Prosím o preventivní kontrolu logu Vyřešeno

[Aolorn]

Vzhledem k tomu že mi během procedury spadnul windows jsem jaksi pochopil že se to neukončilo regulérně.
Stav počítače...při každém spuštění mě buzeruje recovery console kterou to nainstalovalo, což je pochopitelné, protože od toho tam je....stav počítače...programy reagují, hudba hraje, filmy se přehrávají, z programů které jsme zatím zkoušel si stěžuje akorát daemon...Internet mi taky funguje, což je příjemná změna oproti poslednímu případu kdy jsem žádal o kontrolu logu.. Hry fungují i když musím uznat že testovaný Borderlands se načítal neobvykle dlouho a často sebou škubnul kvůli načítání dat.

[Reklama]

[Aolorn]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jakub at 2010-09-04 21:51:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 46 GB (10%) free of 477 GB
Total RAM: 2046 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:52:06, on 4. 9. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Documents and Settings\Jakub\Plocha\USD\USDownloader.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Xfire\Xfire.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Adobe Photoshop CS5\LogTransport2.exe
C:\Documents and Settings\Jakub\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Jakub.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [USDownloader] "C:\Documents and Settings\Jakub\Plocha\USD\USDownloader.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Startup: Yaho's Miranda Pack.lnk = C:\Program Files\Yaho's Miranda IM\miranda32.exe
O4 - Startup: Zástupce - sgalert.exe.lnk = C:\SG Alert\sgalert.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 11682 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-AOLORN-Jakub.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1637723038-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1637723038-725345543-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-25 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-05-25 1953792]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-05-12 19523616]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-09-21 55824]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-09-24 49152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-01-14 37888]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-06-26 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-02-28 75048]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-05-13 136176]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=C:\Program Files\Steam\Steam.exe [2010-08-24 1242448]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]
"USDownloader"=C:\Documents and Settings\Jakub\Plocha\USD\USDownloader.exe [2010-08-06 531456]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\Jakub\Nabídka Start\Programy\Po spuštění
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
Yaho's Miranda Pack.lnk - C:\Program Files\Yaho's Miranda IM\miranda32.exe
Zástupce - sgalert.exe.lnk - C:\SG Alert\sgalert.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2007-11-15 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Activision\Singularity(TM)\Binaries\Singularity.exe"="C:\Program Files\Activision\Singularity(TM)\Binaries\Singularity.exe:*:Enabled:Singularity"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Steam\steamapps\common\kane & lynch 2 - dog days demo\kl2.exe"="C:\Program Files\Steam\steamapps\common\kane & lynch 2 - dog days demo\kl2.exe:*:Enabled:Kane & Lynch 2: Dog Days Demo"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe"="C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo"
"C:\Program Files\Volition Inc\Red Faction Guerrilla\rfg.exe"="C:\Program Files\Volition Inc\Red Faction Guerrilla\rfg.exe:*:Enabled:Red Faction: Guerrilla"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-09-04 21:22:48 ----A---- C:\WINDOWS\system32\bassmod.dll
2010-09-04 20:53:04 ----SD---- C:\ComboFix
2010-09-04 20:40:32 ----A---- C:\Boot.bak
2010-09-04 20:40:22 ----RASHD---- C:\cmdcons
2010-09-04 20:34:32 ----A---- C:\WINDOWS\zip.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\SWSC.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\SWREG.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\sed.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\PEV.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\NIRCMD.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\MBR.exe
2010-09-04 20:34:32 ----A---- C:\WINDOWS\grep.exe
2010-09-04 20:34:04 ----D---- C:\WINDOWS\ERDNT
2010-09-04 20:32:17 ----D---- C:\Qoobox
2010-09-04 17:10:29 ----D---- C:\Documents and Settings\Jakub\Data aplikací\Malwarebytes
2010-09-04 17:09:53 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-04 17:09:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-09-04 17:09:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-04 17:09:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-04 17:08:30 ----D---- C:\Program Files\trend micro
2010-09-04 17:08:29 ----D---- C:\rsit
2010-09-03 19:31:25 ----D---- C:\Documents and Settings\Jakub\Data aplikací\Miranda
2010-09-03 19:29:17 ----D---- C:\Program Files\Miranda IM
2010-09-02 19:57:45 ----D---- C:\Program Files\CyberLink
2010-09-02 15:31:15 ----A---- C:\WINDOWS\system32\drivers\sscdmdm.sys
2010-09-02 15:31:15 ----A---- C:\WINDOWS\system32\drivers\sscdmdfl.sys
2010-09-02 15:31:15 ----A---- C:\WINDOWS\system32\drivers\sscdcmnt.sys
2010-09-02 15:31:15 ----A---- C:\WINDOWS\system32\drivers\sscdcm.sys
2010-09-02 15:31:14 ----A---- C:\WINDOWS\system32\drivers\sscdwhnt.sys
2010-09-02 15:31:14 ----A---- C:\WINDOWS\system32\drivers\sscdwh.sys
2010-09-02 15:31:14 ----A---- C:\WINDOWS\system32\drivers\sscdbus.sys
2010-09-02 15:26:23 ----D---- C:\Program Files\MarkAny
2010-08-30 23:45:01 ----D---- C:\Program Files\Team17
2010-08-29 23:39:20 ----RHD---- C:\Documents and Settings\Jakub\Data aplikací\SecuROM
2010-08-29 23:35:35 ----D---- C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2010-08-29 23:35:28 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-29 23:24:55 ----D---- C:\Program Files\2K Games
2010-08-29 23:24:44 ----D---- C:\BDS
2010-08-25 18:12:16 ----D---- C:\PFiles
2010-08-24 13:08:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\THQ
2010-08-24 12:36:54 ----D---- C:\Program Files\Volition Inc
2010-08-21 23:20:42 ----D---- C:\Program Files\Kane & Lynch 2- Dog Days
2010-08-19 21:24:54 ----D---- C:\Program Files\FOnline
2010-08-17 14:59:13 ----A---- C:\WINDOWS\treeskp.sys
2010-08-17 14:59:03 ----D---- C:\Documents and Settings\Jakub\Data aplikací\vghd
2010-08-13 21:43:44 ----D---- C:\Documents and Settings\Jakub\Data aplikací\skypePM
2010-08-13 21:40:56 ----D---- C:\Documents and Settings\Jakub\Data aplikací\Skype
2010-08-13 21:40:29 ----D---- C:\Program Files\Common Files\Skype
2010-08-13 21:40:24 ----RD---- C:\Program Files\Skype
2010-08-13 21:40:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-13 16:44:57 ----D---- C:\Program Files\OpenAL
2010-08-13 16:44:57 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-08-13 16:44:57 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-08-13 02:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-08-13 02:04:22 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-13 02:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-13 02:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-13 02:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-13 02:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-13 02:01:15 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-13 01:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-13 01:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-11 21:16:40 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-08-11 21:16:40 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-08-11 21:16:39 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-08-11 21:16:39 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-08-11 21:16:38 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-08-11 21:16:38 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-08-11 21:16:38 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-08-11 21:16:37 ----A---- C:\WINDOWS\system32\D3DX9_43.dll

======List of files/folders modified in the last 1 months======

2010-09-04 21:22:48 ----D---- C:\WINDOWS\system32
2010-09-04 21:03:43 ----D---- C:\WINDOWS\Temp
2010-09-04 21:03:12 ----D---- C:\WINDOWS
2010-09-04 21:03:06 ----D---- C:\Program Files\Steam
2010-09-04 20:58:56 ----D---- C:\WINDOWS\system32\drivers
2010-09-04 20:58:56 ----D---- C:\WINDOWS\AppPatch
2010-09-04 20:58:54 ----D---- C:\Program Files\Common Files
2010-09-04 20:53:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-04 20:53:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-04 20:50:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-09-04 20:40:33 ----RASH---- C:\boot.ini
2010-09-04 20:32:47 ----D---- C:\WINDOWS\Prefetch
2010-09-04 18:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-09-04 17:09:51 ----RD---- C:\Program Files
2010-09-04 16:55:36 ----D---- C:\WINDOWS\Debug
2010-09-04 16:42:55 ----D---- C:\Program Files\CCleaner
2010-09-04 13:19:16 ----D---- C:\Documents and Settings\Jakub\Data aplikací\ICQ
2010-09-04 11:05:36 ----D---- C:\Program Files\Xfire
2010-09-03 20:47:26 ----D---- C:\Program Files\ICQ7.2
2010-09-03 19:43:13 ----D---- C:\Program Files\Yaho's Miranda IM
2010-09-02 20:01:04 ----HD---- C:\WINDOWS\inf
2010-09-02 19:58:27 ----SHD---- C:\WINDOWS\Installer
2010-09-02 19:58:27 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-02 19:58:27 ----HD---- C:\Config.Msi
2010-09-02 19:56:38 ----A---- C:\WINDOWS\system32\msxml3a.dll
2010-09-02 19:56:37 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-09-02 19:36:44 ----D---- C:\Mozilla Firefox
2010-09-02 15:31:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-02 15:26:57 ----D---- C:\Documents and Settings\Jakub\Data aplikací\Samsung
2010-09-02 15:26:29 ----D---- C:\WINDOWS\WinSxS
2010-09-02 15:25:57 ----D---- C:\Program Files\Samsung
2010-08-30 23:43:13 ----D---- C:\Downloads
2010-08-29 23:36:53 ----D---- C:\WINDOWS\system32\DirectX
2010-08-29 23:36:31 ----RSD---- C:\WINDOWS\assembly
2010-08-29 23:35:54 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-26 13:18:57 ----RSD---- C:\WINDOWS\Fonts
2010-08-25 15:50:37 ----D---- C:\Documents and Settings\Jakub\Data aplikací\Xfire
2010-08-24 13:19:20 ----SD---- C:\Documents and Settings\Jakub\Data aplikací\Microsoft
2010-08-19 11:42:28 ----D---- C:\MP3
2010-08-19 02:46:47 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-13 12:51:39 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-13 02:04:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-13 02:04:22 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-13 02:03:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-13 01:59:36 ----D---- C:\Program Files\Movie Maker
2010-08-11 21:17:14 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-07 17:44:39 ----A---- C:\Documents and Settings\Jakub\Data aplikací\myMPQ.ini
2010-08-05 21:23:03 ----D---- C:\Filmy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/09/02 19:58:53]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-05-12 6032928]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-09-21 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-09-21 35088]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-09-21 36240]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-09-21 28432]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-05-31 96896]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2010-05-12 1691480]
S3 catchme;catchme; \??\C:\DOCUME~1\Jakub\LOCALS~1\Temp\catchme.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2010-05-12 1395800]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-13 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-25 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2007-11-15 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-24 435008]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[bledulka]

Qoobox čistý. Vzhledem k situaci bych už radši combofix nespouštěla, odinstalujeme ho a udělám kontrolu přes OTL, zároveň vyčistím zbytky po combofixu.
Recovery conzoli asi nechceš nechat?

*********************
Odinstaluj combofix přes
Start >> Spustit zkopíruj do okénka:
ComboFix /Uninstall

stiskni Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


Stáhni T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusť,pro potvrzení volby mačkej klávesu A, Enter
-po použití prográmek vymaž.Pozor,antiviry ho mohou falešně označit za vir


***********************


Odstranění konzole zotavení
-Stáhni T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
-spusť T-Cleaner
- Zmačkni klavesu r a enter
-po restartu znova spusť T-Cleaner
-Zmáčkni klavesu a a Entr potvrď všechny volby na výmaz
-pak jej spust znova ˇ, klavesu p a enter
-restartuj pc

****************************


Stahni si SPDT
http://www.duplexsecure.com/download/SP ... 72-x86.exe



*********************


Stáhni OTL
http://oldtimer.geekstogo.com/OTL.exe
-do spodního okénka vlož tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c


-dej fajfku do čtverečku u řádku Pro všechny uživatele
-nech ostatní položky jak je nastaveno na screenu
- potvrď tlačítko Prohledat.
-provede se sken, log OTL.Txt sem vlož

[Aolorn]

nebyl by jiný ověřený odkaz na T-cleaner? prý mají zrovna údržbu serveru

[bledulka]

Nebyl . Tak ho vynechej, zbytek pak uklidí OTL.

[Aolorn]

OTL logfile created on: 4. 9. 2010 22:23:29 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Jakub\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 55,64 Gb Free Space | 11,95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AOLORN
Current User Name: Jakub
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.09.04 22:21:11 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub\Dokumenty\Downloads\OTL.exe
PRC - [2010.09.02 11:33:19 | 000,923,136 | ---- | M] (Microsoft) -- C:\Program Files\Team17\Worms Reloaded\Worms_Reloaded_+10Trainer-SKIDROW~HoG.exe
PRC - [2010.08.26 20:16:06 | 000,811,616 | ---- | M] ( ) -- C:\Program Files\Miranda IM\miranda32.exe
PRC - [2010.08.25 20:10:41 | 004,530,176 | ---- | M] (Team17 Software Ltd.) -- C:\Program Files\Team17\Worms Reloaded\WormsReloaded.exe
PRC - [2010.08.24 10:31:47 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010.08.18 03:58:17 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.08.06 12:50:32 | 000,531,456 | ---- | M] (Tiger grp (www.dimonius.ru)) -- C:\Documents and Settings\Jakub\Plocha\USD\USDownloader.exe
PRC - [2010.07.09 21:04:34 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010.07.06 13:57:00 | 000,720,704 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.07.06 13:55:16 | 001,051,968 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.07.04 19:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.06.28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.01.14 00:44:52 | 000,037,888 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009.02.28 19:40:38 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared Files\brs.exe
PRC - [2009.02.16 09:55:38 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 07:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.15 10:12:04 | 000,784,912 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007.11.15 10:08:26 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007.08.03 12:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.08.03 12:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2005.09.24 00:42:32 | 000,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005.03.14 12:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (SafeList) ==========

MOD - [2010.09.04 22:21:11 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jakub\Dokumenty\Downloads\OTL.exe
MOD - [2010.07.09 21:04:44 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_43094.dll
MOD - [2010.05.12 19:58:18 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2009.07.12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009.07.12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2008.04.14 05:22:06 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.11.15 10:10:38 | 000,062,480 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2007.11.15 10:06:18 | 000,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.07.24 17:14:27 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.07.06 13:55:16 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.07.06 13:52:04 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.11.15 10:09:42 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2005.03.14 12:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Jakub\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.09.04 22:22:21 | 000,445,936 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.12 19:07:10 | 006,032,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.05.12 19:07:08 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2010.05.12 19:07:06 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2010.05.12 18:45:39 | 000,016,512 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.04.27 04:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.04.27 04:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.04.27 04:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.04.04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.02.25 10:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.02.28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/09/02 19:58:53] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.10.31 07:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.06.21 04:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 04:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.09.21 03:11:02 | 000,028,432 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.09.21 03:10:46 | 000,036,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.09.21 03:10:40 | 000,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.09.21 03:10:20 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007.06.13 17:47:12 | 000,048,256 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007.05.31 09:19:22 | 000,096,896 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-789336058-1637723038-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:3.2
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.0.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Mozilla Firefox\components [2010.09.02 19:36:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Mozilla Firefox\plugins [2010.09.02 19:36:37 | 000,000,000 | ---D | M]

[2010.05.12 19:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub\Data aplikací\Mozilla\Extensions
[2010.09.02 19:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jakub\Data aplikací\Mozilla\Firefox\Profiles\b4au0fkb.default\extensions
[2010.05.12 21:09:10 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Jakub\Data aplikací\Mozilla\Firefox\Profiles\b4au0fkb.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010.05.12 21:09:10 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Documents and Settings\Jakub\Data aplikací\Mozilla\Firefox\Profiles\b4au0fkb.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2010.05.13 13:59:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Jakub\Data aplikací\Mozilla\Firefox\Profiles\b4au0fkb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

O1 HOSTS File: ([2010.05.14 22:28:37 | 000,000,933 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-789336058-1637723038-725345543-1004..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-789336058-1637723038-725345543-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-789336058-1637723038-725345543-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-789336058-1637723038-725345543-1004..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-789336058-1637723038-725345543-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-789336058-1637723038-725345543-1004..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-789336058-1637723038-725345543-1004..\Run: [USDownloader] C:\Documents and Settings\Jakub\Plocha\USD\USDownloader.exe (Tiger grp (www.dimonius.ru))
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\Jakub\Nabídka Start\Programy\Po spuštění\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O4 - Startup: C:\Documents and Settings\Jakub\Nabídka Start\Programy\Po spuštění\Yaho's Miranda Pack.lnk = C:\Program Files\Yaho's Miranda IM\miranda32.exe ( )
O4 - Startup: C:\Documents and Settings\Jakub\Nabídka Start\Programy\Po spuštění\Zástupce - sgalert.exe.lnk = C:\SG Alert\sgalert.exe (y)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-1637723038-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-789336058-1637723038-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.12 17:52:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 30 Days ==========

[2010.09.04 22:15:50 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.09.04 20:40:22 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.09.04 20:34:32 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.09.04 20:34:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.09.04 17:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Data aplikací\Malwarebytes
[2010.09.04 17:09:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.04 17:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.09.04 17:09:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.04 17:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.09.04 17:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.04 17:08:29 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.04 16:48:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jakub\Recent
[2010.09.03 20:09:03 | 000,591,952 | ---- | C] (Miranda IM project) -- C:\Documents and Settings\Jakub\Plocha\tabsrmm.dll
[2010.09.03 19:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Data aplikací\Miranda
[2010.09.03 19:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Miranda IM
[2010.09.02 19:57:45 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010.09.02 15:31:15 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys
[2010.09.02 15:31:15 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys
[2010.09.02 15:31:15 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys
[2010.09.02 15:31:15 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcm.sys
[2010.09.02 15:31:14 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys
[2010.09.02 15:31:14 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys
[2010.09.02 15:31:14 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwh.sys
[2010.09.02 15:27:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Plocha\firmwer
[2010.09.02 15:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Dokumenty\Samsung
[2010.09.02 15:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2010.09.02 15:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Downloaded Installations
[2010.09.02 15:11:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Plocha\mobil
[2010.08.30 23:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Team17
[2010.08.29 23:39:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jakub\Data aplikací\SecuROM
[2010.08.29 23:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
[2010.08.29 23:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010.08.29 23:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\2K Games
[2010.08.29 23:24:44 | 000,000,000 | ---D | C] -- C:\BDS
[2010.08.26 13:27:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Plocha\mafja
[2010.08.26 13:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Plocha\Phx_data
[2010.08.25 18:12:16 | 000,000,000 | ---D | C] -- C:\PFiles
[2010.08.24 13:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\THQ
[2010.08.24 12:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Volition Inc
[2010.08.23 22:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Plocha\amateur_girl_set08
[2010.08.23 22:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Plocha\amateur_girl_set06
[2010.08.21 23:38:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Dokumenty\Square Enix
[2010.08.21 23:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\119615131254334708
[2010.08.21 23:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\119611918618797300
[2010.08.21 23:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\Kane & Lynch 2- Dog Days
[2010.08.19 21:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\FOnline
[2010.08.17 14:59:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Data aplikací\vghd
[2010.08.15 11:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Plocha\20 Sexy Anime Girls Wallpapers [Set 4]
[2010.08.15 10:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Dokumenty\Nová složka
[2010.08.13 21:43:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Data aplikací\skypePM
[2010.08.13 21:40:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Data aplikací\Skype
[2010.08.13 21:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.08.13 21:40:24 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.08.13 21:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2010.08.13 16:47:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\76561197999573361
[2010.08.13 16:44:57 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.08.13 16:44:57 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.08.13 16:44:57 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2010.08.11 21:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\2K Games
[2010.08.11 21:16:40 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.08.11 21:16:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.08.11 21:16:39 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.08.11 21:16:39 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.08.11 21:16:38 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.08.11 21:16:38 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.08.11 21:16:38 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.08.11 21:16:37 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.09.04 22:22:21 | 000,445,936 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.09.04 21:42:32 | 000,008,224 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Qoobox.zip
[2010.09.04 21:34:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1637723038-725345543-1004UA.job
[2010.09.04 21:29:47 | 000,066,060 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\borčus.JPG
[2010.09.04 21:22:48 | 000,036,892 | ---- | M] () -- C:\WINDOWS\System32\bassmod.dll
[2010.09.04 21:02:33 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.09.04 21:02:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.04 21:02:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.04 21:02:22 | 2145,927,168 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010.09.04 20:40:33 | 000,000,530 | RHS- | M] () -- C:\boot.ini
[2010.09.04 20:34:01 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.04 20:33:13 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Jakub\NTUSER.DAT
[2010.09.04 17:09:57 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.09.04 17:07:35 | 000,005,602 | ---- | M] () -- C:\Documents and Settings\Jakub\Dokumenty\cc_20100904_170729.reg
[2010.09.04 13:20:29 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\avatár.JPG
[2010.09.04 13:00:38 | 012,910,592 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\profile.dat
[2010.09.03 22:34:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1637723038-725345543-1004Core.job
[2010.09.03 20:44:56 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Zástupce - miranda32.exe.lnk
[2010.09.03 19:19:35 | 000,032,222 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\f49h_61Kxv.jpg
[2010.09.02 20:20:43 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.02 19:58:51 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 9.lnk
[2010.09.02 19:56:38 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.09.02 19:56:37 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2010.09.02 19:41:35 | 025,244,810 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\youtube video.flv
[2010.09.02 15:31:39 | 000,001,795 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Samsung New PC Studio.lnk
[2010.09.02 15:30:15 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.09.02 15:26:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.08.31 20:51:21 | 000,011,571 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\scifi.docx
[2010.08.31 11:32:04 | 000,042,987 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\268c212.jpg
[2010.08.31 11:29:47 | 000,056,254 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\b17C_4yxfo.jpg
[2010.08.31 11:24:34 | 000,160,984 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\P1268591174 (1).jpg
[2010.08.30 23:46:30 | 000,001,754 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Worms Reloaded.lnk
[2010.08.30 02:00:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-AOLORN-Jakub.job
[2010.08.29 23:37:25 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Borderlands.lnk
[2010.08.29 23:35:42 | 000,000,413 | ---- | M] () -- C:\Boot.bak
[2010.08.29 22:53:32 | 000,278,276 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Black_No_1_Wallpaper_by_phiberphreak.jpg
[2010.08.27 10:53:30 | 000,074,720 | ---- | M] () -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.08.27 10:53:25 | 003,578,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.26 13:46:10 | 000,000,597 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Phx_settings.ini
[2010.08.25 13:24:41 | 002,296,936 | ---- | M] () -- C:\Documents and Settings\Jakub\Dokumenty\Bez.skp
[2010.08.25 13:05:55 | 000,126,994 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Awesome Rifle.JPG
[2010.08.25 11:52:30 | 000,017,884 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\awesome gun.jpg
[2010.08.22 22:52:45 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.08.22 12:02:15 | 000,060,553 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\44626_1345329205502_1599437507_30777666_2683387_n.jpg
[2010.08.20 16:34:42 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Google Chrome.lnk
[2010.08.20 11:26:05 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Zástupce - FOnline.exe.lnk
[2010.08.19 02:46:47 | 000,000,182 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.17 15:13:03 | 000,000,003 | ---- | M] () -- C:\WINDOWS\treeskp.sys
[2010.08.17 15:13:03 | 000,000,003 | ---- | M] () -- C:\WINDOWS\sbacknt.bin
[2010.08.17 14:59:04 | 000,152,904 | ---- | M] () -- C:\WINDOWS\System32\vghd.scr
[2010.08.13 21:43:45 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.13 16:44:57 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.08.13 16:44:57 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.08.13 02:03:47 | 001,013,926 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.13 02:03:47 | 000,444,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.13 02:03:47 | 000,441,086 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.08.13 02:03:47 | 000,083,742 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.08.13 02:03:47 | 000,072,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.08.12 12:16:28 | 001,862,098 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Fotografie0143.jpg
[2010.08.10 22:49:56 | 000,000,078 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Kane & Lynch 2 - Dog Days Demo.url
[2010.08.10 22:27:24 | 000,000,078 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\Mafia II - Public Demo.url
[2010.08.08 11:58:41 | 000,023,593 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\31858_1310153673981_1234774121_30721457_3083933_n.jpg
[2010.08.08 11:58:25 | 000,100,329 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\32508_1313933008462_1234774121_30730985_2421786_n.jpg
[2010.08.08 11:58:13 | 000,112,783 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\32508_1313932888459_1234774121_30730984_7966759_n.jpg
[2010.08.07 17:44:39 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\Jakub\Data aplikací\myMPQ.ini
[2010.08.06 16:17:16 | 000,027,280 | ---- | M] () -- C:\Documents and Settings\Jakub\Plocha\facebookman.jpg
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.09.04 21:42:32 | 000,008,224 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Qoobox.zip
[2010.09.04 21:29:47 | 000,066,060 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\borčus.JPG
[2010.09.04 21:22:48 | 000,036,892 | ---- | C] () -- C:\WINDOWS\System32\bassmod.dll
[2010.09.04 20:40:32 | 000,000,413 | ---- | C] () -- C:\Boot.bak
[2010.09.04 20:40:27 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.09.04 17:09:57 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.09.04 17:07:31 | 000,005,602 | ---- | C] () -- C:\Documents and Settings\Jakub\Dokumenty\cc_20100904_170729.reg
[2010.09.04 13:20:29 | 000,002,155 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\avatár.JPG
[2010.09.04 13:14:45 | 000,055,528 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\omurdoc2beta.jpg
[2010.09.03 20:44:56 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Zástupce - miranda32.exe.lnk
[2010.09.03 19:32:13 | 012,910,592 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\profile.dat
[2010.09.03 19:19:35 | 000,032,222 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\f49h_61Kxv.jpg
[2010.09.02 19:58:51 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 9.lnk
[2010.09.02 19:41:33 | 025,244,810 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\youtube video.flv
[2010.09.02 15:31:39 | 000,001,795 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Samsung New PC Studio.lnk
[2010.08.31 20:51:20 | 000,011,571 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\scifi.docx
[2010.08.31 11:32:04 | 000,042,987 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\268c212.jpg
[2010.08.31 11:29:47 | 000,056,254 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\b17C_4yxfo.jpg
[2010.08.31 11:24:34 | 000,160,984 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\P1268591174 (1).jpg
[2010.08.30 23:46:30 | 000,001,754 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Worms Reloaded.lnk
[2010.08.29 23:37:25 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Borderlands.lnk
[2010.08.29 22:53:32 | 000,278,276 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Black_No_1_Wallpaper_by_phiberphreak.jpg
[2010.08.26 13:18:55 | 000,000,597 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Phx_settings.ini
[2010.08.26 13:18:52 | 008,578,951 | ---- | C] ($t@t!c_V()!D) -- C:\Documents and Settings\Jakub\Plocha\Phoenix.exe
[2010.08.25 13:24:40 | 002,296,936 | ---- | C] () -- C:\Documents and Settings\Jakub\Dokumenty\Bez.skp
[2010.08.25 13:05:55 | 000,126,994 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Awesome Rifle.JPG
[2010.08.25 11:52:30 | 000,017,884 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\awesome gun.jpg
[2010.08.22 12:02:15 | 000,060,553 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\44626_1345329205502_1599437507_30777666_2683387_n.jpg
[2010.08.20 01:22:26 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Zástupce - FOnline.exe.lnk
[2010.08.17 14:59:13 | 000,000,003 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2010.08.17 14:59:13 | 000,000,003 | ---- | C] () -- C:\WINDOWS\sbacknt.bin
[2010.08.17 14:59:04 | 000,152,904 | ---- | C] () -- C:\WINDOWS\System32\vghd.scr
[2010.08.13 21:43:45 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.13 21:40:29 | 000,002,283 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.08.12 15:19:09 | 001,862,098 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Fotografie0143.jpg
[2010.08.10 22:49:56 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Kane & Lynch 2 - Dog Days Demo.url
[2010.08.10 22:45:54 | 1500,340,224 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Alenka V Risi Divu DVDripCZ 2010.avi
[2010.08.10 22:27:24 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\Mafia II - Public Demo.url
[2010.08.08 11:58:41 | 000,023,593 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\31858_1310153673981_1234774121_30721457_3083933_n.jpg
[2010.08.08 11:58:25 | 000,100,329 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\32508_1313933008462_1234774121_30730985_2421786_n.jpg
[2010.08.08 11:58:13 | 000,112,783 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\32508_1313932888459_1234774121_30730984_7966759_n.jpg
[2010.08.06 16:17:14 | 000,027,280 | ---- | C] () -- C:\Documents and Settings\Jakub\Plocha\facebookman.jpg
[2010.08.02 17:22:53 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Jakub\Data aplikací\myMPQ.ini
[2010.07.09 21:04:40 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.06.30 11:59:45 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2010.06.15 19:31:28 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.06.15 19:31:28 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.06.15 19:29:52 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jakub\Data aplikací\$_hpcst$.hpc
[2010.06.10 14:52:41 | 000,000,182 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.05 19:19:09 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.05.28 23:16:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.05.28 23:16:49 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.28 23:16:49 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.28 23:16:49 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.05.28 23:16:48 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.05.28 22:23:46 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.05.12 20:11:13 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\fusioncache.dat
[2010.05.12 19:57:15 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.05.12 19:47:30 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2010.05.12 19:46:14 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2010.05.12 19:44:57 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Jakub\Data aplikací\setup_ldm.iss
[2010.05.12 19:37:27 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\Jakub\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006.04.22 14:42:11 | 000,000,572 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2001.07.06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "C:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 13:58:52 | 000,495,616 | ---- | M] ()
"Google Update" = "C:\Documents and Settings\Jakub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.05.13 22:29:40 | 000,136,176 | ---- | M] (Google Inc.)
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Steam" = "C:\Program Files\Steam\Steam.exe" -silent -- [2010.08.24 10:31:47 | 001,242,448 | ---- | M] (Valve Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007.08.03 12:51:06 | 000,202,024 | ---- | M] (Nero AG)
"USDownloader" = "C:\Documents and Settings\Jakub\Plocha\USD\USDownloader.exe" -- [2010.08.06 12:50:32 | 000,531,456 | ---- | M] (Tiger grp (www.dimonius.ru))
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.05.13 16:12:40 | 026,192,168 | R--- | M] (Skype Technologies S.A.)
"AutoStartNPSAgent" = C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe -- [2010.07.04 19:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.)
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)

< c:\windows\*.* /U >
[7 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]


< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.05.14 15:37:45 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.05.14 15:37:45 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.05.14 15:37:45 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.05.14 15:37:45 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.05.14 15:37:45 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.05.14 15:37:45 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< End of report >

Tohle vyplodil OTL

[Aolorn]

promiň, vytvořil i druhý log který jsem nezaregistroval.

OTL Extras logfile created on: 4. 9. 2010 22:23:29 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Jakub\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 55,64 Gb Free Space | 11,95% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AOLORN
Current User Name: Jakub
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-789336058-1637723038-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe" = C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0 -- (CyberLink Corp.)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II -- ()
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe" = C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay -- (Ubisoft Entertainment)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Activision\Singularity(TM)\Binaries\Singularity.exe" = C:\Program Files\Activision\Singularity(TM)\Binaries\Singularity.exe:*:Enabled:Singularity -- (Raven Software)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe" = C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X -- ()
"C:\Program Files\Steam\steamapps\common\kane & lynch 2 - dog days demo\kl2.exe" = C:\Program Files\Steam\steamapps\common\kane & lynch 2 - dog days demo\kl2.exe:*:Enabled:Kane & Lynch 2: Dog Days Demo -- (Io Interactive A/S)
"C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe" = C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo -- ()
"C:\Program Files\Volition Inc\Red Faction Guerrilla\rfg.exe" = C:\Program Files\Volition Inc\Red Faction Guerrilla\rfg.exe:*:Enabled:Red Faction: Guerrilla -- (THQ Inc.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F40754C-F1FD-43df-B73E-9DA38399CDD6}" = hpf_ProductContext
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{14A67CE0-4F30-4607-885B-43EE27BAC746}" = Readme
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2CBBC66F-995D-4927-A150-1B0B618F68FC}" = Stranglehold
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7ADE9F27-A175-447F-A4B4-B05FA82735E1}" = HP Deskjet 6900 series
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{87F59A07-55EE-415E-A966-31F3D8B6B7AD}" = LP6940_Help
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}" = Nero 8
"{8DC6CA16-9B4E-4C10-95EE-2BD91EB0290C}" = LP6940Trb
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C209B30-F71F-4c53-8D26-453208EC8E91}" = dj6940
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B3131F98-FC4B-4931-9D01-723C61F1AFBD}_is1" = Yaho's Miranda Pack - Dark 4.7
"{B343B0E3-212A-40B9-8207-1BD299228F5D}" = Fallout 3 - The Garden of Eden Creation Kit
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB1F3886-AE9F-46fb-8325-6B0718989285}" = dj_taplugin
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}" = HP Software Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast5" = avast! Free Antivirus
"BSPlayerp" = BS.Player PRO
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cube Experimental_is1" = CubeExperimentalUninstaller
"DDS Converter 2.1" = DDS Converter 2.1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fallout" = Fallout
"Fallout 3 - Mothership Zeta Addon_is1" = Fallout 3 - Mothership Zeta Addon
"Fallout 3 - The Pitt" = Fallout 3 - The Pitt
"Fallout Mod Manager_is1" = Fallout Mod Manager 0.11.9
"FreeOrion" = FreeOrion 0.3.14
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.0.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM" = Miranda IM 0.9.2
"Mozilla Firefox (3.6." = Mozilla Firefox (3.6.
"NifSkope" = NifSkope (remove only)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5
"Orion2DeinstKey" = Master of Orion II
"Precision" = EVGA Precision 1.9.5
"RocketDock_is1" = RocketDock 1.3.5
"Scorpions WinCheater 2.07 (s databází 112)_is1" = Scorpions WinCheater
"StarCraft II" = StarCraft II
"Steam App 28020" = Kane & Lynch 2: Dog Days Demo
"Steam App 400" = Portal
"Steam App 50280" = Mafia II - Demo
"TuneUp Utilities" = TuneUp Utilities
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"Worms Reloaded_is1" = Worms Reloaded
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-789336058-1637723038-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12. 7. 2010 6:31:28 | Computer Name = AOLORN | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 12. 7. 2010 6:31:28 | Computer Name = AOLORN | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 12. 7. 2010 13:31:27 | Computer Name = AOLORN | Source = Application Error | ID = 1000
Description = Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul kernel32.dll,
verze 5.1.2600.5781, adresa chyby 0x00009d93.

Error - 13. 7. 2010 9:48:00 | Computer Name = AOLORN | Source = Application Error | ID = 1000
Description = Chybující aplikace fallout3.exe, verze 1.7.0.3, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00000000.

Error - 15. 7. 2010 9:38:24 | Computer Name = AOLORN | Source = Google Update | ID = 20
Description =

Error - 15. 7. 2010 18:24:45 | Computer Name = AOLORN | Source = Application Error | ID = 1000
Description = Chybující aplikace teatimer.exe, verze 1.6.6.32, chybující modul teatimer.exe,
verze 1.6.6.32, adresa chyby 0x0006e66e.

Error - 16. 7. 2010 12:28:28 | Computer Name = AOLORN | Source = Application Error | ID = 1000
Description = Chybující aplikace orion95.exe, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00000000.

Error - 16. 7. 2010 12:33:36 | Computer Name = AOLORN | Source = Application Error | ID = 1000
Description = Chybující aplikace orion95.exe, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00000000.

Error - 16. 7. 2010 12:35:58 | Computer Name = AOLORN | Source = Application Error | ID = 1000
Description = Chybující aplikace orion95.exe, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00000000.

Error - 16. 7. 2010 13:16:27 | Computer Name = AOLORN | Source = Application Error | ID = 1000
Description = Chybující aplikace orion95.exe, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x00000000.

[ System Events ]
Error - 28. 7. 2010 16:50:51 | Computer Name = AOLORN | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 28. 7. 2010 16:50:51 | Computer Name = AOLORN | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 19. 8. 2010 15:59:48 | Computer Name = AOLORN | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 19. 8. 2010 16:00:49 | Computer Name = AOLORN | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21. 8. 2010 3:27:10 | Computer Name = AOLORN | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.1 pro síťovou kartu s adresou 001D7D00208C
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 24. 8. 2010 18:51:39 | Computer Name = AOLORN | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 24. 8. 2010 18:53:04 | Computer Name = AOLORN | Source = Service Control Manager | ID = 7034
Description = Služba NMIndexingService byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 24. 8. 2010 18:53:20 | Computer Name = AOLORN | Source = Service Control Manager | ID = 7034
Description = Služba Windows User Mode Driver Framework byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 2. 9. 2010 15:33:49 | Computer Name = AOLORN | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 4. 9. 2010 5:25:19 | Computer Name = AOLORN | Source = DCOM | ID = 10010
Description = Server {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C} se v daném časovém limitu
neregistroval u služby DCOM.


< End of report >

[jaro3]

Straší Ti tam ten Combofix , zkus ještě jednou odinstalovat.

Proč máš vypnutou obnovu systému? Pak se nemůže vytvořit nový bod obnovy..

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Jakub\LOCALS~1\Temp\catchme.sys -- (catchme)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\ComboFix
C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\sbacknt.bin
C:\WINDOWS\System32\ezsidmv.dat
C:\WINDOWS\System32\perfh009.dat
C:\WINDOWS\System32\perfh005.dat
C:\WINDOWS\System32\perfc005.dat
C:\WINDOWS\System32\perfc009.dat
C:\Documents and Settings\Jakub\Plocha\Qoobox.zip

:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
Java SE Runtime Environment 6u21
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u21-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.

[Aolorn]

Vypnutou obnovu systému? Teď jsem si to rozkliknul. Vypnutí bodů obnovy není zaškrtlé, má to přístup k 12% místa na disku a stav (C:) píše sledování.

Zkusil jsem znovu odinstalovat combofix. Vylítla chyba Systém Windows nemůže nalézt Combofix, přesvědčte se zda je název zadán správně, použil jsem "předvolbu" která mi v příkazovým řádku zůstala po posledním pokusu to odinstalovat.

Oukej, jdu teda zkusit co udělá to OTL

[Aolorn]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File C:\WINDOWS\System32\hidserv.dll not found.
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File C:\WINDOWS\System32\appmgmts.dll not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\DOCUME~1\Jakub\LOCALS~1\Temp\catchme.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\002808_.tmp moved successfully.
C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder moved successfully.
C:\WINDOWS\SET21.tmp moved successfully.
C:\WINDOWS\SET22.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AdobeAAMUpdater-1.0-AOLORN-Jakub.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1637723038-725345543-1004Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-1637723038-725345543-1004UA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\ComboFix not found.
File\Folder C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\WINDOWS\sbacknt.bin moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\WINDOWS\System32\perfh009.dat moved successfully.
C:\WINDOWS\System32\perfh005.dat moved successfully.
C:\WINDOWS\System32\perfc005.dat moved successfully.
C:\WINDOWS\System32\perfc009.dat moved successfully.
C:\Documents and Settings\Jakub\Plocha\Qoobox.zip moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Jakub
->Temp folder emptied: 21148 bytes
->Temporary Internet Files folder emptied: 66114 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 39715000 bytes
->Google Chrome cache emptied: 368988262 bytes
->Flash cache emptied: 43722 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 80352464 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 467,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Jakub
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 09052010_100244

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[jaro3]

OTL píše:
CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

že by se mýlil?

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

Aktualizuj javu:
Java SE Runtime Environment 6u21
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u21-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Aolorn]

Přísahám bohu, hned jak tady padlo že prý mám vypnuté body obnovy tak jsem to kontroloval a bylo to zapnuté.

A mimochodem, tady tyhle věci co se mi tam zjevily už můžu bez smazat nebo tam mají svůj účel?
Jinak už to snad půjde lépe, zatím to vypadá rozhodně líp, děkuju. Ještě počkám na verdikt ohledně toho balastu a pak to odfajfknu.