zvýšení výkonu notebooku Vyřešeno

[Damned]

Buď na Ploše nebo v "C:" bude log z něho.

[Reklama]

[Paynn]

tohle je jediny co tam mám:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

[Damned]

To je ono


Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll

Folder::
C:\SDFix
C:\!KillBox
C:\Program Files\Virus Removal Tool
C:\Program Files\Crawler\Toolbar

Driver::
MySQL



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

[Paynn]

tady je combofix:

ComboFix 10-01-16.04 - Rosťa 20.01.2010 13:30:44.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1288 [GMT 1:00]
Spuštěný z: c:\users\Rosťa\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Rosťa\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090122-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1296 [VPS 090122-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\!KillBox
c:\!killbox\is-TRSB3\advdis.ppl
c:\!killbox\is-TRSB3\arj.ppl
c:\!killbox\is-TRSB3\arjpack.ppl
c:\!killbox\is-TRSB3\avlib.ppl
c:\!killbox\is-TRSB3\avp.dt
c:\!killbox\is-TRSB3\Avp_io32.dll
c:\!killbox\is-TRSB3\avp_iont.dll
c:\!killbox\is-TRSB3\avp1.ppl
c:\!killbox\is-TRSB3\avp3info.ppl
c:\!killbox\is-TRSB3\avpgs.ppl
c:\!killbox\is-TRSB3\avpgui.ppl
c:\!killbox\is-TRSB3\avpmgr.ppl
c:\!killbox\is-TRSB3\avs.ppl
c:\!killbox\is-TRSB3\avspm.ppl
c:\!killbox\is-TRSB3\avzkrnl.dll
c:\!killbox\is-TRSB3\avzproxy.ppl
c:\!killbox\is-TRSB3\avzscan.ppl
c:\!killbox\is-TRSB3\base64.ppl
c:\!killbox\is-TRSB3\base64p.ppl
c:\!killbox\is-TRSB3\basegui.ppl
c:\!killbox\is-TRSB3\bases\avp_x.set
c:\!killbox\is-TRSB3\bases\backup.avz
c:\!killbox\is-TRSB3\bases\bt.avz
c:\!killbox\is-TRSB3\bases\engine.dt
c:\!killbox\is-TRSB3\bases\keylogger.avz
c:\!killbox\is-TRSB3\bases\klavemu.kdl
c:\!killbox\is-TRSB3\bases\klavemu.kfb
c:\!killbox\is-TRSB3\bases\krnldrv.avz
c:\!killbox\is-TRSB3\bases\megabase.avc
c:\!killbox\is-TRSB3\bases\neural.avz
c:\!killbox\is-TRSB3\bases\neurald.avz
c:\!killbox\is-TRSB3\bases\neurale.avz
c:\!killbox\is-TRSB3\bases\neuralm.avz
c:\!killbox\is-TRSB3\bases\ports.avz
c:\!killbox\is-TRSB3\bases\prt.avz
c:\!killbox\is-TRSB3\bases\repair.avz
c:\!killbox\is-TRSB3\bases\rootkit.avz
c:\!killbox\is-TRSB3\bases\scripts.avz
c:\!killbox\is-TRSB3\bases\signf001.avz
c:\!killbox\is-TRSB3\bases\signf002.avz
c:\!killbox\is-TRSB3\bases\signf003.avz
c:\!killbox\is-TRSB3\bases\signf004.avz
c:\!killbox\is-TRSB3\bases\signf005.avz
c:\!killbox\is-TRSB3\bases\signfavp.avz
c:\!killbox\is-TRSB3\bases\signfusr.avz
c:\!killbox\is-TRSB3\bases\sr.avz
c:\!killbox\is-TRSB3\bases\srdb.avz
c:\!killbox\is-TRSB3\bases\startup.ini
c:\!killbox\is-TRSB3\bases\syscheck.avz
c:\!killbox\is-TRSB3\bases\sysipu.avz
c:\!killbox\is-TRSB3\bases\tsw.avz
c:\!killbox\is-TRSB3\bases\verdicts.ini
c:\!killbox\is-TRSB3\bl.ppl
c:\!killbox\is-TRSB3\btdisk.ppl
c:\!killbox\is-TRSB3\btimages.ppl
c:\!killbox\is-TRSB3\buffer.ppl
c:\!killbox\is-TRSB3\cab.ppl
c:\!killbox\is-TRSB3\crpthlpr.ppl
c:\!killbox\is-TRSB3\deflate.ppl
c:\!killbox\is-TRSB3\dmap.ppl
c:\!killbox\is-TRSB3\drivers\50858814.cat
c:\!killbox\is-TRSB3\drivers\50858814.inf
c:\!killbox\is-TRSB3\drivers\50858814.sys
c:\!killbox\is-TRSB3\drivers\drvins32.exe
c:\!killbox\is-TRSB3\dtreg.ppl
c:\!killbox\is-TRSB3\explode.ppl
c:\!killbox\is-TRSB3\filemap.ppl
c:\!killbox\is-TRSB3\fsdrvplg.ppl
c:\!killbox\is-TRSB3\fssync.dll
c:\!killbox\is-TRSB3\getsi.dll
c:\!killbox\is-TRSB3\hashcont.ppl
c:\!killbox\is-TRSB3\hashmd5.ppl
c:\!killbox\is-TRSB3\hccmp.ppl
c:\!killbox\is-TRSB3\ichk2.ppl
c:\!killbox\is-TRSB3\inflate.ppl
c:\!killbox\is-TRSB3\inifile.ppl
c:\!killbox\is-TRSB3\is-TRSB3.cfg
c:\!killbox\is-TRSB3\is-TRSB3.com
c:\!killbox\is-TRSB3\is-TRSB3.exe
c:\!killbox\is-TRSB3\iwgen.ppl
c:\!killbox\is-TRSB3\kldirobj.dll
c:\!killbox\is-TRSB3\klipc.dll
c:\!killbox\is-TRSB3\l_llio.ppl
c:\!killbox\is-TRSB3\lha.ppl
c:\!killbox\is-TRSB3\mailmsg.ppl
c:\!killbox\is-TRSB3\mdmap.ppl
c:\!killbox\is-TRSB3\memmodsc.ppl
c:\!killbox\is-TRSB3\memscan.ppl
c:\!killbox\is-TRSB3\Microsoft.VC80.CRT.manifest
c:\!killbox\is-TRSB3\minizip.ppl
c:\!killbox\is-TRSB3\minst.exe
c:\!killbox\is-TRSB3\mkavio.ppl
c:\!killbox\is-TRSB3\msoe.ppl
c:\!killbox\is-TRSB3\msvcm80.dll
c:\!killbox\is-TRSB3\msvcp80.dll
c:\!killbox\is-TRSB3\msvcr80.dll
c:\!killbox\is-TRSB3\nfio.ppl
c:\!killbox\is-TRSB3\ntfsstrm.ppl
c:\!killbox\is-TRSB3\ods.ppl
c:\!killbox\is-TRSB3\params.ppl
c:\!killbox\is-TRSB3\passdmap.ppl
c:\!killbox\is-TRSB3\pdm.ppl
c:\!killbox\is-TRSB3\pdm2rt.ppl
c:\!killbox\is-TRSB3\prkernel.ppl
c:\!killbox\is-TRSB3\prloader.dll
c:\!killbox\is-TRSB3\procmon.ppl
c:\!killbox\is-TRSB3\prremote.dll
c:\!killbox\is-TRSB3\prseqio.ppl
c:\!killbox\is-TRSB3\prutil.ppl
c:\!killbox\is-TRSB3\pxstub.ppl
c:\!killbox\is-TRSB3\qb.ppl
c:\!killbox\is-TRSB3\rar.ppl
c:\!killbox\is-TRSB3\reggrd.ppl
c:\!killbox\is-TRSB3\regmap.ppl
c:\!killbox\is-TRSB3\report.ppl
c:\!killbox\is-TRSB3\resip.ppl
c:\!killbox\is-TRSB3\scmhlpr.dll
c:\!killbox\is-TRSB3\sfdb.ppl
c:\!killbox\is-TRSB3\skin\en\avz.loc
c:\!killbox\is-TRSB3\skin\en\avzkrnl.loc
c:\!killbox\is-TRSB3\skin\en\credits.loc
c:\!killbox\is-TRSB3\skin\en\hints.loc
c:\!killbox\is-TRSB3\skin\en\iso3166-1.loc
c:\!killbox\is-TRSB3\skin\en\main.loc
c:\!killbox\is-TRSB3\skin\en\oas.loc
c:\!killbox\is-TRSB3\skin\en\prot.loc
c:\!killbox\is-TRSB3\skin\en\report.loc
c:\!killbox\is-TRSB3\skin\en\scan.loc
c:\!killbox\is-TRSB3\skin\en\service.loc
c:\!killbox\is-TRSB3\skin\en\settings.loc
c:\!killbox\is-TRSB3\skin\enums.loc
c:\!killbox\is-TRSB3\skin\images\activity.png
c:\!killbox\is-TRSB3\skin\images\application.png
c:\!killbox\is-TRSB3\skin\images\Arrow.png
c:\!killbox\is-TRSB3\skin\images\background.png
c:\!killbox\is-TRSB3\skin\images\badmail.png
c:\!killbox\is-TRSB3\skin\images\banner.gif
c:\!killbox\is-TRSB3\skin\images\Banner.png
c:\!killbox\is-TRSB3\skin\images\battery.png
c:\!killbox\is-TRSB3\skin\images\bootsect.png
c:\!killbox\is-TRSB3\skin\images\collapse.png
c:\!killbox\is-TRSB3\skin\images\danger24.png
c:\!killbox\is-TRSB3\skin\images\danger32.png
c:\!killbox\is-TRSB3\skin\images\dialer.png
c:\!killbox\is-TRSB3\skin\images\disk.png
c:\!killbox\is-TRSB3\skin\images\display.png
c:\!killbox\is-TRSB3\skin\images\error.png
c:\!killbox\is-TRSB3\skin\images\expand.png
c:\!killbox\is-TRSB3\skin\images\floppy.png
c:\!killbox\is-TRSB3\skin\images\Goodmail.png
c:\!killbox\is-TRSB3\skin\images\gripper.png
c:\!killbox\is-TRSB3\skin\images\help.png
c:\!killbox\is-TRSB3\skin\images\help16.png
c:\!killbox\is-TRSB3\skin\images\i16.png
c:\!killbox\is-TRSB3\skin\images\i24.png
c:\!killbox\is-TRSB3\skin\images\i32.png
c:\!killbox\is-TRSB3\skin\images\ids.png
c:\!killbox\is-TRSB3\skin\images\ie.png
c:\!killbox\is-TRSB3\skin\images\info.png
c:\!killbox\is-TRSB3\skin\images\integrity.png
c:\!killbox\is-TRSB3\skin\images\internet.png
c:\!killbox\is-TRSB3\skin\images\internet16.png
c:\!killbox\is-TRSB3\skin\images\intranet.png
c:\!killbox\is-TRSB3\skin\images\kav_en.png
c:\!killbox\is-TRSB3\skin\images\kav_ru.png
c:\!killbox\is-TRSB3\skin\images\kav2006.png
c:\!killbox\is-TRSB3\skin\images\kav2006rus.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_bs.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_caps.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_ctrl.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_enter.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_lshift.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_normal.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_rshift.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_slash.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_space.png
c:\!killbox\is-TRSB3\skin\images\kbdbtn_tab.png
c:\!killbox\is-TRSB3\skin\images\key.png
c:\!killbox\is-TRSB3\skin\images\kl.png
c:\!killbox\is-TRSB3\skin\images\local.png
c:\!killbox\is-TRSB3\skin\images\lockbutton.png
c:\!killbox\is-TRSB3\skin\images\locked.png
c:\!killbox\is-TRSB3\skin\images\logo.png
c:\!killbox\is-TRSB3\skin\images\mail.png
c:\!killbox\is-TRSB3\skin\images\mail_bad.png
c:\!killbox\is-TRSB3\skin\images\main_off16.png
c:\!killbox\is-TRSB3\skin\images\main_off32.png
c:\!killbox\is-TRSB3\skin\images\main_on16.png
c:\!killbox\is-TRSB3\skin\images\main_on32.png
c:\!killbox\is-TRSB3\skin\images\memory.png
c:\!killbox\is-TRSB3\skin\images\msg_bad.png
c:\!killbox\is-TRSB3\skin\images\msg_deleted.png
c:\!killbox\is-TRSB3\skin\images\msg_good.png
c:\!killbox\is-TRSB3\skin\images\msg_new.png
c:\!killbox\is-TRSB3\skin\images\msg_question.png
c:\!killbox\is-TRSB3\skin\images\navstate.png
c:\!killbox\is-TRSB3\skin\images\navstate2.png
c:\!killbox\is-TRSB3\skin\images\network.png
c:\!killbox\is-TRSB3\skin\images\nonrecursive.png
c:\!killbox\is-TRSB3\skin\images\notepad.png
c:\!killbox\is-TRSB3\skin\images\Notify.png
c:\!killbox\is-TRSB3\skin\images\office.png
c:\!killbox\is-TRSB3\skin\images\ok.png
c:\!killbox\is-TRSB3\skin\images\ok24.png
c:\!killbox\is-TRSB3\skin\images\ok32.png
c:\!killbox\is-TRSB3\skin\images\password.png
c:\!killbox\is-TRSB3\skin\images\pause.png
c:\!killbox\is-TRSB3\skin\images\popup_allowed.png
c:\!killbox\is-TRSB3\skin\images\popup_blocked.png
c:\!killbox\is-TRSB3\skin\images\Privacy.png
c:\!killbox\is-TRSB3\skin\images\rdisk.png
c:\!killbox\is-TRSB3\skin\images\regedit.png
c:\!killbox\is-TRSB3\skin\images\regicons.ico
c:\!killbox\is-TRSB3\skin\images\run.png
c:\!killbox\is-TRSB3\skin\images\settings.png
c:\!killbox\is-TRSB3\skin\images\startupobj.png
c:\!killbox\is-TRSB3\skin\images\stealth.png
c:\!killbox\is-TRSB3\skin\images\stop.png
c:\!killbox\is-TRSB3\skin\images\t_hdr.bmp
c:\!killbox\is-TRSB3\skin\images\t_row.bmp
c:\!killbox\is-TRSB3\skin\images\taskbar.png
c:\!killbox\is-TRSB3\skin\images\tasks\antihacker32.png
c:\!killbox\is-TRSB3\skin\images\tasks\antihackerX.png
c:\!killbox\is-TRSB3\skin\images\tasks\antispam32.png
c:\!killbox\is-TRSB3\skin\images\tasks\antispamX.png
c:\!killbox\is-TRSB3\skin\images\tasks\antispy32.png
c:\!killbox\is-TRSB3\skin\images\tasks\antispyX.png
c:\!killbox\is-TRSB3\skin\images\tasks\datafiles.png
c:\!killbox\is-TRSB3\skin\images\tasks\datafiles32.png
c:\!killbox\is-TRSB3\skin\images\tasks\file32.png
c:\!killbox\is-TRSB3\skin\images\tasks\fileX.png
c:\!killbox\is-TRSB3\skin\images\tasks\mail32.png
c:\!killbox\is-TRSB3\skin\images\tasks\mailX.png
c:\!killbox\is-TRSB3\skin\images\tasks\pdm32.png
c:\!killbox\is-TRSB3\skin\images\tasks\pdmX.png
c:\!killbox\is-TRSB3\skin\images\tasks\prot32.png
c:\!killbox\is-TRSB3\skin\images\tasks\protection.png
c:\!killbox\is-TRSB3\skin\images\tasks\scan32.png
c:\!killbox\is-TRSB3\skin\images\tasks\scanX.png
c:\!killbox\is-TRSB3\skin\images\tasks\support.png
c:\!killbox\is-TRSB3\skin\images\tasks\support32.png
c:\!killbox\is-TRSB3\skin\images\tasks\updater32.png
c:\!killbox\is-TRSB3\skin\images\tasks\updaterX.png
c:\!killbox\is-TRSB3\skin\images\tasks\web32.png
c:\!killbox\is-TRSB3\skin\images\tasks\webX.png
c:\!killbox\is-TRSB3\skin\images\title.png
c:\!killbox\is-TRSB3\skin\images\trusted.png
c:\!killbox\is-TRSB3\skin\images\unkobj.png
c:\!killbox\is-TRSB3\skin\images\unlocked.png
c:\!killbox\is-TRSB3\skin\images\visa.png
c:\!killbox\is-TRSB3\skin\images\warning.png
c:\!killbox\is-TRSB3\skin\images\warning24.png
c:\!killbox\is-TRSB3\skin\images\warning32.png
c:\!killbox\is-TRSB3\skin\images\wizard.png
c:\!killbox\is-TRSB3\skin\layout\avz.ini
c:\!killbox\is-TRSB3\skin\layout\main.ini
c:\!killbox\is-TRSB3\skin\layout\oas.ini
c:\!killbox\is-TRSB3\skin\layout\prot.ini
c:\!killbox\is-TRSB3\skin\layout\report.ini
c:\!killbox\is-TRSB3\skin\layout\scan.ini
c:\!killbox\is-TRSB3\skin\layout\service.ini
c:\!killbox\is-TRSB3\skin\layout\settings.ini
c:\!killbox\is-TRSB3\skin\prot.loc
c:\!killbox\is-TRSB3\skin\skin.ini
c:\!killbox\is-TRSB3\skin\sounds\Infected.wav
c:\!killbox\is-TRSB3\startup.exe
c:\!killbox\is-TRSB3\stdcomp.ppl
c:\!killbox\is-TRSB3\stenum2.ppl
c:\!killbox\is-TRSB3\stored.ppl
c:\!killbox\is-TRSB3\superio.ppl
c:\!killbox\is-TRSB3\tempfile.ppl
c:\!killbox\is-TRSB3\thpimpl.ppl
c:\!killbox\is-TRSB3\timer.ppl
c:\!killbox\is-TRSB3\tm.ppl
c:\!killbox\is-TRSB3\unarj.ppl
c:\!killbox\is-TRSB3\uniarc.ppl
c:\!killbox\is-TRSB3\unlzx.ppl
c:\!killbox\is-TRSB3\unreduce.ppl
c:\!killbox\is-TRSB3\unshrink.ppl
c:\!killbox\is-TRSB3\unstored.ppl
c:\!killbox\is-TRSB3\vmarea.ppl
c:\!killbox\is-TRSB3\wdiskio.ppl
c:\!killbox\is-TRSB3\winreg.ppl
c:\!killbox\is-TRSB3\xorio.ppl
c:\!killbox\is-TRSB3\zcompare.ppl
c:\!killbox\Logs\kb.log
c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
C:\SDFix
c:\sdfix\Add_DBFix_RunOnce_key.inf
c:\sdfix\apps\assosfix.reg
c:\sdfix\apps\Cghtme.exe
c:\sdfix\apps\cliptext.exe
c:\sdfix\apps\DBFix.inf
c:\sdfix\apps\download.exe
c:\sdfix\apps\dummy.sys
c:\sdfix\apps\Enable_Command_Prompt.inf
c:\sdfix\apps\Enable_Command_Prompt.reg
c:\sdfix\apps\ERDNT.E_E
c:\sdfix\apps\ERDNTDOS.LOC
c:\sdfix\apps\ERDNTWIN.LOC
c:\sdfix\apps\ERUNT.EXE
c:\sdfix\apps\ERUNT.LOC
c:\sdfix\apps\fix.reg
c:\sdfix\apps\FixBeep.reg
c:\sdfix\apps\FixBH.reg
c:\sdfix\apps\FixComponents.reg
c:\sdfix\apps\FIXCU.reg
c:\sdfix\apps\FIXLM.reg
c:\sdfix\apps\FixPath.exe
c:\sdfix\apps\FixRedir.reg
c:\sdfix\apps\FixSchedule.reg
c:\sdfix\apps\FixWebCheck.reg
c:\sdfix\apps\fixXP.reg
c:\sdfix\apps\FixXPsp2.reg
c:\sdfix\apps\grep.exe
c:\sdfix\apps\HaxdFix.reg
c:\sdfix\apps\HPFix.reg
c:\sdfix\apps\HPFix2.reg
c:\sdfix\apps\HPFix3.reg
c:\sdfix\apps\HPFix4.reg
c:\sdfix\apps\HPFix5.reg
c:\sdfix\apps\HPFix6.reg
c:\sdfix\apps\HPFix7.reg
c:\sdfix\apps\HPFix8.reg
c:\sdfix\apps\HPFix9.reg
c:\sdfix\apps\Installed.txt
c:\sdfix\apps\isadmin.exe
c:\sdfix\apps\leg2.txt
c:\sdfix\apps\legacy.txt
c:\sdfix\apps\legacybk.txt
c:\sdfix\apps\locate.com
c:\sdfix\apps\LS.exe
c:\sdfix\apps\MD5File.exe
c:\sdfix\apps\moveex.exe
c:\sdfix\apps\MyGcpvFix.reg
c:\sdfix\apps\MyGkFix2.reg
c:\sdfix\apps\Process.exe
c:\sdfix\apps\procs.exe
c:\sdfix\apps\psservice.exe
c:\sdfix\apps\Rem.txt
c:\sdfix\apps\Rem2.txt
c:\sdfix\apps\Replace\regedit.exe
c:\sdfix\apps\Replace\w2k\AUTOEXEC.NT
c:\sdfix\apps\Replace\w2k\beep.sys
c:\sdfix\apps\Replace\w2k\command.com
c:\sdfix\apps\Replace\w2k\command.PIF
c:\sdfix\apps\Replace\w2k\CONFIG.NT
c:\sdfix\apps\Replace\w2k\null.sys
c:\sdfix\apps\Replace\xp\AUTOEXEC.NT
c:\sdfix\apps\Replace\xp\beep.sys
c:\sdfix\apps\Replace\xp\command.com
c:\sdfix\apps\Replace\xp\command.PIF
c:\sdfix\apps\Replace\xp\CONFIG.NT
c:\sdfix\apps\Replace\xp\null.sys
c:\sdfix\apps\Reset_AppInit_DLLs.reg
c:\sdfix\apps\RestartIt!.exe
c:\sdfix\apps\Restore_SafeBoot_Windows2000.reg
c:\sdfix\apps\Restore_SafeBoot_WindowsXP.reg
c:\sdfix\apps\Restore_SafeBoot_WindowsXP_SP2.reg
c:\sdfix\apps\Restore_SafeBoot_WindowsXP_SP3.reg
c:\sdfix\apps\Restore_SecurityCenter.reg
c:\sdfix\apps\Restore_SharedAccess.reg
c:\sdfix\apps\sc.exe
c:\sdfix\apps\sed.exe
c:\sdfix\apps\SF.exe
c:\sdfix\apps\shutdown.exe
c:\sdfix\apps\srv2.txt
c:\sdfix\apps\srv2bk.txt
c:\sdfix\apps\svc.txt
c:\sdfix\apps\svcbk.txt
c:\sdfix\apps\Swreg.exe
c:\sdfix\apps\swsc.exe
c:\sdfix\apps\UnRAR.exe
c:\sdfix\apps\unzip.exe
c:\sdfix\apps\vfind.exe
c:\sdfix\apps\WINMSG.EXE
c:\sdfix\apps\winsec.reg
c:\sdfix\apps\zip.exe
c:\sdfix\catchme.exe
c:\sdfix\DBFix.bat
c:\sdfix\dummy.sys
c:\sdfix\RunThis.bat
c:\sdfix\SDFIX_ReadMe_Online.url
c:\sdfix\W2K_VirusAlert_Repair.inf
c:\sdfix\XP_VirusAlert_Repair.inf
c:\users\Rosśa\Documents\cc_20090120_173934.reg
c:\program files\Virus Removal Tool . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\advdis.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\arj.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\arjpack.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avlib.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avp.dt . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\Avp_io32.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avp_iont.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avp1.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avp3info.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avpgs.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avpgui.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avpmgr.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avs.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avspm.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avzkrnl.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avzproxy.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\avzscan.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\base64.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\base64p.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\basegui.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\avp_x.set . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\backup.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\bt.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\engine.dt . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\keylogger.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\klavemu.kdl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\klavemu.kfb . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\krnldrv.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\megabase.avc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\neural.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\neurald.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\neurale.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\neuralm.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\ports.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\prt.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\repair.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\rootkit.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\scripts.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\signf001.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\signf002.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\signf003.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\signf004.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\signf005.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\signfavp.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\signfusr.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\sr.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\srdb.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\startup.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\syscheck.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\sysipu.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\tsw.avz . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bases\verdicts.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\bl.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\btdisk.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\btimages.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\buffer.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\cab.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\crpthlpr.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\deflate.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\dmap.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\drivers\50858814.cat . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\drivers\50858814.inf . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\drivers\50858814.sys . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\drivers\drvins32.exe . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\dtreg.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\explode.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\filemap.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\fsdrvplg.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\fssync.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\getsi.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\hashcont.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\hashmd5.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\hccmp.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\ichk2.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\inflate.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\inifile.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\is-TRSB3.cfg . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\is-TRSB3.com . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\is-TRSB3.exe . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\iwgen.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\kldirobj.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\klipc.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\l_llio.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\lha.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\mailmsg.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\mdmap.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\memmodsc.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\memscan.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\Microsoft.VC80.CRT.manifest . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\minizip.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\minst.exe . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\mkavio.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\msoe.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\msvcm80.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\msvcp80.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\msvcr80.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\nfio.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\ntfsstrm.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\ods.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\params.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\passdmap.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\pdm.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\pdm2rt.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\prkernel.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\prloader.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\procmon.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\prremote.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\prseqio.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\prutil.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\pxstub.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\qb.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\rar.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\reggrd.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\regmap.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\report.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\resip.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\scmhlpr.dll . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\sfdb.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\avz.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\avzkrnl.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\credits.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\hints.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\iso3166-1.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\main.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\oas.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\prot.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\report.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\scan.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\service.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\en\settings.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\enums.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\activity.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\application.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\Arrow.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\background.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\badmail.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\banner.gif . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\Banner.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\battery.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\bootsect.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\collapse.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\danger24.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\danger32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\dialer.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\disk.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\display.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\error.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\expand.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\floppy.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\Goodmail.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\gripper.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\help.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\help16.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\i16.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\i24.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\i32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\ids.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\ie.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\info.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\integrity.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\internet.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\internet16.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\intranet.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kav_en.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kav_ru.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kav2006.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kav2006rus.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_bs.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_caps.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_ctrl.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_enter.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_lshift.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_normal.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_rshift.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_slash.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_space.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kbdbtn_tab.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\key.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\kl.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\local.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\lockbutton.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\locked.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\logo.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\mail.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\mail_bad.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\main_off16.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\main_off32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\main_on16.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\main_on32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\memory.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\msg_bad.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\msg_deleted.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\msg_good.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\msg_new.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\msg_question.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\navstate.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\navstate2.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\network.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\nonrecursive.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\notepad.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\Notify.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\office.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\ok.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\ok24.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\ok32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\password.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\pause.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\popup_allowed.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\popup_blocked.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\Privacy.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\rdisk.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\regedit.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\regicons.ico . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\run.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\settings.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\startupobj.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\stealth.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\stop.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\t_hdr.bmp . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\t_row.bmp . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\taskbar.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\antihacker32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\antihackerX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\antispam32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\antispamX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\antispy32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\antispyX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\datafiles.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\datafiles32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\file32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\fileX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\mail32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\mailX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\pdm32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\pdmX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\prot32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\protection.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\scan32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\scanX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\support.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\support32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\updater32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\updaterX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\web32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\tasks\webX.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\title.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\trusted.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\unkobj.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\unlocked.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\visa.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\warning.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\warning24.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\warning32.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\images\wizard.png . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\avz.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\main.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\oas.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\prot.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\report.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\scan.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\service.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\layout\settings.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\prot.loc . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\skin.ini . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\skin\sounds\Infected.wav . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\startup.exe . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\stdcomp.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\stenum2.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\stored.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\superio.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\tempfile.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\thpimpl.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\timer.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\tm.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\unarj.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\uniarc.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\unlzx.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\unreduce.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\unshrink.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\unstored.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\vmarea.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\wdiskio.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\winreg.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\xorio.ppl . . . . nemohl být smazán
c:\program files\Virus Removal Tool\is-TRSB3\zcompare.ppl . . . . nemohl být smazán

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MySQL


((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.

2010-01-20 12:45 . 2010-01-20 12:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-20 12:45 . 2010-01-20 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-18 13:43 . 2010-01-18 13:43 77312 ----a-w- C:\mbr.exe
2010-01-17 18:07 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-17 18:07 . 2010-01-17 18:07 -------- d-----w- c:\programdata\Malwarebytes
2010-01-17 18:07 . 2010-01-17 18:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-17 18:07 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-16 22:55 . 2010-01-16 22:55 -------- d-----w- c:\program files\Trend Micro
2010-01-13 12:47 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 12:47 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-07 21:55 . 2010-01-07 21:55 -------- d-----w- c:\programdata\Ubisoft
2010-01-04 22:56 . 2010-01-04 22:56 -------- d-----w- C:\My Music
2009-12-23 23:50 . 2009-12-24 00:00 -------- d--h--w- c:\windows\msdownld.tmp
2009-12-22 12:25 . 2009-12-22 12:25 -------- d-----w- c:\program files\URUSoft
2009-12-22 12:06 . 2009-12-22 12:06 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 12:55 . 2007-01-08 21:09 598838 ----a-w- c:\windows\system32\perfh005.dat
2010-01-20 12:55 . 2007-01-08 21:09 115014 ----a-w- c:\windows\system32\perfc005.dat
2010-01-20 12:53 . 2009-12-09 18:21 70575 ----a-w- c:\programdata\nvModes.dat
2010-01-20 12:52 . 2009-01-20 18:32 1065605152 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-01-20 12:46 . 2009-01-20 18:32 12488960 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-01-17 22:01 . 2009-07-01 18:34 -------- d-----w- c:\program files\ICQ6.5
2010-01-14 10:12 . 2009-10-25 16:07 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 13:51 . 2008-01-17 11:43 -------- d-----w- c:\program files\Java
2010-01-13 13:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-07 21:36 . 2007-09-26 19:59 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-24 00:35 . 2007-09-26 19:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-13 17:23 . 2009-10-28 14:42 -------- d-----w- c:\program files\TeamViewer
2009-12-09 22:27 . 2009-11-29 12:57 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-09 18:21 . 2007-09-27 02:11 -------- d-----w- c:\programdata\NVIDIA
2009-12-09 16:05 . 2009-12-09 16:03 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-09 16:04 . 2009-12-09 16:04 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-09 16:04 . 2009-12-09 16:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-30 11:13 . 2008-05-05 08:31 -------- d-----w- c:\program files\Common Files\Real
2009-11-30 11:13 . 2009-11-30 11:13 -------- d-----w- c:\program files\Common Files\xing shared
2009-11-30 11:12 . 2009-11-30 11:12 -------- d-----w- c:\program files\real
2009-11-24 23:54 . 2007-12-14 18:22 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2008-04-01 17:43 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-04-01 17:43 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2007-12-14 18:22 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2007-12-14 18:22 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2007-12-14 18:22 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2007-12-14 18:22 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-20 19:33 . 2009-11-20 19:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 19:33 . 2009-11-20 19:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 19:33 . 2009-11-20 19:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 19:33 . 2009-11-20 19:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:33 . 2009-11-20 19:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 19:33 . 2009-11-20 19:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-11-19 20:42 . 2007-09-26 19:37 592488 ----a-w- c:\windows\system32\nvuninst.exe
2009-11-10 16:34 . 2009-11-10 16:34 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-11-09 12:31 . 2009-12-10 15:18 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-10 15:18 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-10 15:18 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-29 09:17 . 2009-11-25 12:48 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-27 14:11 . 2009-12-10 00:09 834048 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 13:16 . 2009-12-10 00:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-25 19:56 . 2009-10-25 19:56 515832 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-05-25 159744]
"FIC HotKey"="c:\program files\Hotkey Utility\tray.exe" [2007-07-13 561152]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-05-16 29696]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"HP Software Update"="d:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2009-01-16 1473536]
"TO2WCM_McciTrayApp"="c:\program files\TO2WCM\McciTrayApp.exe" [2008-01-30 1473536]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-30 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-11-3 113664]
HP Digital Imaging Monitor.lnk - d:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):8c,07,28,4d,2e,3d,ca,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [1.4.2008 18:43 114768]
R1 is-ENP3Fdrv;is-ENP3Fdrv;c:\windows\System32\drivers\53811711.sys [20.1.2009 19:34 148496]
R1 is-TRSB3drv;is-TRSB3drv;c:\windows\System32\drivers\50858814.sys [20.1.2009 21:19 148496]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [1.4.2008 18:43 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [14.12.2007 19:22 53328]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [23.1.2009 0:36 21504]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [8.12.2009 11:46 185640]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\System32\drivers\sis163u.sys [26.9.2007 20:41 218624]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [23.1.2009 0:36 21504]
S3 SS1018mdm;Sony Ericsson Mobile Device Full USB Driver;c:\windows\System32\drivers\SS1018mdm.sys [16.10.2008 10:25 58536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-01-20 c:\windows\Tasks\User_Feed_Synchronization-{909788C6-715E-4C23-AB4C-84BC5CFBCDAB}.job
- c:\windows\system32\msfeedssync.exe [2009-01-22 22:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.cz.o2.com/welcome/cz/index.html
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {3C9192E4-4D4D-4DB7-81FD-D72B65E8B7F8} = 192.168.0.1
FF - ProfilePath - c:\users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL -
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 13:53
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\windows\TEMP\TMP0000005089B5744D9D700781 524288 bytes

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8501C1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x885abd24
\Driver\ACPI -> acpi.sys @ 0x8073fd68
\Driver\atapi -> 0x8501b1f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\conime.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\program files\OpenOffice.org 2.3\program\soffice.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\OpenOffice.org 2.3\program\soffice.BIN
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Celkový čas: 2010-01-20 14:01:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-20 13:01
ComboFix2.txt 2010-01-17 22:13
ComboFix3.txt 2009-01-20 17:17

Před spuštěním: Volných bajtů: 47 330 111 488
Po spuštění: Volných bajtů: 47 132 954 624

- - End Of File - - 0D9E1B7F53FFFE7D1AC90B09D33CBF8B

[Paynn]

tady je hjt.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:56:00, on 16.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Hotkey Utility\tray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
D:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\TO2WCM\McciTrayApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Apoint2K\Apntex.exe
c:\program files\relevantknowledge\rlvknlg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\perfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cz.o2.com/welcome/cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Startup: is-ENP3F.lnk = ?
O4 - Startup: is-TRSB3.lnk = C:\Program Files\Virus Removal Tool\is-TRSB3\startup.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C9192E4-4D4D-4DB7-81FD-D72B65E8B7F8}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8739 bytes

[Paynn]

Pc se mě zdá o trochu tiší, CPU už se docela uklidnilo, nemám tam takový vysoký hodnoty jako předtím. Ještě jestli bych mohl poprosit nějak odstranit ten Virus removal tool

[Damned]

Ten VRT je od Kasperskyho?

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

[Paynn]

ten VRT by měl být od Kasperského, nejsem si jistý, už ho tu mám dlouho.

OTL log:

OTL logfile created on: 21.1.2010 14:17:32 - Run 1
OTL by OldTimer - Version 3.1.25.3 Folder = C:\Users\Rosťa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 43,81 Gb Free Space | 47,52% Space Free | Partition Type: NTFS
Drive D: | 45,12 Gb Total Space | 16,01 Gb Free Space | 35,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROSŤA-PC
Current User Name: Rosťa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Rosťa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\TO2WCM\McciTrayApp.exe (Motive Communications, Inc.)
PRC - C:\Program Files\OpenOffice.org 2.3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 2.3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
PRC - C:\Program Files\Hotkey Utility\tray.exe ()
PRC - C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - D:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
PRC - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Apoint2K\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Rosťa\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (HsfXAudioService) -- C:\Windows\System32\XAudio32.dll (Conexant Systems, Inc.)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (XAudioService) -- C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (McciCMService) -- C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.)
SRV - (hpqddsvc) -- D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (hpqcxs08) -- D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (IviRegMgr) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (pcouffin) -- C:\Windows\System32\drivers\pcouffin.sys (VSO Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio32.sys (Conexant Systems, Inc.)
DRV - (SS1018mdm) -- C:\Windows\System32\drivers\SS1018mdm.sys (Sony Ericsson)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (is-TRSB3drv) -- C:\Windows\System32\drivers\50858814.sys (Kaspersky Lab)
DRV - (is-ENP3Fdrv) -- C:\Windows\System32\drivers\53811711.sys (Kaspersky Lab)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (Cam5603D) -- C:\Windows\System32\drivers\BisonCam.sys ()
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (SIS163u) -- C:\Windows\System32\drivers\sis163u.sys (Silicon Integrated Systems Corp.)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (WINIO) -- C:\Windows\System32\WinIo.sys (http://www.internals.com)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvatabus) -- C:\Windows\system32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (mdmxsdk) -- C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (viamraid) -- C:\Windows\system32\drivers\viamraid.sys (VIA Technologies inc,.ltd)
DRV - (JGOGO) -- C:\Windows\system32\drivers\jgogo.sys (JMicron )
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cz.o2.com/welcome/cz/index.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: de-AT@dictionaries.addons.mozilla.org:2.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
FF - prefs.js..keyword.URL: ""

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.07.16 22:06:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: c:\program files\real\realplayer\browserrecord\firefox\ext [2009.11.30 12:13:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.12 01:18:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.12 01:18:49 | 00,000,000 | ---D | M]

[2008.08.30 20:50:22 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Extensions
[2008.08.30 20:50:22 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.01.20 21:31:23 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\extensions
[2009.07.16 23:46:51 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.09 15:18:50 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.10.01 15:54:49 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\extensions\battlefieldheroespatcher@ea.com
[2009.08.09 15:18:51 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\extensions\cs@dictionaries.addons.mozilla.org
[2009.08.09 15:18:50 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\extensions\de-AT@dictionaries.addons.mozilla.org
[2008.02.15 00:07:46 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2009.11.09 20:53:40 | 00,002,236 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\askcom.xml
[2009.01.17 19:01:25 | 00,002,921 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\daemon-search.xml
[2010.01.20 19:37:22 | 00,000,961 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-1.xml
[2008.09.26 23:27:32 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-10.xml
[2008.09.28 14:58:21 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-11.xml
[2008.11.15 16:08:01 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-12.xml
[2008.12.27 19:55:29 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-13.xml
[2009.01.04 01:17:22 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-14.xml
[2009.02.06 21:27:32 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-15.xml
[2009.02.06 23:06:40 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-16.xml
[2009.03.07 15:11:27 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-17.xml
[2009.03.29 21:41:00 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-18.xml
[2009.04.25 22:00:44 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-19.xml
[2008.02.09 16:33:25 | 00,000,951 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-2.xml
[2009.04.29 15:00:59 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-20.xml
[2009.06.21 09:49:31 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-21.xml
[2009.07.22 13:16:56 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-22.xml
[2009.08.08 11:54:13 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-23.xml
[2009.08.09 15:19:19 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-24.xml
[2009.09.15 23:01:56 | 00,000,961 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-25.xml
[2009.10.30 18:04:49 | 00,000,961 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-26.xml
[2009.11.09 20:53:39 | 00,000,961 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-27.xml
[2009.11.12 16:40:46 | 00,000,961 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-28.xml
[2010.01.12 01:19:05 | 00,000,961 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-29.xml
[2008.02.15 00:07:52 | 00,000,951 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-3.xml
[2010.01.17 13:27:20 | 00,000,961 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-30.xml
[2008.03.30 20:50:23 | 00,000,951 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-4.xml
[2008.04.20 00:26:45 | 00,000,951 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-5.xml
[2008.07.04 23:58:38 | 00,000,951 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-6.xml
[2008.07.05 16:35:23 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-7.xml
[2008.07.16 20:49:31 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-8.xml
[2008.08.30 20:51:06 | 00,000,950 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin-9.xml
[2009.06.07 13:21:06 | 00,000,944 | ---- | M] () -- C:\Users\Rosťa\AppData\Roaming\Mozilla\Firefox\Profiles\ar660afw.default\searchplugins\icqplugin.xml
[2010.01.13 14:51:58 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.12 01:18:49 | 00,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008.01.17 12:43:52 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2008.03.25 12:48:18 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[2008.09.26 14:29:55 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008.11.29 16:04:29 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2008.12.16 17:53:57 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.03.29 17:25:51 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2010.01.13 14:51:58 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2008.08.30 20:49:56 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2010.01.12 01:18:44 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.01.12 01:18:44 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.05.01 22:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2007.04.10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2007.04.30 15:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2009.10.11 04:17:27 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.05.12 19:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2010.01.12 01:18:47 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009.02.27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009.11.30 12:13:17 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009.01.26 10:47:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009.01.26 10:47:58 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009.01.26 10:47:59 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009.01.26 10:47:59 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009.01.26 10:47:59 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009.01.26 10:48:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009.01.26 10:48:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009.11.30 12:13:40 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2009.11.30 12:13:09 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009.05.01 22:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009.10.30 18:04:24 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009.10.30 18:04:24 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.10.30 18:04:24 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.10.30 18:04:24 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.10.30 18:04:24 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.10.30 18:04:24 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.01.20 13:52:24 | 00,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [TO2WCM_McciTrayApp] C:\Program Files\TO2WCM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Rosťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-ENP3F.lnk = C:\Users\Rosťa\Desktop\Virus Removal Tool\is-ENP3F\startup.exe File not found
O4 - Startup: C:\Users\Rosťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\is-TRSB3.lnk = C:\Program Files\Virus Removal Tool\is-TRSB3\startup.exe ()
O4 - Startup: C:\Users\Rosťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O4 - Startup: C:\Users\Rosťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Rosťa\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rosťa\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.01.21 13:53:30 | 00,546,816 | ---- | C] (OldTimer Tools) -- C:\Users\Rosťa\Desktop\OTL.exe
[2010.01.20 14:01:28 | 00,000,000 | ---D | C] -- C:\Users\Rosťa\AppData\Local\temp
[2010.01.20 14:00:30 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.01.17 19:07:09 | 00,000,000 | ---D | C] -- C:\Users\Rosťa\AppData\Roaming\Malwarebytes
[2010.01.17 19:07:04 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.01.17 19:07:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.01.17 19:07:01 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.01.17 19:07:01 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.01.17 00:18:16 | 00,000,000 | ---D | C] -- C:\Users\Rosťa\AppData\Local\Adobe
[2010.01.16 23:55:54 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.01.13 14:51:55 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.01.13 14:51:55 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.01.13 14:51:55 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.01.13 13:47:30 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.13 13:47:30 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.12 16:51:12 | 00,000,000 | ---D | C] -- C:\Users\Rosťa\Documents\ICQ
[2010.01.08 13:39:37 | 00,000,000 | ---D | C] -- C:\Users\Rosťa\AppData\Roaming\Ubisoft
[2010.01.07 22:55:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2009.12.22 13:06:47 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\Rosťa\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[Paynn]

[2010.01.21 14:16:42 | 04,456,448 | ---- | M] () -- C:\Users\Rosťa\ntuser.dat
[2010.01.21 14:16:16 | 10,722,95968 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2010.01.21 13:53:53 | 01,393,930 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.01.21 13:53:53 | 00,598,838 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.01.21 13:53:53 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.01.21 13:53:53 | 00,115,014 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.01.21 13:53:53 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.01.21 13:53:31 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Users\Rosťa\Desktop\OTL.exe
[2010.01.21 13:48:18 | 00,070,575 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.01.21 13:48:11 | 00,070,575 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.01.21 13:47:05 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.01.21 13:47:04 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.01.21 13:47:04 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.01.21 13:46:52 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.01.21 13:46:44 | 21,462,34368 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.21 13:45:58 | 12,563,288 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2010.01.21 13:45:46 | 00,524,288 | -HS- | M] () -- C:\Users\Rosťa\ntuser.dat{1ce1d710-039e-11de-9f8b-00140b3b0b98}.TMContainer00000000000000000001.regtrans-ms
[2010.01.21 13:45:46 | 00,065,536 | -HS- | M] () -- C:\Users\Rosťa\ntuser.dat{1ce1d710-039e-11de-9f8b-00140b3b0b98}.TM.blf
[2010.01.21 13:45:45 | 02,706,809 | -H-- | M] () -- C:\Users\Rosťa\AppData\Local\IconCache.db
[2010.01.21 13:41:31 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{909788C6-715E-4C23-AB4C-84BC5CFBCDAB}.job
[2010.01.20 21:19:13 | 00,103,936 | ---- | M] () -- C:\Users\Rosťa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.20 21:19:12 | 06,776,499 | ---- | M] () -- C:\Users\Rosťa\Desktop\Prezidenti%20USA.wmv
[2010.01.20 21:02:38 | 03,300,770 | ---- | M] () -- C:\Users\Rosťa\Desktop\CarThief.wmv
[2010.01.20 17:46:26 | 11,783,451 | ---- | M] () -- C:\Users\Rosťa\Desktop\LADY GAGA - Bad Romance.mp3
[2010.01.20 13:53:16 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.01.20 13:52:24 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.01.18 11:55:16 | 51,616,595 | ---- | M] () -- C:\Users\Rosťa\Desktop\beck-roland-sangha-praha-19-11-2009.mp3
[2010.01.17 19:07:07 | 00,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.01.14 17:25:39 | 02,463,428 | ---- | M] () -- C:\Users\Rosťa\Desktop\Swajambhu[1]_82.jpg
[2010.01.14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.01.13 23:23:02 | 02,818,873 | ---- | M] () -- C:\Users\Rosťa\Desktop\tanecnik.wm
[2010.01.12 17:08:11 | 45,426,816 | ---- | M] () -- C:\Users\Rosťa\Desktop\schrerer-burkhard-nedelni-prednaska-jilemnice-20-6-2009.mp3
[2010.01.12 17:04:28 | 88,903,808 | ---- | M] () -- C:\Users\Rosťa\Desktop\schrerer-burkhard-sobotni-prednaska-jilemnice-19-6-2009.mp3
[2010.01.12 17:00:02 | 93,055,104 | ---- | M] () -- C:\Users\Rosťa\Desktop\schrerer-burkhard-Interni-prednaska-brno-18-6-2009.mp3
[2010.01.12 16:08:57 | 07,026,688 | ---- | M] () -- C:\Users\Rosťa\Desktop\Shrek Soundtrack 11. The Proclaimers - I'm On My Way.mp3
[2010.01.07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.01.07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.01.20 21:18:57 | 06,776,499 | ---- | C] () -- C:\Users\Rosťa\Desktop\Prezidenti%20USA.wmv
[2010.01.20 21:02:26 | 03,300,770 | ---- | C] () -- C:\Users\Rosťa\Desktop\CarThief.wmv
[2010.01.20 17:46:24 | 11,783,451 | ---- | C] () -- C:\Users\Rosťa\Desktop\LADY GAGA - Bad Romance.mp3
[2010.01.18 11:53:37 | 51,616,595 | ---- | C] () -- C:\Users\Rosťa\Desktop\beck-roland-sangha-praha-19-11-2009.mp3
[2010.01.17 19:07:07 | 00,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.01.14 17:26:03 | 02,463,428 | ---- | C] () -- C:\Users\Rosťa\Desktop\Swajambhu[1]_82.jpg
[2010.01.13 23:23:02 | 02,818,873 | ---- | C] () -- C:\Users\Rosťa\Desktop\tanecnik.wm
[2010.01.12 17:06:43 | 45,426,816 | ---- | C] () -- C:\Users\Rosťa\Desktop\schrerer-burkhard-nedelni-prednaska-jilemnice-20-6-2009.mp3
[2010.01.12 17:01:21 | 88,903,808 | ---- | C] () -- C:\Users\Rosťa\Desktop\schrerer-burkhard-sobotni-prednaska-jilemnice-19-6-2009.mp3
[2010.01.12 16:56:22 | 93,055,104 | ---- | C] () -- C:\Users\Rosťa\Desktop\schrerer-burkhard-Interni-prednaska-brno-18-6-2009.mp3
[2010.01.12 16:08:41 | 07,026,688 | ---- | C] () -- C:\Users\Rosťa\Desktop\Shrek Soundtrack 11. The Proclaimers - I'm On My Way.mp3
[2009.12.22 13:08:23 | 00,001,041 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\vso_ts_preview.xml
[2009.12.22 13:07:50 | 00,000,033 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\pcouffin.log
[2009.12.22 13:06:48 | 00,087,608 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\inst.exe
[2009.12.22 13:06:47 | 00,007,887 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\pcouffin.cat
[2009.12.22 13:06:47 | 00,001,144 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\pcouffin.inf
[2009.12.09 19:21:13 | 00,070,575 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.12.09 19:21:13 | 00,070,575 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.11.10 17:34:04 | 00,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009.09.24 12:28:42 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.23 21:19:19 | 00,139,152 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\PnkBstrK.sys
[2009.08.07 21:30:20 | 00,000,000 | ---- | C] () -- C:\Windows\galaxy.ini
[2009.08.03 00:21:54 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.01.23 17:57:31 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.11.06 17:37:32 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.11.06 17:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008.11.06 17:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008.03.24 21:44:24 | 00,005,108 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.01.07 14:06:42 | 00,000,000 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\wklnhst.dat
[2007.12.28 15:34:45 | 00,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2007.12.28 15:34:45 | 00,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2007.12.26 09:19:01 | 00,103,936 | ---- | C] () -- C:\Users\Rosťa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.24 22:45:38 | 00,041,335 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\nvModes.001
[2007.12.24 22:45:37 | 00,041,335 | ---- | C] () -- C:\Users\Rosťa\AppData\Roaming\nvModes.dat
[2007.12.23 00:20:50 | 00,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007.12.14 19:19:41 | 00,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.12.14 19:19:37 | 01,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.12.14 19:19:37 | 00,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007.12.14 19:19:35 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.12.14 19:19:35 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007.12.13 23:18:25 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.09.26 20:43:24 | 00,753,456 | ---- | C] () -- C:\Windows\System32\drivers\BisonCam.sys
[2007.09.26 20:43:24 | 00,015,190 | ---- | C] () -- C:\Windows\M2000Twn.ini
[2007.09.26 20:22:57 | 00,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2006.11.02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.08.11 08:52:02 | 00,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2006.04.13 11:30:06 | 01,073,152 | ---- | C] () -- C:\Windows\System32\libmysql_c.dll

========== LOP Check ==========

[2010.01.05 21:51:01 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\avidemux
[2009.01.17 19:02:45 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\DAEMON Tools
[2009.01.17 19:02:45 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\DAEMON Tools Lite
[2009.01.17 19:02:45 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\DAEMON Tools Pro
[2009.08.16 20:05:34 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Desktopicon
[2010.01.06 17:22:15 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\eBookPro6
[2009.02.26 01:58:01 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\GHISLER
[2010.01.06 00:14:57 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\gtk-2.0
[2010.01.19 21:17:44 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\ICQ
[2008.01.03 11:56:03 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\ICQ Toolbar
[2007.12.13 23:12:41 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\InterVideo
[2009.12.24 00:34:04 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\LucasArts
[2009.11.10 15:33:01 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Passware
[2009.04.29 18:02:36 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\SecondLife
[2009.10.28 15:48:17 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\TeamViewer
[2008.10.16 13:11:39 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Template
[2010.01.08 13:39:37 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Ubisoft
[2009.11.09 14:11:56 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\uTorrent
[2009.12.22 13:12:36 | 00,000,000 | ---D | M] -- C:\Users\Rosťa\AppData\Roaming\Vso
[2010.01.21 13:45:47 | 00,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.01.21 13:41:31 | 00,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{909788C6-715E-4C23-AB4C-84BC5CFBCDAB}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 737 bytes -> C:\Users\Rosťa\Desktop\heslo.eml:OECustomProperty
@Alternate Data Stream - 64 bytes -> C:\Users\Rosťa\Desktop\Rolling_HandsB.avi:TOC.WMV
@Alternate Data Stream - 498 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >

[Paynn]

Extras log:

OTL Extras logfile created on: 21.1.2010 14:17:32 - Run 1
OTL by OldTimer - Version 3.1.25.3 Folder = C:\Users\Rosťa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 43,81 Gb Free Space | 47,52% Space Free | Partition Type: NTFS
Drive D: | 45,12 Gb Total Space | 16,01 Gb Free Space | 35,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROSŤA-PC
Current User Name: Rosťa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3C722697-771E-46FE-B8DF-331C1D7196DC}" = rport=445 | protocol=6 | dir=out | app=system |
"{4283D011-4CD6-41CD-AD06-D8EFAA60B33F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{561D15A3-1442-42FA-BF54-26352E82F5D6}" = lport=139 | protocol=6 | dir=in | app=system |
"{58930741-8840-4FDD-B915-E00B336E667C}" = rport=137 | protocol=17 | dir=out | app=system |
"{68233412-0184-4A51-AE6C-472B090E22AA}" = lport=3306 | protocol=6 | dir=in | name=mysql server |
"{6FD7A5BD-0855-4438-8887-1A6341F7BB5D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{965B383D-7663-4584-A5DF-165760A98A4A}" = lport=138 | protocol=17 | dir=in | app=system |
"{CE6DCD0C-A130-4CFD-AC36-6BCA21A21B32}" = lport=445 | protocol=6 | dir=in | app=system |
"{CFBE59F2-EA74-4A4F-B96B-2CCE4ECD74BE}" = rport=139 | protocol=6 | dir=out | app=system |
"{D60CB147-ECF7-4E97-8FE0-D1942CACECFF}" = lport=137 | protocol=17 | dir=in | app=system |
"{D9FB705A-245E-4034-B77D-5B6168615CB9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FA07C183-5487-4C96-9E03-BA99EDE4210A}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0056A9F1-4594-4024-8056-7F1D2F791FE0}" = protocol=6 | dir=in | app=d:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{015DD7C4-CF13-4589-8260-9FB652987393}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{0C3B8723-923F-4285-A9DD-DA463002046F}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{1CDE92C7-2939-481E-BD9D-5153959E19DD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2380B9D4-AD20-4B00-B891-F3CFA5AD5A78}" = protocol=17 | dir=in | app=d:\program files\ea games\battlefield 2\bf2.exe |
"{313596F5-A124-45ED-B933-01087427411A}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"{3260E7CE-2A75-4B18-991D-CD73D1789A22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{35939493-E00A-4371-8EB8-695516602693}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{38961808-0296-46D8-82CB-7B8948B76A03}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{43E36C96-6A37-45CD-9C7E-EB4D6684EA3F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4553E9D0-C308-4E76-A037-457F409BFCDF}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{47977EC3-D657-4233-97D2-B6B70E6016D8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{531C201F-95D8-4549-AEA6-782A88CCDE0C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{5DE33400-4051-487E-9165-93D73EAE736A}" = protocol=6 | dir=in | app=d:\program files\ea games\battlefield 2\bf2.exe |
"{60FD7F7F-3DE6-4296-8341-FC8017926927}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{61D3B88B-3894-4CC9-A3C3-6AA92BA2E348}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6240F8A4-92E0-4642-B144-CB9277BA4FE6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6ABCC84D-75B9-4ADD-9767-1ED3E7761258}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{74567E2A-60A2-4ECF-B57A-5EEC7EF55CC8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{74618826-0CE1-4FFE-9E51-FC0DE59B0B5B}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{7C099A4A-EF7B-4A6F-B0FE-832F638A44D4}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{89C2E34B-218D-45AC-9AAC-F99070ADFB60}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{983EDD5B-4CFE-492B-9835-E139F9234E95}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"{ACC2013D-447F-4536-8227-571EDBB4CD30}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AD789D72-F98E-4824-B7EB-82C912BA2B1C}" = protocol=6 | dir=in | app=d:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{B35C552F-41A8-436D-938F-4343C171C3E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5532907-0C3A-4672-8EA7-97A58074605F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BE5C7FBB-49CD-4A6A-82CF-8DAFA20E4A72}" = protocol=17 | dir=in | app=d:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{C09F0CE3-502C-47B8-A833-4244BFE9171F}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{C50F50F2-E09F-46A5-931D-CAE6C10E7327}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{C6648625-A32D-48F7-B457-68556A0CF073}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{C8B0F5FB-69CA-4BFC-AA4D-5DCB358356D9}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C9AF335C-CF52-4BC4-A909-BFDBA6291F11}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{CAABEC11-92A7-40CB-9E20-65E03F58EFC1}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{CB771E84-D048-490B-B541-35606A128A85}" = protocol=17 | dir=in | app=d:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{CD3719A1-7BC8-4E44-B6F4-D33E13B17B23}" = protocol=6 | dir=in | app=d:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{D1F42C3F-3C2E-455A-B310-EDA1347FCD19}" = protocol=17 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{D3C51961-8AB0-4543-9DC9-7D537C71D8A9}" = protocol=17 | dir=in | app=d:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{D7BE5AEF-4EB3-4BFA-8DD7-1CAEB4922A3E}" = protocol=6 | dir=in | app=d:\program files\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{E3A18947-8278-44CD-8DBD-2903F6A47A29}" = dir=in | app=c:\program files\cyberlink\powerdv\powerdv.exe |
"{E6C6A98F-6159-4075-A858-E9018024C8DD}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{EAB5C38A-5069-4764-A609-543E4EE6F150}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{004E5B1B-0AD2-4F39-A174-CBCE0F0B304C}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{01549FA0-DACA-4C73-8934-FB5D3BCD3F8F}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{03FBAF4A-CCD2-4167-AFAD-2F648483EFB8}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{0B5CA288-E28C-4418-80D0-AEA64533479C}D:\program files\ea sports\f1 2002\f1_2002.exe" = protocol=6 | dir=in | app=d:\program files\ea sports\f1 2002\f1_2002.exe |
"TCP Query User{0CB9DB02-D754-4ECF-9805-74C9324A7E45}D:\program files\activision\rome - total war\rometw.exe" = protocol=6 | dir=in | app=d:\program files\activision\rome - total war\rometw.exe |
"TCP Query User{1626FE42-C8BC-4FD0-8001-3FAF761562D5}D:\program files\mangos server package\realmd.exe" = protocol=6 | dir=in | app=d:\program files\mangos server package\realmd.exe |
"TCP Query User{49FD8B51-A724-4CA1-9182-1EC99CE4F49A}D:\program files\alien arena 2009\crx.exe" = protocol=6 | dir=in | app=d:\program files\alien arena 2009\crx.exe |
"TCP Query User{4A2608D8-D07C-47E3-B3A9-7F87063CD0C1}D:\program files\world of warcraft\repair.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\repair.exe |
"TCP Query User{4FB3CF01-49D6-46AA-A0FA-B0EB2EBB9AE2}D:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=6 | dir=in | app=d:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"TCP Query User{58766998-79D8-4271-AFB6-8CA66D37B86C}D:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\program files\warcraft iii\war3.exe |
"TCP Query User{5C2C41E9-EAA3-416E-84E3-601186542CE3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5E53572D-F186-47A7-A172-DA0BB7EA12C9}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{6C074282-E53C-4503-94D4-1C0FC8D2E183}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{6F7B3927-F367-4153-BB2D-477DB1D39828}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{71208A8C-F892-4E6E-AC9B-FF6E369E33F2}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{79E7BEA6-9F86-4659-9532-68665D72EA8A}D:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"TCP Query User{8AB6659A-007A-4793-BAB0-1333DFA7BC31}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{8AFA5111-B1DC-479E-81FD-1CB60E3C29FD}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{8C1FCD66-3D68-4243-9CDF-9ACD0C9EBD91}E:\utility\dcc-1026.exe" = protocol=6 | dir=in | app=e:\utility\dcc-1026.exe |
"TCP Query User{9CA2E82C-4CC3-435E-8337-CDA3F76C8013}D:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{ABFC62C5-3D5D-4443-AB30-98686241795C}D:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=d:\program files\secondlife\slvoice.exe |
"TCP Query User{B068D672-F3F9-4BBC-B9EB-E02B3C8F4BCA}C:\users\rosťa\desktop\wow-2.3.0-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\rosťa\desktop\wow-2.3.0-enus-downloader.exe |
"TCP Query User{B74AC153-671E-4094-8228-5CD46C390316}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{BC2FBA50-E95C-44F2-ACA8-22FCBC058759}D:\program files\ea sports\fifa 08\fifa08.exe" = protocol=6 | dir=in | app=d:\program files\ea sports\fifa 08\fifa08.exe |
"TCP Query User{C052096E-16B2-46C0-89DF-0F3637961B33}D:\program files\mangos server package\mangosd.exe" = protocol=6 | dir=in | app=d:\program files\mangos server package\mangosd.exe |
"TCP Query User{C1D5008C-19C5-4372-8AB8-28117419F52C}D:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"TCP Query User{C40DCE7F-E1AC-447D-A882-45ECD1ADB94E}D:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\program files\warcraft iii\war3.exe |
"TCP Query User{E4CAC323-EE16-4669-B0E0-14391198AC1B}D:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=d:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"TCP Query User{ED694886-A1CA-4E87-81BA-32335E8DC882}D:\program files\hamachi\hamachi.exe" = protocol=6 | dir=in | app=d:\program files\hamachi\hamachi.exe |
"TCP Query User{FC9E683C-06D8-43BD-9231-C8372ED7A4A8}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{061C18E2-9278-4D90-8764-FD75E4E30E38}E:\utility\dcc-1026.exe" = protocol=17 | dir=in | app=e:\utility\dcc-1026.exe |
"UDP Query User{06409C82-5260-4005-BD17-B0A7DA1DCF0F}D:\program files\ea sports\f1 2002\f1_2002.exe" = protocol=17 | dir=in | app=d:\program files\ea sports\f1 2002\f1_2002.exe |
"UDP Query User{1222B750-0693-40DD-9047-305D3971F82F}D:\program files\mangos server package\realmd.exe" = protocol=17 | dir=in | app=d:\program files\mangos server package\realmd.exe |
"UDP Query User{13DC203E-382C-4F56-89B7-778A62C32E28}D:\program files\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\program files\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{15E7DBDB-38AE-484D-A249-B42618A39773}D:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=d:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"UDP Query User{1932B8FF-8215-458A-9F8F-A8E861AE3B63}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{1D6FA26B-9403-4E9E-8C35-9255870A9CA0}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{250F8AD9-2845-4569-A9A1-E81A7B03BBB5}D:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\program files\warcraft iii\war3.exe |
"UDP Query User{289ADDF5-88BE-4B08-877D-1B446F864307}D:\program files\world of warcraft\repair.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\repair.exe |
"UDP Query User{2BC8EDFC-77D1-4AF5-A6D4-5935B043D3E8}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{3C41ED9B-A897-463E-B08D-BAE4301252D0}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{421D3B78-2595-40F2-995B-8C1263F6F54C}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{46C9E5E2-0E80-4EC8-9CAC-4B31762735E6}D:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe" = protocol=17 | dir=in | app=d:\program files\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe |
"UDP Query User{5296430D-8FCD-43B3-B150-921BFE9E952C}D:\program files\alien arena 2009\crx.exe" = protocol=17 | dir=in | app=d:\program files\alien arena 2009\crx.exe |
"UDP Query User{5915F74D-EFFF-4109-BBFD-CED9FF319385}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{6A4143BE-D19C-402F-BC98-459D8B6F6F3E}D:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=d:\program files\secondlife\slvoice.exe |
"UDP Query User{6ECCB420-2E9E-4B51-9A53-D12FB4AE976A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8EC019CD-A859-4954-80C3-E5CEF66F10FE}D:\program files\ea sports\fifa 08\fifa08.exe" = protocol=17 | dir=in | app=d:\program files\ea sports\fifa 08\fifa08.exe |
"UDP Query User{9A86BB24-B618-4A66-A883-E99B6D7A72E9}D:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{9D128486-E13B-45A7-A66C-3DF9BC6C5FE1}D:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\program files\warcraft iii\war3.exe |
"UDP Query User{9DFA32DA-F326-4974-A993-C46BE9F6F75C}D:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\program files\world of warcraft\launcher.exe |
"UDP Query User{ABCF9EC8-E9C5-4B0A-BA57-1CDD06F87BB0}C:\users\rosťa\desktop\wow-2.3.0-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\rosťa\desktop\wow-2.3.0-enus-downloader.exe |
"UDP Query User{C5801CE7-B90D-452A-B373-6AF2124877C5}D:\program files\hamachi\hamachi.exe" = protocol=17 | dir=in | app=d:\program files\hamachi\hamachi.exe |
"UDP Query User{C77B9A8A-DE47-487E-B42D-3AD4CF10996A}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{D3C5983B-C85B-4862-A5EA-DE1961859CCE}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{D87E2D11-0BE0-4F3B-8D3B-FA2D62E4CA00}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{DA187BD6-755D-4DD5-8925-8BD1D5DC7214}D:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{EF6B3458-F8FA-48F9-A528-4A745C33D03B}D:\program files\mangos server package\mangosd.exe" = protocol=17 | dir=in | app=d:\program files\mangos server package\mangosd.exe |
"UDP Query User{FABAE87F-2429-405B-B571-071E4C15E773}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{FFD7D5E3-CC86-4A66-A0F2-8041D88F70E1}D:\program files\activision\rome - total war\rometw.exe" = protocol=17 | dir=in | app=d:\program files\activision\rome - total war\rometw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0FFC48C5-C74B-498E-B908-74CB44D30E32}" = LEGO® Batman™
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F4BF9EA-847E-44FB-A728-C456116E6CEF}" = InstantShareDevicesMFC
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 17
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{39CDC80C-4330-4556-990D-1975211E2370}" = OpenOffice.org 2.3
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes
"{452622B2-CFF1-4373-B773-141FC10A2AB6}" = hpicamDrvQFolder
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = Bison WebCam
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1" = Quicksys RegDefrag 2.0
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{81CD6232-10F5-4832-B3DA-1B88B1571029}" = Nero 7 Essentials
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AA057FD9-0CFC-47e4-8AB4-E0F7EC85631D}" = HP Fotoaparáty Photosmart 9.0
"{AA9768AA-FF0B-4C66-A085-31E934F77841}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B804C424-B66D-447A-84BD-C6B88C392C3A}" = PowerDV
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CD961214-93C9-44FE-9A38-BBE647E98AE9}" = CameraReadme
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEF9CA03-7317-4a01-8111-06996235128E}" = CameraDrivers
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"avast!" = avast! Antivirus
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Digital Guitar Tuner 2.3_is1" = Digital Guitar Tuner 2.3
"DVD Shrink_is1" = DVD Shrink 3.2
"FormatFactory" = FormatFactory 1.90
"Free Disc Burner_is1" = Free Disc Burner version 1.1
"Free Studio_is1" = Free Studio version 4.2
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"InstallShield_{0FFC48C5-C74B-498E-B908-74CB44D30E32}" = LEGO® Batman™
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.5.7 Full
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Multimedia Player" = Multimedia Player 1.2
"MV2Player" = MV2Player (remove only)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"OpenAL" = OpenAL
"Power Manager_is1" = Power Manager 2.1.10
"RealPlayer 12.0" = RealPlayer
"SecondLife" = SecondLife (remove only)
"SiS163u" = Fujitsu Siemens Computers WLAN 802.11b/g (SiS163u)
"Sony Ericsson W302(c)/S302(c) driver" = Sony Ericsson W302(c)/S302(c) driver v3.5.3.0
"SubtitleWorkshop" = Subtitle Workshop 2.51
"TeamViewer 5" = TeamViewer 5
"Tibetan Calendar-2009_is1" = Tibetan eCalendar Version 6.3.0
"TO2WCM Wireless Connection Client" = O2 Průvodce nastavením bezdrátové sítě
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"Universal Anti Cheat" = Universal Anti Cheat
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 21.7.2008 16:49:47 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 26.7.2008 15:53:53 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://www.websecurityguard.com/dnl/fil ... 2_diff.cab failed, 00000026.


Error - 16.9.2008 8:59:12 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of E:\Hancock\Hancock soundtrack\HANCOCK[2008]SOUNDTRACK[JOHN POWELL]-FLYNNFLAN.JPG
failed, 00000015.

Error - 25.12.2008 12:34:39 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\msvfw32.dll failed, 00000005.

Error - 12.8.2009 16:21:09 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://dl.s5.uloz.to/Ps;Hs;fid=1733888; ... so?bD&u=0&
failed, 00000084.

Error - 12.8.2009 17:29:18 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://dl.s5.uloz.to/Ps;Hs;fid=2218839; ... Z.nrg?bD&u
failed, 00000084.

Error - 13.8.2009 8:02:07 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://dl.s5.uloz.to/Ps;Hs;fid=1733888; ... iso?bD&u=0
failed, 00000084.

Error - 13.11.2009 15:05:21 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 18.11.2009 9:56:28 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://dl.s7.uloz.to/Ps;Hs;fid=2478152; ... o?bD&u=0&c
failed, 00000084.

Error - 20.1.2010 15:31:05 | Computer Name = Rosťa-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\mscdexnt.exe failed, 00000005.

[ Application Events ]
Error - 15.1.2009 15:39:42 | Computer Name = Rosťa-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe_EMDMgmt, verze 6.0.6000.16386, časové
razítko 0x4549adc4, chybující modul ntdll.dll, verze 6.0.6000.16386, časové razítko
0x4549bdc9, kód výjimky 0xc0000005, posun chyby 0x00067316, ID procesu 0x42c, čas
spuštění aplikace 0x01c97748d3b579ea.

Error - 15.1.2009 15:41:59 | Computer Name = Rosťa-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe_EMDMgmt, verze 6.0.6000.16386, časové
razítko 0x4549adc4, chybující modul ntdll.dll, verze 6.0.6000.16386, časové razítko
0x4549bdc9, kód výjimky 0xc0000005, posun chyby 0x00067316, ID procesu 0x3f8, čas
spuštění aplikace 0x01c97749126d7348.

Error - 15.1.2009 15:54:01 | Computer Name = Rosťa-PC | Source = WerSvc | ID = 5007
Description =

Error - 15.1.2009 15:54:55 | Computer Name = Rosťa-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe_EMDMgmt, verze 6.0.6000.16386, časové
razítko 0x4549adc4, chybující modul ntdll.dll, verze 6.0.6000.16386, časové razítko
0x4549bdc9, kód výjimky 0xc0000005, posun chyby 0x00067316, ID procesu 0x42c, čas
spuštění aplikace 0x01c9774af2bf970d.

Error - 16.1.2009 10:57:05 | Computer Name = Rosťa-PC | Source = WerSvc | ID = 5007
Description =

Error - 17.1.2009 6:16:25 | Computer Name = Rosťa-PC | Source = WerSvc | ID = 5007
Description =

Error - 17.1.2009 6:16:52 | Computer Name = Rosťa-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe_EMDMgmt, verze 6.0.6000.16386, časové
razítko 0x4549adc4, chybující modul emdmgmt.dll, verze 6.0.6000.16386, časové razítko
0x4549bcfc, kód výjimky 0xc0000005, posun chyby 0x0000ac03, ID procesu 0x3f8, čas
spuštění aplikace 0x01c9788c7d007f46.

Error - 17.1.2009 6:19:39 | Computer Name = Rosťa-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe_EMDMgmt, verze 6.0.6000.16386, časové
razítko 0x4549adc4, chybující modul emdmgmt.dll, verze 6.0.6000.16386, časové razítko
0x4549bcfc, kód výjimky 0xc0000005, posun chyby 0x0000ac03, ID procesu 0x974, čas
spuštění aplikace 0x01c9788cd790a528.

Error - 17.1.2009 6:22:25 | Computer Name = Rosťa-PC | Source = VSS | ID = 8194
Description =

Error - 17.1.2009 6:23:02 | Computer Name = Rosťa-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe_EMDMgmt, verze 6.0.6000.16386, časové
razítko 0x4549adc4, chybující modul ntdll.dll, verze 6.0.6000.16386, časové razítko
0x4549bdc9, kód výjimky 0xc0000374, posun chyby 0x000af1c9, ID procesu 0x1150, čas
spuštění aplikace 0x01c9788d507d5f08.

[ Media Center Events ]
Error - 18.4.2008 7:04:20 | Computer Name = Rosťa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku MCESpotlight
se nezdařilo.

[ System Events ]
Error - 19.1.2010 10:56:54 | Computer Name = Rosťa-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 003005DE5903
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 19.1.2010 15:51:44 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 19.1.2010 15:58:22 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 20.1.2010 7:48:39 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 20.1.2010 8:28:03 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 20.1.2010 8:28:11 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 20.1.2010 8:28:37 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 20.1.2010 8:28:38 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 20.1.2010 8:45:41 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 20.1.2010 8:45:53 | Computer Name = Rosťa-PC | Source = Service Control Manager | ID = 7030
Description =


< End of report >

[Paynn]

K tomu T-cleaneru, nejsem si jistý jestli mě to smazal. Na disku C mám pořád textový dokument z combofixu.
To čištění probíhá tak, že u první složky C:\windows\erdnt. dám "A" souhlasím s výmazem, objeví se příkazový řádek, provádí nějakou operaci a pak se vypne. Když zapnu znova Tcleaner, tak mohu zase smazat jenom C:\windows\erdnt. A proto se ptám, jestli je to takhle v pořádku.

[Damned]

Ten VRT podle tohoto návodu nepůjde? http://support.kaspersky.com/faq/?qid=208280889

Zkus u T-Cleaneru dát "n".