C:\Documents and Settings\David\Plocha\how.i.met.your.mother.s05e18.hdtv.xvid-fqm.avi
[2010.03.22 17:28:40 | 000,936,313 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Mat.rar
[2010.03.22 16:24:52 | 000,206,826 | ---- | M] () -- C:\Documents and Settings\David\Plocha\DSC00151.JPG
[2010.03.22 16:24:44 | 000,172,331 | ---- | M] () -- C:\Documents and Settings\David\Plocha\DSC00150.JPG
[2010.03.22 16:24:28 | 000,201,064 | ---- | M] () -- C:\Documents and Settings\David\Plocha\DSC00149.JPG
[2010.03.22 16:24:16 | 000,164,666 | ---- | M] () -- C:\Documents and Settings\David\Plocha\DSC00148.JPG
[2010.03.22 16:23:58 | 000,202,388 | ---- | M] () -- C:\Documents and Settings\David\Plocha\DSC00147.JPG
[2010.03.20 11:49:18 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\David\Plocha\QIP 2005.lnk
[2010.03.18 22:33:17 | 000,004,790 | ---- | M] () -- C:\Documents and Settings\David\Plocha\134153623_th.jpg
[2010.03.18 22:33:07 | 000,004,315 | ---- | M] () -- C:\Documents and Settings\David\Plocha\135059970_th.jpg
[2010.03.17 20:47:29 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF22027.exe
[2010.03.17 20:22:53 | 000,791,201 | ---- | M] () -- C:\Documents and Settings\David\Plocha\P%C5%99edvolebn%C3%AD%20preference.pdf
[2010.03.17 18:54:53 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\David\Plocha\RSIT.exe
[2010.03.17 12:59:28 | 000,035,873 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Lost.S06E08.HDTV.XviD-2HD.srt
[2010.03.17 06:14:33 | 000,046,224 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Chuck.S03E10.HDTV.XviD-LOL.srt
[2010.03.17 02:31:26 | 367,241,280 | ---- | M] () -- C:\Documents and Settings\David\Plocha\Lost.S06E08.HDTV.XviD-2HD.avi
[2010.03.16 21:23:32 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.03.16 18:10:40 | 000,005,372 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.03.14 16:44:28 | 000,080,808 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.14 16:33:09 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\David\Data aplikací\avdrn.dat
[2010.03.14 12:11:35 | 000,287,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.13 18:59:59 | 000,002,243 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SolidWorks 2009 SP3.0.lnk
[2010.03.13 17:03:31 | 000,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Místní vyhledávání.lnk
[2010.03.12 18:02:38 | 000,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010.03.10 18:42:51 | 000,033,302 | ---- | M] () -- C:\Documents and Settings\David\Plocha\How I Met Your Mother - 05x17 - Of Course.srt
[2010.03.10 09:29:01 | 000,000,782 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.03.10 06:43:10 | 001,510,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010.03.10 06:43:04 | 001,025,024 | ---- | M] (Společnost Microsoft) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010.03.09 23:21:40 | 183,528,458 | ---- | M] () -- C:\Documents and Settings\David\Plocha\How I Met Your Mother - 05x17 - Of Course.avi
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.04 17:32:50 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.04.04 17:32:43 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.04.04 17:32:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.04.04 17:32:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.04.04 17:32:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.04.03 14:49:17 | 366,889,796 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Smallville.S09E16.HDTv-XviD.EN.avi
[2010.04.01 13:56:55 | 722,264,411 | ---- | C] () -- C:\Documents and Settings\David\Plocha\R(1).wmv
[2010.03.31 17:55:00 | 000,037,550 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Lost.S06E10.HDTV-XVID-NOTV.srt
[2010.03.31 09:17:54 | 367,444,950 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Lost.S06E10.HDTV-XVID-NOTV.avi
[2010.03.31 09:17:18 | 000,046,277 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Chuck.S03E12.HDTV.XviD-LOL.srt
[2010.03.30 20:37:08 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.03.30 15:27:08 | 366,759,936 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Chuck.S03E12.HDTV.XviD-LOL.avi
[2010.03.29 19:45:46 | 002,318,336 | ---- | C] () -- C:\Documents and Settings\David\Plocha\pujcovna.mdb
[2010.03.24 19:10:26 | 000,032,983 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Lost.S06E09.REPACK.HDTV.XviD-NoTV.srt
[2010.03.24 09:23:04 | 367,117,198 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Lost.S06E09.REPACK.HDTV.XviD-NoTV.avi
[2010.03.23 18:31:46 | 000,035,649 | ---- | C] () -- C:\Documents and Settings\David\Plocha\how.i.met.your.mother.s05e18.hdtv.xvid-fqm.srt
[2010.03.23 17:09:47 | 183,612,336 | ---- | C] () -- C:\Documents and Settings\David\Plocha\how.i.met.your.mother.s05e18.hdtv.xvid-fqm.avi
[2010.03.22 17:28:40 | 000,936,313 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Mat.rar
[2010.03.22 17:28:09 | 000,206,826 | ---- | C] () -- C:\Documents and Settings\David\Plocha\DSC00151.JPG
[2010.03.22 17:28:09 | 000,201,064 | ---- | C] () -- C:\Documents and Settings\David\Plocha\DSC00149.JPG
[2010.03.22 17:28:09 | 000,172,331 | ---- | C] () -- C:\Documents and Settings\David\Plocha\DSC00150.JPG
[2010.03.22 17:28:08 | 000,164,666 | ---- | C] () -- C:\Documents and Settings\David\Plocha\DSC00148.JPG
[2010.03.22 17:28:03 | 000,202,388 | ---- | C] () -- C:\Documents and Settings\David\Plocha\DSC00147.JPG
[2010.03.20 11:49:18 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\David\Plocha\QIP 2005.lnk
[2010.03.18 22:33:17 | 000,004,790 | ---- | C] () -- C:\Documents and Settings\David\Plocha\134153623_th.jpg
[2010.03.18 22:33:07 | 000,004,315 | ---- | C] () -- C:\Documents and Settings\David\Plocha\135059970_th.jpg
[2010.03.17 20:22:53 | 000,791,201 | ---- | C] () -- C:\Documents and Settings\David\Plocha\P%C5%99edvolebn%C3%AD%20preference.pdf
[2010.03.17 18:54:48 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\David\Plocha\RSIT.exe
[2010.03.17 18:50:22 | 000,046,224 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Chuck.S03E10.HDTV.XviD-LOL.srt
[2010.03.17 18:49:53 | 000,035,873 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Lost.S06E08.HDTV.XviD-2HD.srt
[2010.03.17 09:22:24 | 367,241,280 | ---- | C] () -- C:\Documents and Settings\David\Plocha\Lost.S06E08.HDTV.XviD-2HD.avi
[2010.03.14 16:33:14 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\LocalService\Data aplikací\rbuwzv.dat
[2010.03.14 16:33:09 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\David\Data aplikací\avdrn.dat
[2010.03.13 17:12:35 | 000,002,243 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SolidWorks 2009 SP3.0.lnk
[2010.03.13 17:03:31 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Místní vyhledávání.lnk
[2010.03.10 18:42:50 | 000,033,302 | ---- | C] () -- C:\Documents and Settings\David\Plocha\How I Met Your Mother - 05x17 - Of Course.srt
[2010.03.09 23:00:50 | 183,528,458 | ---- | C] () -- C:\Documents and Settings\David\Plocha\How I Met Your Mother - 05x17 - Of Course.avi
[2009.03.12 15:12:56 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.06.06 18:41:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA4.INI
[2008.06.04 13:32:59 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.12.04 17:35:22 | 000,000,003 | ---- | C] () -- C:\Documents and Settings\David\dxva_sig.txt
[2007.09.19 17:05:18 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.09.17 16:51:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2007.08.18 10:32:39 | 000,138,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.08.09 22:20:53 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.08.04 18:05:22 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\David\PUTTY.RND
[2007.07.25 21:49:38 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\David\default.pls
[2007.07.25 21:49:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.07.20 19:06:41 | 000,238,592 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.07.12 17:21:07 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.07.08 12:57:43 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.07.08 12:40:00 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007.07.08 12:39:53 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.07.08 12:28:42 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2007.07.08 12:27:26 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\David\ntuser.ini
[2007.07.08 12:27:25 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\David\ntuser.dat.LOG
[2007.07.08 12:27:24 | 010,223,616 | -H-- | C] () -- C:\Documents and Settings\David\NTUSER.DAT
[2007.02.05 16:49:36 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.02.05 16:49:36 | 000,015,578 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007.02.05 16:49:30 | 000,014,936 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2006.06.13 16:35:32 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.06.15 11:20:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\David\Plocha\Robinsosn.fl:SummaryInformation
< End of report >

[couback]

OTL Extras logfile created on: 4.4.2010 18:14:25 - Run 1
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\David\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 529,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 47,18 Gb Free Space | 20,26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAVID-8CEFED1CA
Current User Name: David
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"25024:TCP" = 25024:TCP:*:Enabled:BitComet 25024 TCP
"25024:UDP" = 25024:UDP:*:Enabled:BitComet 25024 UDP
"9842:TCP" = 9842:TCP:*:Disabled:SolidNetworkManager
"9842:UDP" = 9842:UDP:*:Disabled:SolidNetworkManager
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\CNAB4RPK.EXE" = C:\WINDOWS\system32\CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process -- (CANON INC.)
"C:\WINDOWS\system32\WgaTray.exe" = C:\WINDOWS\system32\WgaTray.exe:*:Enabled:ENABLE -- (Microsoft Corporation)
"C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" = C:\Program Files\WinFast\WFDTV\DTVSchdl.exe:*:Enabled:ENABLE -- (Leadtek Research Inc.)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38E0C491-5230-4373-B62E-F1A6E94B1029}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{596A6DE0-EC3E-4A1F-81F1-6AE8648B645B}" = SolidWorks 2009 SP03
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BE4AA694-815A-4045-BD49-C94F2BED7458}" = WinFast Entertainment Center
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast DTV
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v2.1
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC906D5C-91F9-4DA4-A765-6DCBB669F317}" = Sony Ericsson PC Suite
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Bink and Smacker" = Bink and Smacker
"BSPlayer1" = BSPlayer
"Canon LBP2900" = Canon LBP2900
"Centrum.cz Toolbar_is1" = Centrum.cz Toolbar 1.202.012.001
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"FLVPlayer" = FLV Player 1.3.3
"FreePascal_is1" = Free Pascal 2.2.4
"HijackThis" = HijackThis 2.0.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NOD32" = Antivirový systém NOD32
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"SolidWorks Installation Manager 20090-40300-1100-200" = SolidWorks 2009 SP03
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WM Converter 2.0" = WM Converter 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.3.2010 16:39:57 | Computer Name = DAVID-8CEFED1CA | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 22.3.2010 12:41:45 | Computer Name = DAVID-8CEFED1CA | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office Professional Edition 2003 - Chyba 1706.
Instalační program nemůže najít požadované soubory. Zkontrolujte síťové připojení
nebo jednotku CD-ROM. Další možná řešení tohoto problému najdete v C:\Program
Files\Microsoft Office\OFFICE11\1029\SETUP.CHM.

Error - 23.3.2010 14:05:09 | Computer Name = DAVID-8CEFED1CA | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
dxdec.ax, verze 5.2.1.1335, adresa chyby 0x00003c18.

Error - 25.3.2010 15:02:30 | Computer Name = DAVID-8CEFED1CA | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul npswf32.dll,
verze 10.0.42.34, adresa chyby 0x00137064.

Error - 31.3.2010 11:52:43 | Computer Name = DAVID-8CEFED1CA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 11.0.5721.5145, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.3.2010 11:52:45 | Computer Name = DAVID-8CEFED1CA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 11.0.5721.5145, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.4.2010 5:23:12 | Computer Name = DAVID-8CEFED1CA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.4.2010 8:44:51 | Computer Name = DAVID-8CEFED1CA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 11.0.8313.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.4.2010 8:44:52 | Computer Name = DAVID-8CEFED1CA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 11.0.8313.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 4.4.2010 8:46:23 | Computer Name = DAVID-8CEFED1CA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 11.0.8313.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 14.3.2010 10:33:57 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač velkokapacitního paměťového zařízení USB neuspěla při
spuštění v důsledku následující chyby: %%5

Error - 14.3.2010 10:33:58 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7000
Description = Služba WpdUsb neuspěla při spuštění v důsledku následující chyby:
%%5

Error - 14.3.2010 10:33:59 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7000
Description = Služba Dálnopisný kodek světového standardu neuspěla při spuštění
v důsledku následující chyby: %%5

Error - 14.3.2010 10:33:59 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7000
Description = Služba Windows Driver Foundation - User-mode Driver Framework Reflector
neuspěla při spuštění v důsledku následující chyby: %%5

Error - 15.3.2010 13:05:05 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7031
Description = Služba Spouštěč procesů serveru DCOM byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat
počítač.

Error - 15.3.2010 13:05:05 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7034
Description = Služba Terminálová služba byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 30.3.2010 14:25:41 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4.4.2010 11:22:11 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 1
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error - 4.4.2010 11:22:24 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 2
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error - 4.4.2010 11:22:37 | Computer Name = DAVID-8CEFED1CA | Source = Service Control Manager | ID = 7031
Description = Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 3
krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


< End of report >

[Caroprd111]

Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.

Vyberte si třeba free Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523


Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

• Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
• Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.