Prosím o kontrolu logu - SYSTEM 99% Vyřešeno

[omist]

OTL logfile created on: 15.5.2010 23:42:13 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Ondra\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 99,31 Gb Free Space | 66,63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 7,81 Mb Total Space | 5,34 Mb Free Space | 68,30% Space Free | Partition Type: NTFS

Computer Name: LIGHTHOUSE
Current User Name: Ondra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.05.15 23:21:06 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTL.exe
PRC - [2010.05.15 05:49:04 | 001,291,544 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.04.26 19:13:25 | 000,531,440 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.04.19 16:55:14 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.18 10:07:04 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010.03.02 10:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.11.25 15:24:14 | 004,009,592 | ---- | M] (Almico Software (http://www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.10 15:12:44 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2007.01.31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe


========== Modules (SafeList) ==========

MOD - [2010.05.15 23:21:06 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTL.exe
MOD - [2010.04.04 01:45:33 | 000,378,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010.02.16 17:03:24 | 000,398,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
MOD - [2010.02.15 13:27:12 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll
MOD - [2009.08.13 15:56:20 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
MOD - [2009.07.12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009.07.12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.04.13 20:36:04 | 002,927,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Plánovač automatické aktualizace LiveUpdate)
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.05.15 05:49:04 | 001,291,544 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.04.19 16:55:14 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.04.10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010.02.24 09:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.16 09:41:18 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007.01.31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - [2010.03.01 09:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.02.04 17:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.06.17 14:20:34 | 000,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2009.05.11 11:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007.08.29 02:04:04 | 000,116,264 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys -- (SI3112r)
DRV - [2007.08.29 02:04:04 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter)
DRV - [2007.04.24 11:33:46 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.24 11:33:46 | 000,098,696 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)
DRV - [2007.04.24 11:33:44 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 11:33:42 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.24 11:33:34 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV - [2007.04.23 15:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.23 15:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007.04.23 15:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007.04.23 15:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007.04.23 15:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.06.13 10:08:36 | 000,085,664 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005.06.13 10:06:58 | 000,087,792 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005.06.13 10:05:16 | 000,096,224 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005.06.13 10:05:08 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005.06.13 10:03:12 | 000,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005.03.17 18:30:10 | 000,132,608 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005.02.08 22:33:06 | 000,970,240 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.09.21 20:53:18 | 002,278,784 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.08.03 19:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004.08.03 19:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004.08.03 19:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004.08.03 19:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004.08.03 19:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004.08.03 19:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004.08.03 19:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004.08.03 19:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004.08.03 19:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004.08.03 19:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004.08.03 19:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004.08.03 19:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004.08.03 19:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004.08.03 19:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004.08.03 19:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2002.05.08 20:44:42 | 000,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002.04.04 08:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001.08.17 17:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Služba instalace zvukového ovladače Intel(r) (WDM)
DRV - [2001.08.17 17:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 17:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 17:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 17:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.07.13 14:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS -- (SBKUPNT)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 28 C1 16 1E BA C9 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.03.07 18:09:15 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010.05.15 05:39:28 | 000,394,487 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 13648 more lines...
O2 - BHO: (CHelper Class) - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LanguageShortcut] File not found
O4 - HKLM..\Run: [LGODDFU] File not found
O4 - HKLM..\Run: [RemoteControl] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - Startup: C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění\Speedfan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (http://www.almico.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra 'Tools' menuitem : Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: tmo.cz ([sms1.client] https in Důvěryhodné servery)
O15 - HKCU\..Trusted Domains: tmo.cz ([sms2.client] https in Důvěryhodné servery)
O15 - HKCU\..Trusted Domains: zive.cz ([www] http in Důvěryhodné servery)
O16 - DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} http://album.droxi.cz/moje-alba/ilt/ili ... oader2.dll (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 9034085953 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ondra\Data aplikací\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ondra\Data aplikací\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk /p \??\P:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.08.22 22:03:54 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54338281256517632)

========== Files/Folders - Created Within 90 Days ==========

[2010.05.15 23:21:04 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTL.exe
[2010.05.15 23:20:53 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTH.scr
[2010.05.15 19:48:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ondra\Recent
[2010.05.15 19:12:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Plocha\System Repair Engineer
[2010.05.15 18:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010.05.15 18:38:15 | 000,000,000 | ---D | C] -- C:\SWSetup
[2010.05.15 09:36:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Plocha\MemTest
[2010.05.15 05:43:16 | 001,516,057 | ---- | C] (WinTools Software Engineering, Ltd. ) -- C:\Documents and Settings\Ondra\Plocha\wintoolspro.exe
[2010.05.15 05:15:20 | 002,318,155 | ---- | C] ( ) -- C:\Documents and Settings\Ondra\Plocha\diagnose.exe
[2010.05.15 05:05:23 | 001,702,584 | ---- | C] (Sysinfo Lab ) -- C:\Documents and Settings\Ondra\Plocha\astra32setup205.exe
[2010.05.15 03:59:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\F-Secure
[2010.05.14 05:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\DoctorWeb
[2010.05.14 05:39:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.05.13 03:38:48 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.05.13 03:30:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.05.13 03:30:53 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.05.13 03:30:53 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.05.13 03:30:53 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.05.13 03:30:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.13 03:28:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.05.12 00:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Dokumenty\Install
[2010.05.12 00:40:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ondra\Dokumenty\Obrázky
[2010.05.11 20:21:10 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2010.05.11 20:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\InstallShield
[2010.05.11 19:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010.04.29 05:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\HydraVision
[2010.04.29 05:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCC
[2010.04.29 05:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\program files
[2010.04.29 04:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\ACE
[2010.04.29 04:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Driver
[2010.04.29 04:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\CPanel
[2010.04.29 04:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\SBDrv
[2010.04.29 04:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\BIN
[2010.04.21 22:33:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\FixItCenter
[2010.04.21 22:20:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2010.04.21 22:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010.04.21 22:19:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2010.04.15 00:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\VIA Technologies, INC
[2010.04.14 23:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Chat_0330_1_12_01
[2010.04.14 13:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.04.14 13:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
[2010.04.14 13:25:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.14 13:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.04.14 13:25:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.14 13:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.14 12:28:13 | 000,046,423 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\adildr.sys
[2010.04.13 03:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ape Ripper
[2010.04.11 00:52:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ASTULogTemp
[2010.04.07 04:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\Foxit Software
[2010.03.31 13:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.03.31 12:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\Canneverbe Limited
[2010.03.31 12:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\Avira
[2010.03.18 05:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2010.03.17 05:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\VirtualizedApplications
[2010.03.17 01:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Microsoft Help
[2010.03.17 01:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
[2010.03.17 01:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\NVD
[2010.03.17 01:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\NVD
[2010.03.17 01:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\SoftGrid Client
[2010.03.17 01:17:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\SoftGrid Client
[2010.03.17 01:13:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\TP
[2010.03.17 00:09:17 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.03.16 12:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\MyDefrag v4.2.9
[2010.03.11 06:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.03.02 01:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\Mp3tag
[2010.03.02 01:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2010.02.28 05:09:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\dvdcss
[2010.02.21 02:42:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\MyPhoneExplorer
[2010.02.21 01:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.02.21 01:08:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}

========== Files - Modified Within 90 Days ==========

[2010.05.15 23:33:46 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.15 23:33:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.15 23:31:13 | 014,155,776 | ---- | M] () -- C:\Documents and Settings\Ondra\ntuser.dat
[2010.05.15 23:31:13 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Ondra\ntuser.ini
[2010.05.15 23:21:06 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTL.exe
[2010.05.15 23:20:53 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTH.scr
[2010.05.15 18:01:36 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{587E890E-4E85-46C0-AA8C-7270A63E678D}.job
[2010.05.15 14:24:40 | 000,001,519 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.05.15 05:43:21 | 001,516,057 | ---- | M] (WinTools Software Engineering, Ltd. ) -- C:\Documents and Settings\Ondra\Plocha\wintoolspro.exe
[2010.05.15 05:39:28 | 000,394,487 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.15 05:16:09 | 002,277,896 | ---- | M] () -- C:\Documents and Settings\Ondra\Plocha\advisor.exe
[2010.05.15 05:15:20 | 002,318,155 | ---- | M] ( ) -- C:\Documents and Settings\Ondra\Plocha\diagnose.exe
[2010.05.15 05:05:34 | 001,702,584 | ---- | M] (Sysinfo Lab ) -- C:\Documents and Settings\Ondra\Plocha\astra32setup205.exe
[2010.05.14 01:05:34 | 040,165,200 | ---- | M] () -- C:\Documents and Settings\Ondra\Plocha\launch.exe
[2010.05.14 00:29:51 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.14 00:28:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100515-053928.backup
[2010.05.13 03:39:00 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.05.13 03:22:35 | 003,686,869 | R--- | M] () -- C:\Documents and Settings\Ondra\Plocha\ComboFix.exe
[2010.05.12 23:09:32 | 002,112,476 | -H-- | M] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\IconCache.db
[2010.05.11 20:13:38 | 000,458,644 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.11 20:13:38 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.11 20:13:38 | 000,090,726 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.11 20:13:38 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.11 20:13:35 | 001,076,824 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.10 22:42:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.08 10:08:31 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.05.08 07:05:06 | 000,105,984 | ---- | M] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.05 06:16:53 | 000,001,610 | ---- | M] () -- C:\Documents and Settings\Ondra\Plocha\CDBurnerXP.lnk
[2010.05.02 13:12:05 | 000,010,945 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.29 03:51:31 | 000,393,065 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100505-195719.backup
[2010.04.26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010.04.22 01:09:00 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\Ondra\Plocha\Format Factory.lnk
[2010.04.21 23:11:39 | 000,392,705 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100429-035131.backup
[2010.04.18 17:00:48 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění\Speedfan.lnk
[2010.04.16 06:31:39 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.04.15 00:13:13 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2010.04.14 22:35:33 | 000,391,947 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100421-231139.backup
[2010.04.14 13:10:31 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.04.14 12:27:26 | 000,046,423 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\adildr.sys
[2010.04.11 00:52:31 | 000,084,919 | ---- | M] () -- C:\WINDOWS\System32\ASTULog.cab
[2010.04.11 00:52:31 | 000,000,283 | ---- | M] () -- C:\WINDOWS\System32\setup.rpt
[2010.04.10 23:07:31 | 000,385,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100414-223533.backup
[2010.04.10 23:07:09 | 000,385,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100410-230731.backup
[2010.03.31 14:07:34 | 000,385,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100410-230709.backup
[2010.03.30 16:08:03 | 000,380,959 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100331-140734.backup
[2010.03.22 05:59:08 | 000,380,707 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100330-160803.backup
[2010.03.18 17:43:15 | 000,035,600 | ---- | M] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.17 01:45:15 | 000,174,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.17 00:19:07 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mp3tag.lnk
[2010.03.17 00:16:53 | 000,001,691 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.03.17 00:11:57 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\OpenOffice.org 3.2.lnk
[2010.03.17 00:00:33 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Ondra\Plocha\WinRAR.lnk
[2010.03.11 06:34:21 | 000,380,639 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100322-045908.backup
[2010.03.03 23:47:43 | 000,380,256 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100311-053421.backup
[2010.03.01 09:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.02.25 18:41:14 | 000,380,256 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100303-224743.backup
[2010.02.21 01:24:06 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.02.21 01:24:05 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010.02.18 05:33:32 | 000,380,152 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100225-174114.backup
[2010.02.16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

========== Files Created - No Company Name ==========

[2010.05.15 05:16:09 | 002,277,896 | ---- | C] () -- C:\Documents and Settings\Ondra\Plocha\advisor.exe
[2010.05.14 01:04:52 | 040,165,200 | ---- | C] () -- C:\Documents and Settings\Ondra\Plocha\launch.exe
[2010.05.13 03:39:00 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.05.13 03:38:54 | 000,261,312 | ---- | C] () -- C:\cmldr
[2010.05.13 03:30:53 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.05.13 03:30:53 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.05.13 03:30:53 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.05.13 03:30:53 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.05.13 03:30:53 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.05.13 03:22:34 | 003,686,869 | R--- | C] () -- C:\Documents and Settings\Ondra\Plocha\ComboFix.exe
[2010.05.08 20:06:28 | 014,155,776 | ---- | C] () -- C:\Documents and Settings\Ondra\ntuser.dat
[2010.04.22 01:09:00 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\Ondra\Plocha\Format Factory.lnk
[2010.04.18 17:00:48 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Ondra\Nabídka Start\Programy\Po spuštění\Speedfan.lnk
[2010.04.16 06:31:39 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.04.11 00:52:31 | 000,084,919 | ---- | C] () -- C:\WINDOWS\System32\ASTULog.cab
[2010.04.11 00:52:31 | 000,000,283 | ---- | C] () -- C:\WINDOWS\System32\setup.rpt
[2010.04.07 06:03:16 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Data aplikací\$_hpcst$.hpc
[2010.03.17 00:11:57 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\OpenOffice.org 3.2.lnk
[2010.03.02 01:46:36 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mp3tag.lnk
[2010.01.19 13:39:14 | 000,000,366 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009.12.20 03:29:26 | 000,000,382 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.10.07 04:17:33 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009.08.26 05:06:12 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\srmApeInfo.dll
[2009.04.06 00:02:56 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\vbCPUInf.dll
[2009.02.11 21:16:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.27 00:32:32 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBKUPNT.SYS
[2008.12.27 00:31:50 | 000,002,799 | ---- | C] () -- C:\WINDOWS\SKLANG.INI
[2008.09.21 21:24:44 | 000,001,519 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.05.26 22:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.17 14:25:59 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2008.01.25 01:02:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008.01.24 04:16:22 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.01.24 04:16:22 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.01.24 04:16:22 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.01.24 04:16:20 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.01.24 04:16:20 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007.11.26 11:50:49 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\BladeEnc.dll
[2007.11.26 11:50:49 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ShnDll32.dll
[2007.11.08 04:54:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007.09.14 05:37:30 | 000,004,202 | ---- | C] () -- C:\WINDOWS\SONYMAP.INI
[2007.09.10 00:10:00 | 000,001,691 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.09.05 23:41:42 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll
[2007.09.04 10:56:20 | 000,010,945 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.09.02 03:11:12 | 000,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2007.07.26 12:01:50 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll
[2006.04.19 06:14:27 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006.04.19 06:12:35 | 000,000,639 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.04.18 21:33:41 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.04.18 21:25:39 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.04.18 21:25:39 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.04.18 21:25:39 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.04.18 21:25:39 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.04.18 21:25:39 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.04.18 21:25:39 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005.11.30 13:49:56 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.10.16 00:54:04 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002.06.11 09:08:00 | 000,023,180 | ---- | C] () -- C:\WINDOWS\System32\evgainit.sys
[2002.05.13 11:16:19 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009.09.30 05:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2010.05.15 03:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\F-Secure
[2008.05.02 22:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FreeRIP
[2009.02.11 20:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2007.09.12 23:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.02.06 15:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.05.27 21:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.03.17 05:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VirtualizedApplications
[2010.02.21 01:08:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.02.06 15:54:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AnvSoft
[2009.11.10 01:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Any Video Converter
[2009.01.19 11:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Auslogics
[2010.03.31 12:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Canneverbe Limited
[2008.04.27 23:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\CDBurnerXP_Soft
[2007.10.02 03:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\DVDFab
[2010.03.31 14:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\EssentialPIM
[2008.07.22 03:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Feedreader
[2008.06.25 05:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\FLVPlayer4Free
[2008.11.27 00:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Foxit
[2010.04.07 04:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Foxit Software
[2009.03.29 03:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\gtk-2.0
[2007.08.26 20:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\InterVideo
[2008.01.02 20:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Leadertech
[2010.03.02 01:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Mp3tag
[2010.02.21 02:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\MyPhoneExplorer
[2010.03.17 01:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\NVD
[2008.11.05 21:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\OpenOffice.org
[2009.03.04 06:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Opera
[2010.04.13 09:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\SoftGrid Client
[2007.11.21 19:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Teleca
[2010.03.17 01:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\TP
[2009.05.27 21:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\TuneUp Software
[2009.07.26 20:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\UltraExplorer
[2010.02.09 23:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Uniblue
[2010.05.10 22:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\uTorrent
[2010.05.13 01:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Vso
[2008.02.16 23:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\VSRevoGroup
[2008.07.26 02:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Windows Desktop Search
[2008.07.26 19:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Windows Search
[2010.03.17 00:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\XnView
[2010.05.15 18:01:36 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{587E890E-4E85-46C0-AA8C-7270A63E678D}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010.05.15 23:32:55 | 000,097,503 | ---- | M] () -- C:\aaw7boot.log
[2010.01.07 01:15:33 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.05.13 03:39:00 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004.08.18 04:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004.08.03 23:00:04 | 000,261,312 | ---- | M] () -- C:\cmldr
[2010.05.14 00:43:59 | 000,037,204 | ---- | M] () -- C:\ComboFix.txt
[2007.11.26 11:50:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.05.30 23:57:16 | 000,219,408 | ---- | M] () -- C:\Lighthouse.pdf
[2010.05.11 21:48:11 | 000,000,103 | ---- | M] () -- C:\mbam-error.txt
[2007.11.26 11:50:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004.08.18 04:00:00 | 000,047,564 | -HS- | M] () -- C:\ntdetect.com
[2008.05.15 16:23:22 | 000,250,576 | -HS- | M] () -- C:\ntldr
[2010.05.15 23:32:56 | 2615,656,448 | -HS- | M] () -- C:\pagefile.sys
[2008.12.17 23:48:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2008.12.17 23:48:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009.07.06 15:06:23 | 000,100,429 | -H-- | M] () -- C:\treeinfo.wc
[2010.01.21 01:35:32 | 000,495,898 | ---- | M] () -- C:\vcredist_x86.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004.09.06 11:01:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004.09.06 11:01:06 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.09.06 11:01:06 | 000,434,176 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010.02.16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys
[2010.03.01 09:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010.02.24 15:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2010.02.21 01:24:06 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\system32\drivers\SBREDrv.sys
[2010.03.17 02:27:43 | 000,114,048 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\snapman.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CF778051
< End of report >

[Reklama]

[omist]

OTL Extras logfile created on: 15.5.2010 23:42:13 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Ondra\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 99,31 Gb Free Space | 66,63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Q: | 7,81 Mb Total Space | 5,34 Mb Free Space | 68,30% Space Free | Partition Type: NTFS

Computer Name: LIGHTHOUSE
Current User Name: Ondra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client3] -- "C:\Program Files\Fotostar\Fotostar Offline client3\Fotostar Offline client3.exe" "%1" ()
Directory [Generate MD5 Signatures] -- "C:\Program Files\Michael K. Weise\mkw Audio Compression Toolkit\mkwACT.exe" (Michael K. Weise)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- File not found
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- File not found
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- File not found
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Palm\HOTSYNC.EXE" = C:\Program Files\Palm\HOTSYNC.EXE:*:Enabled:HotSync® Manager Application -- (Palm, Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02C85EC5-E864-4847-AF55-42730861004C}" = MrvlUsgTracking
"{037F7A81-5AF3-45EC-BD09-05366542B44B}" = Windows Live Sync
"{058B32E2-6310-4359-B2D4-1988390C3B83}" = Broadcom Management Programs
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{345CDDCB-8241-4E76-9D3B-155F2FD6F07E}" = Sony Ericsson PC Suite
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3EBD3749-304E-4A4C-9575-C00E5F015217}" = Apple Mobile Device Support
"{4394DC3A-5DAC-4C80-A86E-FF462D0AD653}" = Windows 7 Upgrade Advisor Beta
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.30
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DE71D48-01EB-4BF2-A643-50FE6C9B6AC9}" = OpenOffice.org 3.2
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = LG CyberLink PowerDVD 7.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7DBBC522-F642-4D6C-A03F-22E49EB63437}" = Palm Desktop
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AAC4426A-42CD-4B4E-8057-9738C96F2C8F}" = HP Safety and Comfort Guide
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C01408FC-117C-44B7-8B0C-17794E526A01}" = Disc2Phone
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A1D4CD-6C56-4273-B3E4-57CAB7B27F2E}" = Treo 750 User Guide
"{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1" = AusLogics Registry Defrag
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"7-Zip" = 7-Zip 4.65
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Any Video Converter_is1" = Any Video Converter 3.0.5
"Ape Ripper_is1" = Ape Ripper 5.1.0
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"Avidemux 2.4" = Avidemux 2.4
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.5.0
"CSCLIB" = Canon Camera Support Core Library
"Defraggler" = Defraggler
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"Eurotran 2003" = Eurotran 2003
"FeedReader_is1" = FeedReader
"FLVPlayer4Free Free FLV Player_is1" = FLVPlayer4Free Free FLV Player 2.9.0.0
"FormatFactory" = FormatFactory 2.30
"Fotostar Offline client3" = Fotostar Offline client3
"Foxit Reader" = Foxit Reader
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 2.5
"GOM Player" = GOM Player
"GSpot" = GSpot Codec Information Appliance
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.6.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mkwACT" = mkw Audio Compression Toolkit
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Mp3tag" = Mp3tag v2.46
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"MyDefrag v4.2.9_is1" = MyDefrag v4.2.9
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"PSPad editor_is1" = PSPad editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Recuva" = Recuva
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Revo Uninstaller" = Revo Uninstaller 1.50
"Secunia PSI" = Secunia PSI
"Software Setup" = Software Setup
"Sony Ericsson W800" = Sony Ericsson W800 Software
"SpeedFan" = SpeedFan (remove only)
"Total Privacy" = Total Privacy (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Undelete Plus_is1" = Undelete Plus 2.93
"uTorrent" = µTorrent
"Vidomi" = Vidomi (remove only)
"VobSub" = VobSub v2.23 (Remove Only)
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinTag_is1" = WinTag 2.0.1
"Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.21
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f9cd37389f0384bb" = Family.Show
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.5.2010 6:27:12 | Computer Name = LIGHTHOUSE | Source = Google Update | ID = 20
Description =

Error - 15.5.2010 6:32:31 | Computer Name = LIGHTHOUSE | Source = Google Update | ID = 20
Description =

Error - 15.5.2010 7:08:46 | Computer Name = LIGHTHOUSE | Source = MatSvc | ID = 262147
Description = The MATS service encountered a web service failure. hr=0x80072EE7

Error - 15.5.2010 7:19:01 | Computer Name = LIGHTHOUSE | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace FixitCenter.exe, verze 1.0.80.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.5.2010 7:32:29 | Computer Name = LIGHTHOUSE | Source = Google Update | ID = 20
Description =

Error - 15.5.2010 8:32:30 | Computer Name = LIGHTHOUSE | Source = Google Update | ID = 20
Description =

Error - 15.5.2010 8:39:36 | Computer Name = LIGHTHOUSE | Source = Google Update | ID = 20
Description =

Error - 15.5.2010 8:39:40 | Computer Name = LIGHTHOUSE | Source = Windows Search Service | ID = 3038
Description = Sběrač nepřečetl registr DocIdMapFile. Kontext: aplikace , katalog
SystemIndex Podrobnosti: Systém nemůže nalézt uvedený soubor. (0x80070002)

Error - 15.5.2010 8:39:52 | Computer Name = LIGHTHOUSE | Source = Windows Search Service | ID = 3028
Description = Objekt sběrače nebyl inicializován. Kontext: aplikace Windows, katalog
SystemIndex Podrobnosti: Hodnotu registru nelze číst, protože konfigurace je neplatná.
Vytvořte znovu konfiguraci indexu obsahu tak, že jej odeberete. (0x80040d03)

Error - 15.5.2010 8:39:52 | Computer Name = LIGHTHOUSE | Source = Windows Search Service | ID = 3058
Description = Aplikace nebyla inicializována. Kontext: aplikace Windows Podrobnosti:
Hodnotu
registru nelze číst, protože konfigurace je neplatná. Vytvořte znovu konfiguraci
indexu obsahu tak, že jej odeberete. (0x80040d03)

[ System Events ]
Error - 15.5.2010 17:28:26 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7031
Description = Služba Lavasoft Ad-Aware Service byla nečekaně ukončena. Stalo se
to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat
službu.

Error - 15.5.2010 17:28:26 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7031
Description = Služba Apple Mobile Device byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 15.5.2010 17:28:26 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 15.5.2010 17:28:26 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7034
Description = Služba LightScribeService Direct Disc Labeling Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 15.5.2010 17:28:27 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7034
Description = Služba NMSAccessU byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 15.5.2010 17:28:27 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7034
Description = Služba Cyberlink RichVideo Service(CRVS) byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 15.5.2010 17:28:27 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7034
Description = Služba Canon Camera Access Library 8 byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 15.5.2010 17:36:12 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7000
Description = Služba General Purpose USB Driver (adildr.sys) neuspěla při spuštění
v důsledku následující chyby: %%2

Error - 15.5.2010 17:36:12 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 4.0 neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 15.5.2010 17:36:12 | Computer Name = LIGHTHOUSE | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O1 HOSTS File: ([2010.05.15 05:39:28 | 000,394,487 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 13648 more lines...
O4 - HKLM..\Run: [Adobe ARM] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
O4 - HKLM..\Run: [LanguageShortcut] File not found
O4 - HKLM..\Run: [LGODDFU] File not found
O4 - HKLM..\Run: [RemoteControl] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O34 - HKLM BootExecute: (autocheck autochk /p \??\F:) - File not found
O34 - HKLM BootExecute: (autocheck autochk /p \??\P:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[2010.05.14 00:28:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100515-053928.backup
[2010.05.08 07:05:06 | 000,105,984 | ---- | M] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.29 03:51:31 | 000,393,065 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100505-195719.backup
[2010.04.21 23:11:39 | 000,392,705 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100429-035131.backup
[2010.04.14 22:35:33 | 000,391,947 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100421-231139.backup
[2010.04.10 23:07:31 | 000,385,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100414-223533.backup
[2010.04.10 23:07:09 | 000,385,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100410-230731.backup
[2010.03.31 14:07:34 | 000,385,903 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100410-230709.backup
[2010.03.30 16:08:03 | 000,380,959 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100331-140734.backup
[2010.03.22 05:59:08 | 000,380,707 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100330-160803.backup
[2010.03.11 06:34:21 | 000,380,639 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100322-045908.backup
[2010.03.03 23:47:43 | 000,380,256 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100311-053421.backup
[2010.02.25 18:41:14 | 000,380,256 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100303-224743.backup
[2010.02.18 05:33:32 | 000,380,152 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100225-174114.backup
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CF778051

:Files
C:\WINDOWS\System32\*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
c:\windows\Tasks\*.job /s
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\System32\drivers\etc\hosts.20100515-053928.backup
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\drivers\etc\hosts.20100505-195719.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100429-035131.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100421-231139.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100414-223533.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100410-230731.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100410-230709.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100331-140734.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100330-160803.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100322-045908.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100311-053421.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100303-224743.backup
C:\WINDOWS\System32\drivers\etc\hosts.20100225-174114.backup
C:\WINDOWS\lgfwup.ini

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.


V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\System32\evgainit.sys
Pokud už byl soubor testován-klikni na otestovat znovu.

Až skončí test všech antivirů, vlož sem pak odkaz na stránku s výsledky.

Tyto složky znáš , co je v nich:
C:\Program Files\BIN
C:\WINDOWS\MATS
?

Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

[omist]

Soubor evgainit.sys přijatý 2010.05.16 11:53:47 (UTC)
Současný stav: Dokončeno
Výsledek: 1/40 (2.5%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.16.00 2010.05.15 -
AntiVir 8.2.1.242 2010.05.14 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.15 -
Avast 4.8.1351.0 2010.05.16 -
Avast5 5.0.332.0 2010.05.16 -
AVG 9.0.0.787 2010.05.16 -
BitDefender 7.2 2010.05.16 -
CAT-QuickHeal 10.00 2010.05.15 -
ClamAV 0.96.0.3-git 2010.05.16 -
Comodo 4858 2010.05.16 -
DrWeb 5.0.2.03300 2010.05.16 -
eSafe 7.0.17.0 2010.05.13 -
eTrust-Vet 35.2.7490 2010.05.15 -
F-Prot 4.5.1.85 2010.05.15 -
F-Secure 9.0.15370.0 2010.05.15 -
Fortinet 4.1.133.0 2010.05.16 -
GData 21 2010.05.16 -
Ikarus T3.1.1.84.0 2010.05.16 -
Jiangmin 13.0.900 2010.05.15 -
Kaspersky 7.0.0.125 2010.05.16 -
McAfee 5.400.0.1158 2010.05.16 -
McAfee-GW-Edition 2010.1 2010.05.16 Heuristic.BehavesLike.Win32.Rootkit.H
Microsoft 1.5703 2010.05.16 -
NOD32 5117 2010.05.15 -
Norman 6.04.12 2010.05.16 -
nProtect 2010-05-16.01 2010.05.16 -
Panda 10.0.2.7 2010.05.16 -
PCTools 7.0.3.5 2010.05.16 -
Rising 22.47.06.04 2010.05.16 -
Sophos 4.53.0 2010.05.16 -
Sunbelt 6309 2010.05.16 -
Symantec 20101.1.0.89 2010.05.16 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.16 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.15.2318 2010.05.15 -
VirusBuster 5.0.27.0 2010.05.15 -
Rozšiřující informace
File size: 23180 bytes
MD5...: 08b884faf9fbf411d57a6bf20a3d96cb
SHA1..: e97b9fdf6e892ec066dba7841522191cc84dd6f2
SHA256: 82c3878100a490310419a2686916c682aa17acdeffee1b490ca3b8530dc03f31
ssdeep: 384:xVczsb+i6/jnGeB4pMxrWTSnBhwlF8Ytly1SrazZn7o2b7zF6JfAXEtUC:Yz
QzWFB4Q6lPypF02PzF6JfAMf
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1c14
timedatestamp.....: 0x3d0503e1 (Mon Jun 10 19:54:09 2002)
machinetype.......: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x2e0 0x42a8 0x42c0 6.41 a89fe71e1358bb187a2286872a273db1
.rdata 0x45a0 0x1dc 0x1e0 3.80 900b5cd035271bcaeb465e83a9878bc4
.data 0x4780 0x1cc 0x1e0 0.00 90947e3479154523f3bdf3ea242538c8
.CRT 0x4960 0x8 0x20 0.00 70bc8f4b72a86921468bf8e8441dce51
INIT 0x4980 0x75c 0x760 5.27 85ab22b3afe19e7ec46473bd9cbb4348
.rsrc 0x50e0 0x300 0x300 3.06 9f204fcac87836eca800bd535cfebacc
.reloc 0x53e0 0x65e 0x660 6.02 c0a611bf2ddf7eafb0c310a0f1482cf9

( 2 imports )
> ntoskrnl.exe: InterlockedDecrement, RtlFreeAnsiString, RtlUnicodeStringToAnsiString, strncmp, IoGetCurrentProcess, ZwReadFile, ZwQueryInformationFile, ZwSetInformationFile, ZwSetEvent, ZwCreateEvent, RtlInitUnicodeString, ZwClose, ZwWaitForSingleObject, ZwDeviceIoControlFile, ZwUnmapViewOfSection, ZwOpenSection, ZwMapViewOfSection, ZwCreateSection, ZwDuplicateObject, ZwFsControlFile, ZwWriteFile, ZwCreateFile, ZwOpenFile, KeDelayExecutionThread, IoRegisterShutdownNotification, PsSetCreateProcessNotifyRoutine, IofCompleteRequest, MmMapLockedPages, IoDeleteDevice, IoDeleteSymbolicLink, IoStopTimer, IoStartTimer, ObReferenceObjectByHandle, ZwQueryValueKey, ZwOpenKey, IoCreateSymbolicLink, IoCreateDevice, KeSetEvent, KeWaitForSingleObject, KeInitializeEvent, KeInsertQueueApc, KeInitializeApc, ObfDereferenceObject, KeGetCurrentThread, MmIsAddressValid, IoFreeMdl, MmUnlockPages, MmProbeAndLockPages, IoAllocateMdl, PsGetCurrentProcessId, KeTickCount, KeQueryTimeIncrement, _alldiv, _allmul, ZwTerminateProcess, ZwQueryInformationProcess, ExQueueWorkItem, ZwOpenProcess, _aulldiv, _purecall, MmUnmapLockedPages, MmBuildMdlForNonPagedPool, MmGetPhysicalAddress, RtlUnwind, InterlockedIncrement, KeInitializeSpinLock, ExFreePool, ExAllocatePoolWithTag, IoInitializeTimer, KeServiceDescriptorTable
> HAL.dll: HalMakeBeep, KeQueryPerformanceCounter, KfReleaseSpinLock, KeGetCurrentIrql, KfAcquireSpinLock

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....:
copyright....:
product......:
description..:
original name:
internal name:
file version.: 4.0.4.44
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

[omist]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
127.0.0.1 localhost removed from HOSTS file successfully
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LanguageShortcut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LGODDFU deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk /p \??\F: deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk /p \??\P: deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100515-053928.backup moved successfully.
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100505-195719.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100429-035131.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100421-231139.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100414-223533.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100410-230731.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100410-230709.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100331-140734.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100330-160803.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100322-045908.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100311-053421.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100303-224743.backup moved successfully.
C:\WINDOWS\system32\drivers\etc\hosts.20100225-174114.backup moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:CF778051 deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\config\systemprofile\Local Settings\Data aplikací\SoftGrid Client\140062.ENU-20140062-62-409\UsrVol_sftfs_v1.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP108.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP127.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC.tmp folder moved successfully.
C:\WINDOWS\Installer\MSIF.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt45.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltAD.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltE4.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\User_Feed_Synchronization-{587E890E-4E85-46C0-AA8C-7270A63E678D}.job moved successfully.
C:\WINDOWS\tasks\SA.DAT moved successfully.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100515-053928.backup not found.
File\Folder C:\Documents and Settings\Ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100505-195719.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100429-035131.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100421-231139.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100414-223533.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100410-230731.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100410-230709.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100331-140734.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100330-160803.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100322-045908.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100311-053421.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100303-224743.backup not found.
File\Folder C:\WINDOWS\System32\drivers\etc\hosts.20100225-174114.backup not found.
C:\WINDOWS\lgfwup.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 434 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Miška
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Ondra
->Temp folder emptied: 1230336 bytes
->Temporary Internet Files folder emptied: 21557858 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 12347805 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 45888 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 34,00 mb


OTL by OldTimer - Version 3.2.4.1 log created on 05162010_140300

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\usgthrsvc\Perflib_Perfdata_7fc.dat not found!

Registry entries deleted on Reboot...

[omist]

v C:\Program Files\BIN to vypadá, že je rozbalený exe soubor s ovladači pro ATI chipset

[omist]

v C:\WINDOWS\MATS je toho malinko, nějaké jazykové složky (DE,ES,FR,JP) a uvnitř jen matsres.dll.mui a pak matres.dll přímo v tom adresáři
a jinak to je adresář vytvořený v době, kdy jsem dělal nějaké aktualizace Windows (NET Framework 3.5)

[jaro3]

Ok.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

:Files
C:\WINDOWS\System32\evgainit.sys

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Potom ještě ten Security Check by screen317 ( výše odkaz).

[omist]

Results of screen317's Security Check version 0.99.4
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Avira AntiVir Personal - Free Antivirus
ESET Online Scanner v3
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
HijackThis 2.0.2
TuneUp Utilities 2007
CCleaner
Wise Registry Cleaner Free 5.21
Java(TM) 6 Update 20
Adobe Flash Player 10.0.45.2
Adobe Reader 9.3.2 - Czech
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

[omist]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
========== FILES ==========
C:\WINDOWS\System32\evgainit.sys moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Miška
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ondra
->Temp folder emptied: 380933 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 8365832 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 8,00 mb


OTL by OldTimer - Version 3.2.4.1 log created on 05162010_155121

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Ondra\Local Settings\Temp\Perflib_Perfdata_bcc.dat not found!
C:\Documents and Settings\Ondra\Local Settings\Temp\sfamcc00001.dll moved successfully.
C:\Documents and Settings\Ondra\Local Settings\Temp\sfareca00001.dll moved successfully.
File\Folder C:\WINDOWS\temp\usgthrsvc\Perflib_Perfdata_73c.dat not found!

Registry entries deleted on Reboot...

[jaro3]

Můžeš odinstalovat ESET Online Scanner v3.

Jak je to s vytížením CPU?

[omist]

ESET Online odinstalován...

ale s CPU řádná změna, stále vytížení 100%, v panelu Správce úloh má 99% SYSTEM

no nic, vidím to asi na ten reinstall, jdu zálohovat C:
Jaro moc díky za pomoc...