Prosil bych o kontrolu tohoto výpisu +

[ZuuL]

níc, není ... počkaj, ComboFix.txt .. to je jako ten log z Comba?

[Reklama]

[memphisto]

tohle je ono.dej sem obsah

[ZuuL]

Jo tak, no, to sme si nerozumněly ... já ten log nemám ani vytvořenej, pač se mi ten ComboFix nechce spustit kulu tomu AVGéčku kerý nejde uplně vypnout ... a práve sem říkal že když se hodím do nouzáče, tak se to poté restartuje ještě dřív než někam najedu

[memphisto]

Tak v tom případě:

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[ZuuL]

OTL

OTL logfile created on: 25.11.2027 8:50:13 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 509,00 Mb Available Physical Memory | 50,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 0,45 Gb Free Space | 3,06% Space Free | Partition Type: NTFS
Drive D: | 22,65 Gb Total Space | 1,36 Gb Free Space | 5,99% Space Free | Partition Type: NTFS
Drive E: | 4,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,70 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: XXX-73JE6T5H385 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\xxx\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - D:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - D:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\Winamp\winamp.exe (Nullsoft)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Program Files\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - D:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - D:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - D:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\AVPersonal\AVWUPSRV.EXE (H+BEDV Datentechnik GmbH, Germany)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\xxx\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit) -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (LMIMaint) -- D:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (LogMeIn) -- D:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (aawservice) -- D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (Plánovač automatické aktualizace LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (sfrem01) SF FrontLine Drivers Auto Removal (v1) -- C:\WINDOWS\System32\sfrem01.exe (Protection Technology (StarForce))
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
SRV - (AVWUpSrv) -- C:\Program Files\AVPersonal\AVWUPSRV.EXE (H+BEDV Datentechnik GmbH, Germany)


========== Driver Services (SafeList) ==========

DRV - (w810obex) -- C:\WINDOWS\System32\DRIVERS\w810obex.sys File not found
DRV - (w810mdm) -- C:\WINDOWS\System32\DRIVERS\w810mdm.sys File not found
DRV - (w810mdfl) -- C:\WINDOWS\System32\DRIVERS\w810mdfl.sys File not found
DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\WINDOWS\System32\DRIVERS\w810bus.sys File not found
DRV - (nod32drv) -- C:\WINDOWS\System32\drivers\nod32drv.sys File not found
DRV - (gUSBSTOi) -- C:\DOCUME~1\xxx\LOCALS~1\Temp\gUSBSTOi.sys File not found
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys File not found
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (LMIInfo) -- D:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (CrystalSysInfo) -- D:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (Applied Networking Inc.)
DRV - (BTNetFilter) -- C:\Program Files\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys (IVT Corporation.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ATITool) -- d:\Program Files\ATITool\atitool.sys ()
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (rxp) -- C:\WINDOWS\system32\drivers\RXP.SYS (StarSkin)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (tandpl) -- C:\WINDOWS\system32\drivers\tandpl.sys ()
DRV - (enodpl) -- C:\WINDOWS\system32\drivers\enodpl.sys ()
DRV - (SiSide) -- C:\WINDOWS\System32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)
DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (hidgame) -- C:\WINDOWS\system32\drivers\hidgame.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: *{00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010.02.17 10:25:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.10.10 15:55:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.12.24 02:27:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010.02.19 21:37:05 | 000,000,000 | ---D | M]

[2010.10.31 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions
[2009.03.30 16:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}

O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] D:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O4 - Startup: C:\Documents and Settings\xxx\Nabídka Start\Programy\Po spuštění\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.230.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WBSrv: DllName - C:\PROGRA~1\Stardock\Object Desktop\ThemeManager\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\ThemeManager\WbSrv.dll (Stardock Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\wgalogon.dll (Microsoft Corp.)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xxx\Data aplikací\FastStone\FSIV\FSViewerWallPaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xxx\Data aplikací\FastStone\FSIV\FSViewerWallPaper.bmp
O28 - HKLM ShellExecuteHooks: {650CA63D-4A01-4BF8-A608-9B1EBB36292E} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000.06.13 07:59:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.11.04 17:16:54 | 018,163,996 | ---- | M] () - D:\Autoskola_Testy_Demo_3.zip -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[7505.07.20 10:17:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.rxp
[7505.07.20 10:17:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.rxp
[2027.11.25 08:20:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2027.11.24 08:10:03 | 000,167,424 | ---- | C] (VirusSecureLab) -- C:\Documents and Settings\xxx\Plocha\Small Registry Editor1.3.1.12.exe
[2027.11.23 20:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Maxthon3
[2027.11.23 20:41:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xxx\Recent
[2008.03.08 14:10:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.sys
[2008.02.24 14:02:33 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[7505.07.20 10:17:00 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.rxp
[7505.07.20 10:17:00 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.rxp
[2027.11.25 08:48:29 | 003,903,286 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Survivor_-_Eye_Of_The_Tiger.mp3
[2027.11.25 08:20:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2027.11.25 08:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2027.11.25 07:57:55 | 000,001,567 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
[2027.11.25 07:56:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2027.11.25 07:56:50 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2027.11.25 07:56:45 | 000,702,474 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2027.11.24 17:23:27 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2027.11.24 17:22:39 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2027.11.24 08:10:04 | 000,167,424 | ---- | M] (VirusSecureLab) -- C:\Documents and Settings\xxx\Plocha\Small Registry Editor1.3.1.12.exe
[2027.11.23 20:50:31 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Maxthon 3.lnk
[2027.11.22 19:40:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[7505.06.26 17:31:08 | 000,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2027.11.25 08:40:19 | 003,903,286 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Survivor_-_Eye_Of_The_Tiger.mp3
[2027.11.24 14:15:29 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2027.11.23 20:50:31 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Maxthon 3.lnk
[2027.11.23 20:46:58 | 000,001,567 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
[2010.09.08 17:25:25 | 000,000,291 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.07.22 14:37:07 | 000,000,317 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.06.12 19:43:11 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.02.04 16:45:31 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\PUTTY.RND
[2010.01.16 19:25:44 | 000,000,246 | ---- | C] () -- C:\WINDOWS\holdgemss.ini
[2009.10.23 18:19:14 | 000,000,426 | ---- | C] () -- C:\WINDOWS\{21D15DED-F125-46C8-8017-CB9F1CEB5B4D}_WiseFW.ini
[2008.10.18 18:15:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\AVSDVDPlayer.m3u
[2008.10.17 20:21:02 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.10.17 20:21:02 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.10.12 13:43:10 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.06.30 11:55:27 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.03.28 15:22:25 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\$_hpcst$.hpc
[2008.03.11 16:28:01 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.03.08 14:11:25 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.log
[2008.03.08 14:10:41 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\inst.exe
[2008.03.08 14:10:41 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.cat
[2008.03.08 14:10:41 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.inf
[2007.12.24 13:49:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.10.12 13:40:28 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\Color.ini
[2006.10.21 18:59:59 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2006.09.24 19:53:54 | 000,268,242 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-parse.dll
[2006.09.24 19:53:42 | 002,518,779 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-enc.dll
[2006.09.24 19:52:04 | 000,030,693 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-int.dll
[2006.07.24 15:33:06 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2006.07.24 15:33:05 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2006.07.20 21:07:50 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.06.29 13:25:47 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006.05.26 15:01:35 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2006.05.26 14:59:47 | 000,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006.05.26 14:59:47 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd9565.sys
[2005.12.29 23:46:16 | 000,000,544 | ---- | C] () -- C:\WINDOWS\System32\toqwjao.ini
[2005.12.29 23:46:16 | 000,000,544 | ---- | C] () -- C:\WINDOWS\System32\fqbmqb.ini
[2005.11.17 18:57:30 | 000,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2005.10.15 04:10:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2005.08.17 07:31:28 | 000,004,502 | ---- | C] () -- C:\WINDOWS\System32\drivers\PDoor.sys
[2005.07.17 14:45:59 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
[2005.01.07 17:34:28 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2004.11.01 21:30:40 | 000,282,112 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[2004.10.05 14:20:10 | 000,245,845 | ---- | C] () -- C:\WINDOWS\System32\SPR_P5.DLL
[2004.10.05 14:20:10 | 000,180,309 | ---- | C] () -- C:\WINDOWS\System32\SPR_P6.DLL
[2004.10.05 14:20:10 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\CM6_640x16.dll
[2004.10.05 14:20:10 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\CM6_512x16.dll
[2004.10.05 14:20:10 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\CM6_1024x16.dll
[2004.07.12 14:00:34 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2004.07.12 14:00:34 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2004.06.24 15:29:59 | 000,207,360 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004.04.08 16:12:08 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004.04.08 16:12:08 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004.02.01 20:21:56 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2004.01.10 15:45:07 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2003.12.31 11:59:19 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003.12.31 11:59:19 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003.12.31 11:59:19 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2003.11.22 12:13:35 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2003.08.07 21:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.10.06 19:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.05 00:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 00:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 00:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.01.12 10:52:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\vbpng1.dll
[2001.01.12 10:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2000.06.13 07:59:12 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2000.06.13 07:59:11 | 000,006,067 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2000.06.13 07:59:11 | 000,003,585 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2000.06.13 07:59:11 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2000.06.13 07:59:11 | 000,000,141 | ---- | C] () -- C:\WINDOWS\wb.ini
[2000.06.13 07:59:11 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wincheater.ini
[2000.06.13 07:59:09 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2000.06.13 07:59:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2000.06.13 07:59:08 | 000,000,735 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2000.06.13 07:59:08 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2000.06.13 07:59:07 | 000,000,449 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2000.06.13 07:59:03 | 000,000,717 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2000.06.13 07:59:03 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2000.06.13 07:59:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Pohoda.INI
[2000.06.13 07:59:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\RTD.ini
[2000.06.13 07:59:01 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2000.06.13 07:59:01 | 000,000,504 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2000.06.13 07:59:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nwcontbuild.INI
[2000.06.13 07:59:00 | 000,000,154 | ---- | C] () -- C:\WINDOWS\mta.ini
[2000.06.13 07:59:00 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2000.06.13 07:58:58 | 000,001,621 | ---- | C] () -- C:\WINDOWS\level.ini
[2000.06.13 07:58:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2000.06.13 07:58:48 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2000.06.13 07:58:48 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GUNZLAUNCHER.INI
[2000.06.13 07:58:45 | 000,001,476 | ---- | C] () -- C:\WINDOWS\disney.ini
[2000.06.13 07:58:45 | 000,001,130 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2000.06.13 07:58:45 | 000,000,196 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2000.06.13 07:58:45 | 000,000,065 | ---- | C] () -- C:\WINDOWS\frikikmulti.ini
[2000.06.13 07:58:45 | 000,000,049 | ---- | C] () -- C:\WINDOWS\Folder Icons.ini
[2000.06.13 07:58:45 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2000.06.13 07:58:44 | 000,001,383 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2000.06.13 07:58:44 | 000,000,677 | ---- | C] () -- C:\WINDOWS\ChaseHQ2EvoConfig.ini
[2000.06.13 07:58:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\atomic.ini
[2000.06.13 07:58:43 | 000,000,009 | ---- | C] () -- C:\WINDOWS\Appdrive$ + Appdir$ + Umbrella.ini
[2000.06.12 13:05:26 | 000,000,123 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\fusioncache.dat
[1999.08.11 23:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999.08.11 23:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999.08.11 23:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999.08.11 23:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997.06.14 02:56:08 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2007.09.20 21:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.02.19 12:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2008.02.10 15:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
[2005.05.18 14:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CopyPod
[2010.09.21 17:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Frag Games
[2006.04.09 13:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HDD Thermometer
[2008.07.10 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.04.03 14:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2008.08.11 10:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Last.fm
[2008.09.23 18:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.11.17 23:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Memo save stupid creative
[2006.01.27 16:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\POPWWPROFILES
[2007.12.30 13:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2008.03.11 16:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.07.17 13:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUpMedia
[2009.09.26 14:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.12.13 02:17:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CCD0104E-95C0-4C73-A3E3-42C3D2072E43}
[2007.08.23 20:08:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}
[2009.01.16 23:30:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{F61B5A0B-822D-4173-BFD0-A948FC431FEB}
[2009.10.23 18:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\360desktop
[2008.08.16 20:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Any Video Converter
[2009.12.04 17:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\AVGTOOLBAR
[2010.02.17 12:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Bleh Film
[2009.03.30 16:53:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Broad Intelligence
[2010.11.04 17:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2009.08.16 00:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Desktopicon
[2009.05.02 01:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\EasyMangosHandler
[2010.08.30 07:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\fltk.org
[2010.04.02 23:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\FMA
[2008.07.14 10:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\GetRightToGo
[2009.02.23 16:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\GrabPro
[2008.03.08 14:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\gtk-2.0
[2008.08.20 18:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\GullySoft
[2010.01.14 17:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQ
[2007.09.14 12:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQ Toolbar
[2006.10.27 22:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICQLite
[2008.02.17 18:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\ICSharpCode
[2008.08.17 12:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\InfraRecorder
[2008.01.18 15:14:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Inkscape
[2008.04.03 14:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\LangSoft
[2008.10.31 08:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Leadertech
[2027.11.23 20:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Maxthon3
[2008.04.02 00:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\My Battle for Middle-earth(tm) II Files
[2007.12.28 22:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\NeoDownloader
[2009.01.06 19:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Opera
[2027.11.25 07:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Orbit
[2008.07.23 10:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Petroglyph
[2007.12.28 22:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Pmcc
[2000.08.13 00:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\REAPER
[2010.06.12 19:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Scanahand
[2008.12.07 17:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\SecondLife
[2008.03.28 15:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Sprite PC Agent
[2008.03.28 15:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Sprite Setup Wizard
[2008.03.28 15:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Sprite Software
[2000.06.12 12:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Teleca
[2008.03.11 16:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\TuneUp Software
[2010.07.17 13:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\TuneUpMedia
[2008.03.14 17:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Vso
[2010.11.19 17:15:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2027.11.25 08:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4B7BEAFF

< End of report >

[ZuuL]

EXTRAS

OTL Extras logfile created on: 25.11.2027 8:50:13 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 509,00 Mb Available Physical Memory | 50,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 0,45 Gb Free Space | 3,06% Space Free | Partition Type: NTFS
Drive D: | 22,65 Gb Total Space | 1,36 Gb Free Space | 5,99% Space Free | Partition Type: NTFS
Drive E: | 4,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,70 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: XXX-73JE6T5H385 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- D:\Program Files\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
.scr [@ = scrfile] -- "%1" /S "%3"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
InternetShortcut [open] -- "D:\Program Files\Maxthon3\Bin\Maxthon.exe" "%1" (Maxthon International ltd.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S "%3"
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FolderIcons] -- "C:\Program Files\Folder Icons\Folder Icons.exe" "%1" (Petr Sloup)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"6881:TCP" = 6881:TCP:*:Enabled:Port 6881_TCP
"6881:UDP" = 6881:UDP:*:Enabled:Port 6881_UDP
"6882:TCP" = 6882:TCP:*:Enabled:Port 6882_TCP
"6882:UDP" = 6882:UDP:*:Enabled:Port 6882_UDP
"6883:TCP" = 6883:TCP:*:Enabled:Port 6883_TCP
"6883:UDP" = 6883:UDP:*:Enabled:Port 6883_UDP
"6884:TCP" = 6884:TCP:*:Enabled:Port 6884_TCP
"6884:UDP" = 6884:UDP:*:Enabled:Port 6884_UDP
"6885:TCP" = 6885:TCP:*:Enabled:Port 6885_TCP
"6885:UDP" = 6885:UDP:*:Enabled:Port 6885_UDP
"6886:TCP" = 6886:TCP:*:Enabled:Port 6886_TCP
"6886:UDP" = 6886:UDP:*:Enabled:Port 6886_UDP
"6887:TCP" = 6887:TCP:*:Enabled:Port 6887_TCP
"6887:UDP" = 6887:UDP:*:Enabled:Port 6887_UDP
"6888:TCP" = 6888:TCP:*:Enabled:Port 6888_TCP
"6888:UDP" = 6888:UDP:*:Enabled:Port 6888_UDP
"6889:TCP" = 6889:TCP:*:Enabled:Port 6889_TCP
"6889:UDP" = 6889:UDP:*:Enabled:Port 6889_UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\ICQLite\ICQLite.exe" = D:\Program Files\ICQLite\ICQLite.exe:*:Disabled:ICQ Lite -- File not found
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat" = D:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II -- File not found
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"D:\Program Files\Counter-Strike 1.6\hl.exe" = D:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"D:\Program Files\BitLord\Downloads\Quake3\quake3.exe" = D:\Program Files\BitLord\Downloads\Quake3\quake3.exe:*:Enabled:quake3 -- File not found
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- File not found
"D:\Program Files\BitLord\BitLord.exe" = D:\Program Files\BitLord\BitLord.exe:*:Disabled:BitLord -- (www.BitLord.com)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"D:\Program Files\Opera\opera.exe" = D:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Disabled:Quiet Internet Pager -- (The Author of QIP)
"D:\Program Files\Warcraft III\Warcraft III.exe" = D:\Program Files\Warcraft III\Warcraft III.exe:*:Disabled:Warcraft III -- File not found
"D:\Program Files\Activision\Call of Duty 2 men\CoD2MP_s.exe" = D:\Program Files\Activision\Call of Duty 2 men\CoD2MP_s.exe:*:Disabled:CoD2MP_s -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011D0235-589D-4B60-B952-3507C7E8D8D8}" = Multiple Image Resizer .NET
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0B3BBF3C-F213-4227-BE45-1E4600959937}" = Mordillo Jungle Fever XS
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}" = Guitar Hero III
"{0E6AB9FC-76C2-431B-9C06-6C1CFFFEA8EB}" = Ad-Aware 2007
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2158685C-E2B3-4026-B0A1-0FFE31837AFD}" = PlayLinc
"{21D15DED-F125-46C8-8017-CB9F1CEB5B4D}" = 360desktop
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3CB3508A-5388-42FF-BDA6-43271D2C7F0A}_is1" = NeoDownloader Lite 2.1c
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{438BB9B4-65FE-4626-91D9-A8F57B18001D}" = Bluesoleil2.6.0.8 Release 070517
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{53480370-6CA2-47EC-BC05-02B4B9271C31}" = O&O Defrag Professional Edition
"{553B20C6-59CD-4C2F-BE37-16ABF32064BF}" = aTube Catcher 1.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}" = Medal of Honor Pacific Assault(tm)
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6617B725-F6CA-409B-865C-CC0A651B0E6A}" = Wings of War DEMO
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69F524B9-B18B-4FFD-8515-418586483CB4}" = Příšerky, s.r.o., Strašidelný ostrov
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A731356-4835-4C6A-B83B-E402191665F8}" = SkinStudio
"{6E65247F-58F9-41CA-BE69-0316F7907170}" = Disc2Phone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{821DABD6-26F2-49E5-AE55-40A589ADBE6D}" = Pharaoh and Cleopatra
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{881D6805-C549-11D4-AD90-00B0D03E862E}" = LEGO TECHNIC Bionicle Nestlé
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{9029363A-8173-435A-9C7C-94AE7E4945D8}_is1" = floAt's Mobile Agent 2
"{91130405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{97A19679-4C07-4B34-8ACB-D5565C3440FC}" = Stronghold
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A145C3F3-00FA-4AC0-9F55-3900D02DBE07}" = S.W.I.N.E.
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{ADEBB98C-DCD0-4369-BC4A-71B342CF55B2}" = HT Fireman CD/DVD Burner
"{B07F0D17-FE19-4BE6-9F83-27E52CF381D5}" = Utherverse 3D Client
"{BA2D4D22-0B99-4D63-BCEE-D2EA4736F27F}" = LogMeIn
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1157104-1574-4BD2-99C7-0AAB5DF4275F}" = Pirates of the Caribbean
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D09904AA-0AEF-49A2-A067-5DE6A11A120F}" = Application Suite
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D98C9637-93DA-44DB-B73A-B11A1192AB26}" = GameShadow
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E256842C-AD14-4BDC-87B2-B3A4A7037837}" = LogMeIn
"{E2729A36-33EB-4094-9759-2C7A666DE296}" = Etherlords
"{EC75A0E3-985E-D473-6E7D-A4E59B7EA0DA}" = Autoškola testy
"{ECB4D56B-E365-4922-AC0F-70CF770443A3}" = EAWMapEditor
"{FDE0D0EB-486C-48B9-A6B5-4BEAA078AF73}" = Medieval Lords
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Any Audio Converter_is1" = Any Audio Converter 1.0.1
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"AVG8Uninstall" = AVG 8.5
"AVI Splitter_is1" = AVI Splitter version 1.12
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"BitLord" = BitLord 1.1
"Blaze Media Pro" = Blaze Media Pro
"Blico Bloco" = Blico Bloco
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"Collab" = Collab
"com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1" = Autoškola testy
"csExcel_is1" = csExcel v.1.1.25
"Discovera" = Discovera
"DivX Setup.divx.com" = DivX Setup
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Easy CD-DA Extractor 9.0" = Easy CD-DA Extractor 9.0
"Easy Gif Animator Extension" = Easy Gif Animator Extension
"Easy GIF Animator_is1" = Easy GIF Animator 3.5
"Easy Graphic Converter 1.2_is1" = Easy Graphic Converter 1.2
"EAX Unified" = EAX Unified
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.20
"FastStone Image Viewer" = FastStone Image Viewer 3.2
"Folder Icons" = Program Folder Icon (pouze odebrat) - nedelej to! :)
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"Games Bind Generator" = Games Bind Generator
"Google Updater" = Google Updater
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Hamachi" = Hamachi 1.0.0.62
"High Quality Photo Resizer_is1" = High Quality Photo Resizer 1.60
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IL Download Manager" = IL Download Manager
"Indeo® Software" = Indeo® Software
"InfraRecorder" = InfraRecorder
"InstallShield_{011D0235-589D-4B60-B952-3507C7E8D8D8}" = Multiple Image Resizer .NET
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Karaoke Editor_is1" = Verze 1.12
"LastFM_is1" = Last.fm 1.5.4.27091
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Magic ISO Maker v5.5 (build 0274)" = Magic ISO Maker v5.5 (build 0274)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maxthon3" = Maxthon 3
"MediaCoder" = MediaCoder 0.6.2
"mercilesscod2" = Merciless COD2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"mTC" = mTC (remove only)
"Multi Virus Cleaner 2007_is1" = Multi Virus Cleaner 2007
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NWNCZ" = Neverwinter Nights(TM) - Čeština
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"Orbit_is1" = Orbit Downloader
"PhotoFiltre" = PhotoFiltre
"PowerISO" = PowerISO
"PPTView97" = Microsoft PowerPoint Viewer 97
"QIP 2005_is1" = QIP 2005 8090
"QIP2005" = QIP 2005 Uninstall
"RealArcade 1.2" = RealArcade
"RealPlayer 6.0" = RealPlayer
"Registry Mechanic_is1" = Registry Mechanic 6.0
"Rock Solid" = Rock Solid
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SkinStudio" = SkinStudio
"SMPlayer" = SMPlayer 0.6.7
"South Park Rally" = South Park Rally
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Talisman 3" = Talisman 3
"TextMaker Viewer" = TextMaker Viewer
"Texturizer" = Texturizer
"Totalcmd" = Total Commander (Remove or Repair)
"Universal Viewer" = Universal Viewer
"UserBar Generator_is1" = UserBar Generator 1.2
"Utherverse 3D Client" = Utherverse 3D Client
"VDJ50_is1" = Virtual Dj Studio 5.3
"Warcraft II BNE" = Warcraft II BNE
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"WindowBlinds" = WindowBlinds
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Mobile Device Handbook" = Windows Mobile Resources
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"World of Warcraft Desktop" = World of Warcraft Desktop
"Xbox_360_CC_Driver" = Xbox 360 Controller for Windows
"XviD_is1" = XviD MPEG-4 Video Codec
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24.11.2027 18:15:48 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 24.11.2027 18:15:49 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 24.11.2027 18:26:00 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 25.11.2027 2:58:50 | Computer Name = XXX-73JE6T5H385 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft ActiveSync -- Error.No valid source could be found
for product Microsoft ActiveSync. The Windows Installer cannot continue.

Error - 25.11.2027 3:01:49 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 25.11.2027 3:01:49 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 25.11.2027 3:01:50 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 25.11.2027 3:03:37 | Computer Name = XXX-73JE6T5H385 | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft ActiveSync -- Error.No valid source could be found
for product Microsoft ActiveSync. The Windows Installer cannot continue.

Error - 25.11.2027 3:03:43 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 25.11.2027 3:03:43 | Computer Name = XXX-73JE6T5H385 | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


[ System Events ]
Error - 12.11.2010 12:51:15 | Computer Name = XXX-73JE6T5H385 | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.230.18 pro síťovou kartu se síťovou
adresou 000E2E986562 byla ukončena.

Error - 12.11.2010 12:51:16 | Computer Name = XXX-73JE6T5H385 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.

Error - 12.11.2010 12:51:16 | Computer Name = XXX-73JE6T5H385 | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 12.11.2010 12:51:16 | Computer Name = XXX-73JE6T5H385 | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 17.11.2010 12:29:20 | Computer Name = XXX-73JE6T5H385 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 17.11.2010 14:19:36 | Computer Name = XXX-73JE6T5H385 | Source = DCOM | ID = 10010
Description = Server {03E0E6C2-363B-11D3-B536-00902771A435} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 22.11.2027 14:41:41 | Computer Name = XXX-73JE6T5H385 | Source = W32Time | ID = 39452706
Description = Služba Systémový čas zjistila, že je nutné změnit systémový čas o
-536457601 sekund. Služba Systémový čas nemění systémový čas o více než -54000 sekund.
Ověřte správnost času a časového pásma, a zda zdroj času time.windows.com (ntp.m|0x1|192.168.230.18:123->207.46.232.182:123)
pracuje správně.

Error - 24.11.2027 9:14:30 | Computer Name = XXX-73JE6T5H385 | Source = sfsync02 | ID = 262156
Description =

Error - 24.11.2027 12:53:27 | Computer Name = XXX-73JE6T5H385 | Source = DCOM | ID = 10010
Description = Server {03E0E6C2-363B-11D3-B536-00902771A435} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 24.11.2027 13:00:21 | Computer Name = XXX-73JE6T5H385 | Source = DCOM | ID = 10010
Description = Server {03E0E6C2-363B-11D3-B536-00902771A435} se v daném časovém limitu
neregistroval u služby DCOM.


< End of report >

[jaro3]

Drive C: | 14,65 Gb Total Space | 0,45 Gb Free Space | 3,06% Space Free | Partition Type: NTFS---
nedostatek místa na systémovém disku , doporučuji něco odinstalovat , a něco smazat , měl bys mít alespoň 15% volného místa , pro správný chod windows.

Odinstaluj:
Lavasoft\Ad-Aware 2007---zbytečný
Symantec ---asi nepůjde
Spybot - Search & Destroy---zbytečný , nebo trvale vypni rez. štít u něj.


Pokud nemáš placený AVG 8:
Odinstaluj ho a nainstaluj si AVG 10

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit) -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe File not found
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found
SRV - (Plánovač automatické aktualizace LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
DRV - (w810obex) -- C:\WINDOWS\System32\DRIVERS\w810obex.sys File not found
DRV - (w810mdm) -- C:\WINDOWS\System32\DRIVERS\w810mdm.sys File not found
DRV - (w810mdfl) -- C:\WINDOWS\System32\DRIVERS\w810mdfl.sys File not found
DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\WINDOWS\System32\DRIVERS\w810bus.sys File not found
DRV - (nod32drv) -- C:\WINDOWS\System32\drivers\nod32drv.sys File not found
DRV - (gUSBSTOi) -- C:\DOCUME~1\xxx\LOCALS~1\Temp\gUSBSTOi.sys File not found
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\..\URLSearchHook: *{00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O28 - HKLM ShellExecuteHooks: {650CA63D-4A01-4BF8-A608-9B1EBB36292E} - Reg Error: Key error. File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[2027.11.25 08:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:4B7BEAFF

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\System32\MRT.INI
C:\Documents and Settings\xxx\Data aplikací\inst.exe
C:\WINDOWS\System32\toqwjao.ini
C:\WINDOWS\System32\fqbmqb.ini
C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\SIntf16.dll
C:\Documents and Settings\xxx\Data aplikací\ICQ Toolbar

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\holdgemss.ini
C:\Documents and Settings\xxx\Data aplikací\pcouffin.inf
C:\WINDOWS\System32\erdmpg-parse.dll
C:\WINDOWS\System32\erdmpg-enc.dll
C:\WINDOWS\System32\erdmpg-int.dll
C:\WINDOWS\System32\drivers\PDoor.sys
C:\WINDOWS\System32\drivers\sptd9565.sys
C:\WINDOWS\System32\SPR_P5.DLL
C:\WINDOWS\System32\SPR_P6.DLL
C:\WINDOWS\disneysy.ini
C:\WINDOWS\frikikmulti.ini
C:\WINDOWS\gfact.ini
C:\WINDOWS\ChaseHQ2EvoConfig.ini

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Proč máš otevřeny tyto porty:

Kód: Vybrat vše

"6881:TCP" = 6881:TCP:*:Enabled:Port 6881_TCP
"6881:UDP" = 6881:UDP:*:Enabled:Port 6881_UDP
"6882:TCP" = 6882:TCP:*:Enabled:Port 6882_TCP
"6882:UDP" = 6882:UDP:*:Enabled:Port 6882_UDP
"6883:TCP" = 6883:TCP:*:Enabled:Port 6883_TCP
"6883:UDP" = 6883:UDP:*:Enabled:Port 6883_UDP
"6884:TCP" = 6884:TCP:*:Enabled:Port 6884_TCP
"6884:UDP" = 6884:UDP:*:Enabled:Port 6884_UDP
"6885:TCP" = 6885:TCP:*:Enabled:Port 6885_TCP
"6885:UDP" = 6885:UDP:*:Enabled:Port 6885_UDP
"6886:TCP" = 6886:TCP:*:Enabled:Port 6886_TCP
"6886:UDP" = 6886:UDP:*:Enabled:Port 6886_UDP
"6887:TCP" = 6887:TCP:*:Enabled:Port 6887_TCP
"6887:UDP" = 6887:UDP:*:Enabled:Port 6887_UDP
"6888:TCP" = 6888:TCP:*:Enabled:Port 6888_TCP
"6888:UDP" = 6888:UDP:*:Enabled:Port 6888_UDP
"6889:TCP" = 6889:TCP:*:Enabled:Port 6889_TCP
"6889:UDP" = 6889:UDP:*:Enabled:Port 6889_UDP


??

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

[ZuuL]

OTL

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit stopped successfully!
Service\Driver key mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit not found.
File C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe File not found not found.
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File C:\WINDOWS\System32\hidserv.dll File not found not found.
Service CLTNetCnService stopped successfully!
Service CLTNetCnService deleted successfully!
File C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe File not found not found.
Service Plánovač automatické aktualizace LiveUpdate stopped successfully!
Service Plánovač automatické aktualizace LiveUpdate deleted successfully!
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe moved successfully.
Service w810obex stopped successfully!
Service w810obex deleted successfully!
File C:\WINDOWS\System32\DRIVERS\w810obex.sys File not found not found.
Service w810mdm stopped successfully!
Service w810mdm deleted successfully!
File C:\WINDOWS\System32\DRIVERS\w810mdm.sys File not found not found.
Service w810mdfl stopped successfully!
Service w810mdfl deleted successfully!
File C:\WINDOWS\System32\DRIVERS\w810mdfl.sys File not found not found.
Error: No service named w810bus) Sony Ericsson W810 Driver driver (WDM was found to stop!
Service\Driver key w810bus) Sony Ericsson W810 Driver driver (WDM not found.
File C:\WINDOWS\System32\DRIVERS\w810bus.sys File not found not found.
Service nod32drv stopped successfully!
Service nod32drv deleted successfully!
File C:\WINDOWS\System32\drivers\nod32drv.sys File not found not found.
Service gUSBSTOi stopped successfully!
Service gUSBSTOi deleted successfully!
File C:\DOCUME~1\xxx\LOCALS~1\Temp\gUSBSTOi.sys File not found not found.
Service eeCtrl stopped successfully!
Service eeCtrl deleted successfully!
File C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoRemoteRecursiveEvents deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStrCmpLogical deleted successfully.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{650CA63D-4A01-4BF8-A608-9B1EBB36292E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{650CA63D-4A01-4BF8-A608-9B1EBB36292E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:4B7BEAFF deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\cabinet.dll.tmp moved successfully.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\msxml3.dll.tmp moved successfully.
C:\WINDOWS\System32\~GLH0003.TMP moved successfully.
C:\WINDOWS\DXT10.tmp moved successfully.
C:\WINDOWS\DXT11.tmp moved successfully.
C:\WINDOWS\DXT12.tmp moved successfully.
C:\WINDOWS\DXT13.tmp moved successfully.
C:\WINDOWS\DXT14.tmp moved successfully.
C:\WINDOWS\DXT8.tmp moved successfully.
C:\WINDOWS\DXT9.tmp moved successfully.
C:\WINDOWS\DXTA.tmp moved successfully.
C:\WINDOWS\DXTB.tmp moved successfully.
C:\WINDOWS\DXTC.tmp moved successfully.
C:\WINDOWS\DXTD.tmp moved successfully.
C:\WINDOWS\DXTE.tmp moved successfully.
C:\WINDOWS\DXTF.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\1-Click Maintenance.job moved successfully.
c:\windows\Tasks\Google Software Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job not found.
C:\WINDOWS\System32\MRT.INI moved successfully.
C:\Documents and Settings\xxx\Data aplikací\inst.exe moved successfully.
C:\WINDOWS\System32\toqwjao.ini moved successfully.
C:\WINDOWS\System32\fqbmqb.ini moved successfully.
C:\Documents and Settings\xxx\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\System32\SIntf16.dll moved successfully.
C:\Documents and Settings\xxx\Data aplikací\ICQ Toolbar folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56543 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 536 bytes

User: xxx
->Temp folder emptied: 9225032 bytes
->Temporary Internet Files folder emptied: 3486239 bytes
->Java cache emptied: 49718985 bytes
->Opera cache emptied: 104374367 bytes
->Flash cache emptied: 59786 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1590423 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 7046529 bytes

Total Files Cleaned = 167,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

User: xxx
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11272010_214604

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[ZuuL]

C:\WINDOWS\holdgemss.ini - https://www.virustotal.com/file-scan/re ... 1290892382

C:\Documents and Settings\xxx\Data aplikací\pcouffin.inf - http://www.virustotal.com/file-scan/rep ... 1290892764

C:\WINDOWS\System32\erdmpg-parse.dll - http://www.virustotal.com/file-scan/rep ... 1290892987

C:\WINDOWS\System32\erdmpg-enc.dll - http://www.virustotal.com/file-scan/rep ... 1290893593

C:\WINDOWS\System32\erdmpg-int.dll - http://www.virustotal.com/file-scan/rep ... 1290893915

C:\WINDOWS\System32\drivers\PDoor.sys - http://www.virustotal.com/file-scan/report.html?
id=7ef69bb1aa74236fbedd19db44abab56708b09485b82ee2fba472c8c71954b9a-1290894142 (3)

C:\WINDOWS\System32\drivers\sptd9565.sys - nerozjede se, když dám send tak mě to hodí z5 na počáteční obrazovku

C:\WINDOWS\System32\SPR_P5.DLL - http://www.virustotal.com/file-scan/rep ... 1290894625

C:\WINDOWS\System32\SPR_P6.DLL - http://www.virustotal.com/file-scan/rep ... 1290894823

C:\WINDOWS\disneysy.ini - http://www.virustotal.com/file-scan/rep ... 1290895076

C:\WINDOWS\frikikmulti.ini - http://www.virustotal.com/file-scan/rep ... 1290895328

C:\WINDOWS\gfact.ini - http://www.virustotal.com/file-scan/rep ... 1290895602

C:\WINDOWS\ChaseHQ2EvoConfig.ini - http://www.virustotal.com/file-scan/rep ... 1290896206



a co se těch portů týče netuším ... co s tím mám dělat?

[ZuuL]

OTL po druhý

OTL logfile created on: 27.11.2010 23:24:26 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 258,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 0,00 Gb Available in Paging File | 34,00% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 0,64 Gb Free Space | 4,37% Space Free | Partition Type: NTFS
Drive D: | 22,65 Gb Total Space | 1,31 Gb Free Space | 5,80% Space Free | Partition Type: NTFS
Drive E: | 4,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,44 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: XXX-73JE6T5H385 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\xxx\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - D:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - D:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\Winamp\winamp.exe (Nullsoft)
PRC - D:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe (LSoft Technologies Inc)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Program Files\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Program Files\QIP\qip.exe (The Author of QIP)
PRC - D:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - D:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - D:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\AVPersonal\AVWUPSRV.EXE (H+BEDV Datentechnik GmbH, Germany)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\xxx\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit) -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe File not found
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe ()
SRV - (LMIMaint) -- D:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Active@ Disk Monitor) -- D:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe (LSoft Technologies Inc)
SRV - (LogMeIn) -- D:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (sfrem01) SF FrontLine Drivers Auto Removal (v1) -- C:\WINDOWS\System32\sfrem01.exe (Protection Technology (StarForce))
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
SRV - (AVWUpSrv) -- C:\Program Files\AVPersonal\AVWUPSRV.EXE (H+BEDV Datentechnik GmbH, Germany)


========== Driver Services (SafeList) ==========

DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\WINDOWS\System32\DRIVERS\w810bus.sys File not found
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (LMIInfo) -- D:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (CrystalSysInfo) -- D:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (Applied Networking Inc.)
DRV - (BTNetFilter) -- C:\Program Files\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys (IVT Corporation.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ATITool) -- d:\Program Files\ATITool\atitool.sys ()
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (rxp) -- C:\WINDOWS\system32\drivers\RXP.SYS (StarSkin)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (tandpl) -- C:\WINDOWS\system32\drivers\tandpl.sys ()
DRV - (enodpl) -- C:\WINDOWS\system32\drivers\enodpl.sys ()
DRV - (SiSide) -- C:\WINDOWS\System32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)
DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (hidgame) -- C:\WINDOWS\system32\drivers\hidgame.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010.02.17 10:25:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010.11.27 12:19:58 | 000,000,000 | ---D | M]

[2010.10.31 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions
[2009.03.30 16:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}

O1 HOSTS File: ([2010.11.27 21:46:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] D:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O4 - Startup: C:\Documents and Settings\xxx\Nabídka Start\Programy\Po spuštění\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\WBSrv: DllName - C:\PROGRA~1\Stardock\Object Desktop\ThemeManager\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\ThemeManager\WbSrv.dll (Stardock Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xxx\Data aplikací\FastStone\FSIV\FSViewerWallPaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xxx\Data aplikací\FastStone\FSIV\FSViewerWallPaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000.06.13 07:59:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.11.04 17:16:54 | 018,163,996 | ---- | M] () - D:\Autoskola_Testy_Demo_3.zip -- [ NTFS ]
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[7505.07.20 10:17:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.rxp
[7505.07.20 10:17:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.rxp
[2027.11.25 20:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\admixdj
[2027.11.25 18:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\xRay
[2027.11.25 14:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\HandT
[2027.11.25 08:20:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2027.11.24 08:10:03 | 000,167,424 | ---- | C] (VirusSecureLab) -- C:\Documents and Settings\xxx\Plocha\Small Registry Editor1.3.1.12.exe
[2027.11.23 20:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Maxthon3
[2027.11.23 20:41:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xxx\Recent
[2010.11.27 21:46:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.11.27 13:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Media Player Classic
[2010.11.18 10:27:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.11.18 00:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
[2010.11.18 00:21:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.18 00:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.11.18 00:21:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.17 21:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\DoctorWeb
[2010.11.04 17:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2010.11.04 17:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.11.04 17:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.11.01 21:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\Recenze
[2010.10.31 21:34:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2008.03.08 14:10:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.sys
[2008.02.24 14:02:33 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 30 Days ==========

[7505.07.20 10:17:00 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.rxp
[7505.07.20 10:17:00 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.rxp
[2027.11.25 20:15:55 | 000,000,521 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\mp3Tag.lnk
[2027.11.25 19:20:20 | 000,152,587 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Meshuggah in less than 10 seconds.mp3
[2027.11.25 08:48:29 | 003,903,286 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Survivor_-_Eye_Of_The_Tiger.mp3
[2027.11.25 08:20:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2027.11.24 08:10:04 | 000,167,424 | ---- | M] (VirusSecureLab) -- C:\Documents and Settings\xxx\Plocha\Small Registry Editor1.3.1.12.exe
[2027.11.23 20:50:31 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Maxthon 3.lnk
[2010.11.28 00:04:46 | 004,837,504 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\feelingthis.mp3
[2010.11.28 00:03:18 | 002,690,949 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Blink182_-_All_the_Small_Things.mp3
[2010.11.27 21:56:18 | 000,001,567 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
[2010.11.27 21:55:07 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.11.27 21:54:16 | 001,508,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.27 21:53:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.27 21:53:45 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.27 21:53:39 | 000,703,929 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2010.11.27 21:46:25 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010.11.27 21:03:51 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.11.27 21:03:18 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.11.27 13:54:55 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.27 13:34:31 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\DVD slideshow GUI.lnk
[2010.11.27 12:18:47 | 068,164,282 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.11.27 12:01:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.20 22:26:02 | 000,068,798 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_steler.jpg
[2010.11.20 22:17:22 | 000,118,539 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Harmony_is_a_Bass_Guitar_by_Savion.jpg
[2010.11.20 22:16:16 | 000,126,838 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_harmonious_madness.jpg
[2010.11.20 21:53:22 | 000,139,320 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\bass_guitar_by_AndrzejOrlowski.jpg
[2010.11.20 01:45:19 | 000,214,937 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0DSC00278.JPG
[2010.11.20 01:45:15 | 000,284,250 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0DSC00277.JPG
[2010.11.20 01:45:09 | 000,227,210 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0DSC00275.JPG
[2010.11.18 10:30:04 | 003,911,040 | R--- | M] () -- C:\Documents and Settings\xxx\Plocha\ComboFix.exe
[2010.11.18 00:21:32 | 000,000,585 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.11.15 21:03:58 | 004,280,406 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\NINE INCH NAILS ~ THE DAY THE WHOLE WORLD WENT AWAY.mp3
[2010.11.06 18:32:28 | 000,003,765 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0pecka5364_0.jpg
[2010.11.04 20:48:47 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Microsoft Office Word 2003.lnk
[2010.11.04 20:12:10 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0Fejeton.doc
[2010.11.04 17:38:25 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Autoškola testy.lnk
[2010.11.03 19:25:21 | 000,061,412 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\76486_104111836325538_100001801662264_24106_4848947_n.jpg
[2010.10.31 21:26:25 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.31 21:26:25 | 000,437,062 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.10.31 21:26:25 | 000,082,462 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.10.31 21:26:25 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[7505.06.26 17:31:08 | 000,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2027.11.25 20:15:55 | 000,000,521 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\mp3Tag.lnk
[2027.11.25 20:15:53 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\m4atag.dll
[2027.11.25 19:20:19 | 000,152,587 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Meshuggah in less than 10 seconds.mp3
[2027.11.25 08:40:19 | 003,903,286 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Survivor_-_Eye_Of_The_Tiger.mp3
[2027.11.24 14:15:29 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2027.11.23 20:50:31 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Maxthon 3.lnk
[2027.11.23 20:46:58 | 000,001,567 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
[2010.11.27 23:42:02 | 000,600,017 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Tamagotchi 2.jar
[2010.11.27 23:41:37 | 000,638,303 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Prince of Persia.jar
[2010.11.27 23:40:24 | 000,325,071 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\monopolyubuild_s40v5n5300-240x320.jar
[2010.11.27 21:54:56 | 000,000,960 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.11.27 13:34:31 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\DVD slideshow GUI.lnk
[2010.11.20 22:26:02 | 000,068,798 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_steler.jpg
[2010.11.20 22:17:22 | 000,118,539 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Harmony_is_a_Bass_Guitar_by_Savion.jpg
[2010.11.20 22:16:15 | 000,126,838 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_harmonious_madness.jpg
[2010.11.20 21:53:22 | 000,139,320 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\bass_guitar_by_AndrzejOrlowski.jpg
[2010.11.20 00:06:46 | 000,214,937 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0DSC00278.JPG
[2010.11.20 00:06:34 | 000,284,250 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0DSC00277.JPG
[2010.11.20 00:05:50 | 000,227,210 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0DSC00275.JPG
[2010.11.18 10:29:48 | 003,911,040 | R--- | C] () -- C:\Documents and Settings\xxx\Plocha\ComboFix.exe
[2010.11.18 00:21:32 | 000,000,585 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.11.15 21:01:55 | 004,280,406 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\NINE INCH NAILS ~ THE DAY THE WHOLE WORLD WENT AWAY.mp3
[2010.11.06 18:32:28 | 000,003,765 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0pecka5364_0.jpg
[2010.11.04 19:49:08 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0Fejeton.doc
[2010.11.04 17:38:25 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Autoškola testy.lnk
[2010.11.03 19:25:21 | 000,061,412 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\76486_104111836325538_100001801662264_24106_4848947_n.jpg
[2010.09.08 17:25:25 | 000,000,291 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.07.22 14:37:07 | 000,000,317 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.06.12 19:43:11 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.02.04 16:45:31 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\PUTTY.RND
[2010.01.16 19:25:44 | 000,000,246 | ---- | C] () -- C:\WINDOWS\holdgemss.ini
[2009.10.23 18:19:14 | 000,000,426 | ---- | C] () -- C:\WINDOWS\{21D15DED-F125-46C8-8017-CB9F1CEB5B4D}_WiseFW.ini
[2008.10.18 18:15:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\AVSDVDPlayer.m3u
[2008.10.17 20:21:02 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.10.17 20:21:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.10.12 13:43:10 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.03.28 15:22:25 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\$_hpcst$.hpc
[2008.03.11 16:28:01 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.03.08 14:11:25 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.log
[2008.03.08 14:10:41 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.cat
[2008.03.08 14:10:41 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.inf
[2007.12.24 13:49:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.10.12 13:40:28 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\Color.ini
[2006.10.21 18:59:59 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2006.09.24 19:53:54 | 000,268,242 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-parse.dll
[2006.09.24 19:53:42 | 002,518,779 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-enc.dll
[2006.09.24 19:52:04 | 000,030,693 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-int.dll
[2006.07.24 15:33:06 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2006.07.24 15:33:05 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2006.07.20 21:07:50 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.06.29 13:25:47 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006.05.26 15:01:35 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2006.05.26 14:59:47 | 000,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006.05.26 14:59:47 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd9565.sys
[2005.11.17 18:57:30 | 000,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2005.10.15 04:10:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2005.08.17 07:31:28 | 000,004,502 | ---- | C] () -- C:\WINDOWS\System32\drivers\PDoor.sys
[2005.07.17 14:45:59 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
[2005.01.07 17:34:28 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2004.11.01 21:30:40 | 000,282,112 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[2004.10.05 14:20:10 | 000,245,845 | ---- | C] () -- C:\WINDOWS\System32\SPR_P5.DLL
[2004.10.05 14:20:10 | 000,180,309 | ---- | C] () -- C:\WINDOWS\System32\SPR_P6.DLL
[2004.10.05 14:20:10 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\CM6_640x16.dll
[2004.10.05 14:20:10 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\CM6_512x16.dll
[2004.10.05 14:20:10 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\CM6_1024x16.dll
[2004.07.12 14:00:34 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2004.07.12 14:00:34 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2004.04.08 16:12:08 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004.04.08 16:12:08 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004.02.01 20:21:56 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2004.01.10 15:45:07 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2003.12.31 11:59:19 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003.12.31 11:59:19 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003.11.22 12:13:35 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2003.08.07 21:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.10.06 19:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.05 00:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 00:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 00:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.01.12 10:52:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\vbpng1.dll
[2001.01.12 10:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2000.06.13 07:59:12 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2000.06.13 07:59:11 | 000,006,067 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2000.06.13 07:59:11 | 000,003,585 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2000.06.13 07:59:11 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2000.06.13 07:59:11 | 000,000,141 | ---- | C] () -- C:\WINDOWS\wb.ini
[2000.06.13 07:59:11 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wincheater.ini
[2000.06.13 07:59:09 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2000.06.13 07:59:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2000.06.13 07:59:08 | 000,000,735 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2000.06.13 07:59:08 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2000.06.13 07:59:07 | 000,000,449 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2000.06.13 07:59:03 | 000,000,717 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2000.06.13 07:59:03 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2000.06.13 07:59:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Pohoda.INI
[2000.06.13 07:59:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\RTD.ini
[2000.06.13 07:59:01 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2000.06.13 07:59:01 | 000,000,504 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2000.06.13 07:59:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nwcontbuild.INI
[2000.06.13 07:59:00 | 000,000,154 | ---- | C] () -- C:\WINDOWS\mta.ini
[2000.06.13 07:59:00 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2000.06.13 07:58:58 | 000,001,621 | ---- | C] () -- C:\WINDOWS\level.ini
[2000.06.13 07:58:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2000.06.13 07:58:48 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2000.06.13 07:58:48 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GUNZLAUNCHER.INI
[2000.06.13 07:58:45 | 000,001,476 | ---- | C] () -- C:\WINDOWS\disney.ini
[2000.06.13 07:58:45 | 000,001,130 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2000.06.13 07:58:45 | 000,000,196 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2000.06.13 07:58:45 | 000,000,065 | ---- | C] () -- C:\WINDOWS\frikikmulti.ini
[2000.06.13 07:58:45 | 000,000,049 | ---- | C] () -- C:\WINDOWS\Folder Icons.ini
[2000.06.13 07:58:45 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2000.06.13 07:58:44 | 000,001,383 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2000.06.13 07:58:44 | 000,000,677 | ---- | C] () -- C:\WINDOWS\ChaseHQ2EvoConfig.ini
[2000.06.13 07:58:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\atomic.ini
[2000.06.13 07:58:43 | 000,000,009 | ---- | C] () -- C:\WINDOWS\Appdrive$ + Appdir$ + Umbrella.ini
[2000.06.12 13:05:26 | 000,000,123 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\fusioncache.dat
[1999.08.11 23:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999.08.11 23:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999.08.11 23:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999.08.11 23:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997.06.14 02:56:08 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2000.06.13 07:59:15 | 008,981,440 | ---- | M] (InstallShield Software Corporation) -- C:\AR505ENU.EXE


< MD5 for: AGP440.SYS >
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 19:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\eventlog.dll
[2004.08.17 23:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 23:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 19:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 23:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 23:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\netlogon.dll
[2002.09.20 19:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 23:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 23:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\scecli.dll
[2002.09.20 19:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< %systemroot%\*. /mp /s >

< End of report >

[ZuuL]

OTL po druhý

OTL logfile created on: 27.11.2010 23:24:26 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\xxx\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 258,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 0,00 Gb Available in Paging File | 34,00% Paging File free
Paging file location(s): C:\pagefile.sys 192 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 0,64 Gb Free Space | 4,37% Space Free | Partition Type: NTFS
Drive D: | 22,65 Gb Total Space | 1,31 Gb Free Space | 5,80% Space Free | Partition Type: NTFS
Drive E: | 4,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,44 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: XXX-73JE6T5H385 | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\xxx\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
PRC - C:\Program Files\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - D:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - D:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Program Files\Winamp\winamp.exe (Nullsoft)
PRC - D:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe (LSoft Technologies Inc)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Program Files\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Program Files\QIP\qip.exe (The Author of QIP)
PRC - D:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - D:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - D:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Program Files\AVPersonal\AVWUPSRV.EXE (H+BEDV Datentechnik GmbH, Germany)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\xxx\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit) -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe File not found
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe ()
SRV - (LMIMaint) -- D:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Active@ Disk Monitor) -- D:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe (LSoft Technologies Inc)
SRV - (LogMeIn) -- D:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (sfrem01) SF FrontLine Drivers Auto Removal (v1) -- C:\WINDOWS\System32\sfrem01.exe (Protection Technology (StarForce))
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
SRV - (AVWUpSrv) -- C:\Program Files\AVPersonal\AVWUPSRV.EXE (H+BEDV Datentechnik GmbH, Germany)


========== Driver Services (SafeList) ==========

DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\WINDOWS\System32\DRIVERS\w810bus.sys File not found
DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (LMIInfo) -- D:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (CrystalSysInfo) -- D:\Program Files\MediaCoder\SysInfo.sys ()
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (Applied Networking Inc.)
DRV - (BTNetFilter) -- C:\Program Files\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys (IVT Corporation.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ATITool) -- d:\Program Files\ATITool\atitool.sys ()
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (rxp) -- C:\WINDOWS\system32\drivers\RXP.SYS (StarSkin)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (tandpl) -- C:\WINDOWS\system32\drivers\tandpl.sys ()
DRV - (enodpl) -- C:\WINDOWS\system32\drivers\enodpl.sys ()
DRV - (SiSide) -- C:\WINDOWS\System32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)
DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (hidgame) -- C:\WINDOWS\system32\drivers\hidgame.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Local Page = http://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2010.02.17 10:25:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010.11.27 12:19:58 | 000,000,000 | ---D | M]

[2010.10.31 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions
[2009.03.30 16:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxx\Data aplikací\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}

O1 HOSTS File: ([2010.11.27 21:46:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] D:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O4 - Startup: C:\Documents and Settings\xxx\Nabídka Start\Programy\Po spuštění\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\WBSrv: DllName - C:\PROGRA~1\Stardock\Object Desktop\ThemeManager\wbsrv.dll - C:\Program Files\Stardock\Object Desktop\ThemeManager\WbSrv.dll (Stardock Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xxx\Data aplikací\FastStone\FSIV\FSViewerWallPaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xxx\Data aplikací\FastStone\FSIV\FSViewerWallPaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000.06.13 07:59:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.11.04 17:16:54 | 018,163,996 | ---- | M] () - D:\Autoskola_Testy_Demo_3.zip -- [ NTFS ]
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[7505.07.20 10:17:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.rxp
[7505.07.20 10:17:00 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.rxp
[2027.11.25 20:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\admixdj
[2027.11.25 18:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\xRay
[2027.11.25 14:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\HandT
[2027.11.25 08:20:51 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2027.11.24 08:10:03 | 000,167,424 | ---- | C] (VirusSecureLab) -- C:\Documents and Settings\xxx\Plocha\Small Registry Editor1.3.1.12.exe
[2027.11.23 20:50:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Maxthon3
[2027.11.23 20:41:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xxx\Recent
[2010.11.27 21:46:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.11.27 13:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Media Player Classic
[2010.11.18 10:27:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.11.18 00:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\Malwarebytes
[2010.11.18 00:21:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.18 00:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.11.18 00:21:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.17 21:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\DoctorWeb
[2010.11.04 17:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Data aplikací\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2010.11.04 17:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.11.04 17:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.11.01 21:31:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xxx\Plocha\Recenze
[2010.10.31 21:34:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2008.03.08 14:10:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.sys
[2008.02.24 14:02:33 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 30 Days ==========

[7505.07.20 10:17:00 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\uxtheme.rxp
[7505.07.20 10:17:00 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uxtheme.rxp
[2027.11.25 20:15:55 | 000,000,521 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\mp3Tag.lnk
[2027.11.25 19:20:20 | 000,152,587 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Meshuggah in less than 10 seconds.mp3
[2027.11.25 08:48:29 | 003,903,286 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Survivor_-_Eye_Of_The_Tiger.mp3
[2027.11.25 08:20:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xxx\Plocha\OTL.exe
[2027.11.24 08:10:04 | 000,167,424 | ---- | M] (VirusSecureLab) -- C:\Documents and Settings\xxx\Plocha\Small Registry Editor1.3.1.12.exe
[2027.11.23 20:50:31 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Maxthon 3.lnk
[2010.11.28 00:04:46 | 004,837,504 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\feelingthis.mp3
[2010.11.28 00:03:18 | 002,690,949 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Blink182_-_All_the_Small_Things.mp3
[2010.11.27 21:56:18 | 000,001,567 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
[2010.11.27 21:55:07 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.11.27 21:54:16 | 001,508,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.27 21:53:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.27 21:53:45 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.27 21:53:39 | 000,703,929 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2010.11.27 21:46:25 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010.11.27 21:03:51 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.11.27 21:03:18 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.11.27 13:54:55 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.27 13:34:31 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\DVD slideshow GUI.lnk
[2010.11.27 12:18:47 | 068,164,282 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.11.27 12:01:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.20 22:26:02 | 000,068,798 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_steler.jpg
[2010.11.20 22:17:22 | 000,118,539 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Harmony_is_a_Bass_Guitar_by_Savion.jpg
[2010.11.20 22:16:16 | 000,126,838 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_harmonious_madness.jpg
[2010.11.20 21:53:22 | 000,139,320 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\bass_guitar_by_AndrzejOrlowski.jpg
[2010.11.20 01:45:19 | 000,214,937 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0DSC00278.JPG
[2010.11.20 01:45:15 | 000,284,250 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0DSC00277.JPG
[2010.11.20 01:45:09 | 000,227,210 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0DSC00275.JPG
[2010.11.18 10:30:04 | 003,911,040 | R--- | M] () -- C:\Documents and Settings\xxx\Plocha\ComboFix.exe
[2010.11.18 00:21:32 | 000,000,585 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.11.15 21:03:58 | 004,280,406 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\NINE INCH NAILS ~ THE DAY THE WHOLE WORLD WENT AWAY.mp3
[2010.11.06 18:32:28 | 000,003,765 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0pecka5364_0.jpg
[2010.11.04 20:48:47 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\Microsoft Office Word 2003.lnk
[2010.11.04 20:12:10 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\0Fejeton.doc
[2010.11.04 17:38:25 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Autoškola testy.lnk
[2010.11.03 19:25:21 | 000,061,412 | ---- | M] () -- C:\Documents and Settings\xxx\Plocha\76486_104111836325538_100001801662264_24106_4848947_n.jpg
[2010.10.31 21:26:25 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.31 21:26:25 | 000,437,062 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.10.31 21:26:25 | 000,082,462 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.10.31 21:26:25 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[7505.06.26 17:31:08 | 000,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2027.11.25 20:15:55 | 000,000,521 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\mp3Tag.lnk
[2027.11.25 20:15:53 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\m4atag.dll
[2027.11.25 19:20:19 | 000,152,587 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Meshuggah in less than 10 seconds.mp3
[2027.11.25 08:40:19 | 003,903,286 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Survivor_-_Eye_Of_The_Tiger.mp3
[2027.11.24 14:15:29 | 1073,270,784 | -HS- | C] () -- C:\hiberfil.sys
[2027.11.23 20:50:31 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Maxthon 3.lnk
[2027.11.23 20:46:58 | 000,001,567 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Orbit.lnk
[2010.11.27 23:42:02 | 000,600,017 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Tamagotchi 2.jar
[2010.11.27 23:41:37 | 000,638,303 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Prince of Persia.jar
[2010.11.27 23:40:24 | 000,325,071 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\monopolyubuild_s40v5n5300-240x320.jar
[2010.11.27 21:54:56 | 000,000,960 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.11.27 13:34:31 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\DVD slideshow GUI.lnk
[2010.11.20 22:26:02 | 000,068,798 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_steler.jpg
[2010.11.20 22:17:22 | 000,118,539 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Harmony_is_a_Bass_Guitar_by_Savion.jpg
[2010.11.20 22:16:15 | 000,126,838 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\Bass_by_harmonious_madness.jpg
[2010.11.20 21:53:22 | 000,139,320 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\bass_guitar_by_AndrzejOrlowski.jpg
[2010.11.20 00:06:46 | 000,214,937 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0DSC00278.JPG
[2010.11.20 00:06:34 | 000,284,250 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0DSC00277.JPG
[2010.11.20 00:05:50 | 000,227,210 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0DSC00275.JPG
[2010.11.18 10:29:48 | 003,911,040 | R--- | C] () -- C:\Documents and Settings\xxx\Plocha\ComboFix.exe
[2010.11.18 00:21:32 | 000,000,585 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.11.15 21:01:55 | 004,280,406 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\NINE INCH NAILS ~ THE DAY THE WHOLE WORLD WENT AWAY.mp3
[2010.11.06 18:32:28 | 000,003,765 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0pecka5364_0.jpg
[2010.11.04 19:49:08 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\0Fejeton.doc
[2010.11.04 17:38:25 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Autoškola testy.lnk
[2010.11.03 19:25:21 | 000,061,412 | ---- | C] () -- C:\Documents and Settings\xxx\Plocha\76486_104111836325538_100001801662264_24106_4848947_n.jpg
[2010.09.08 17:25:25 | 000,000,291 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.07.22 14:37:07 | 000,000,317 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2010.06.12 19:43:11 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.02.04 16:45:31 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\PUTTY.RND
[2010.01.16 19:25:44 | 000,000,246 | ---- | C] () -- C:\WINDOWS\holdgemss.ini
[2009.10.23 18:19:14 | 000,000,426 | ---- | C] () -- C:\WINDOWS\{21D15DED-F125-46C8-8017-CB9F1CEB5B4D}_WiseFW.ini
[2008.10.18 18:15:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\AVSDVDPlayer.m3u
[2008.10.17 20:21:02 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.10.17 20:21:02 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.10.12 13:43:10 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.03.28 15:22:25 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\$_hpcst$.hpc
[2008.03.11 16:28:01 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.03.08 14:11:25 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.log
[2008.03.08 14:10:41 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.cat
[2008.03.08 14:10:41 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\pcouffin.inf
[2007.12.24 13:49:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.10.12 13:40:28 | 000,000,845 | ---- | C] () -- C:\Documents and Settings\xxx\Data aplikací\Color.ini
[2006.10.21 18:59:59 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2006.09.24 19:53:54 | 000,268,242 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-parse.dll
[2006.09.24 19:53:42 | 002,518,779 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-enc.dll
[2006.09.24 19:52:04 | 000,030,693 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-int.dll
[2006.07.24 15:33:06 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2006.07.24 15:33:05 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2006.07.20 21:07:50 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006.07.10 17:54:16 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.06.29 13:25:47 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006.05.26 15:01:35 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2006.05.26 14:59:47 | 000,664,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006.05.26 14:59:47 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd9565.sys
[2005.11.17 18:57:30 | 000,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2005.10.15 04:10:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2005.08.17 07:31:28 | 000,004,502 | ---- | C] () -- C:\WINDOWS\System32\drivers\PDoor.sys
[2005.07.17 14:45:59 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
[2005.01.07 17:34:28 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2004.11.01 21:30:40 | 000,282,112 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll
[2004.10.05 14:20:10 | 000,245,845 | ---- | C] () -- C:\WINDOWS\System32\SPR_P5.DLL
[2004.10.05 14:20:10 | 000,180,309 | ---- | C] () -- C:\WINDOWS\System32\SPR_P6.DLL
[2004.10.05 14:20:10 | 000,142,848 | ---- | C] () -- C:\WINDOWS\System32\CM6_640x16.dll
[2004.10.05 14:20:10 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\CM6_512x16.dll
[2004.10.05 14:20:10 | 000,142,336 | ---- | C] () -- C:\WINDOWS\System32\CM6_1024x16.dll
[2004.07.12 14:00:34 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2004.07.12 14:00:34 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2004.04.08 16:12:08 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004.04.08 16:12:08 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004.02.01 20:21:56 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2004.01.10 15:45:07 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2003.12.31 11:59:19 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2003.12.31 11:59:19 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2003.11.22 12:13:35 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2003.08.07 21:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.10.06 19:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.05 00:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 00:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 00:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.01.12 10:52:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\vbpng1.dll
[2001.01.12 10:49:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2000.06.13 07:59:12 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2000.06.13 07:59:11 | 000,006,067 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2000.06.13 07:59:11 | 000,003,585 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2000.06.13 07:59:11 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2000.06.13 07:59:11 | 000,000,141 | ---- | C] () -- C:\WINDOWS\wb.ini
[2000.06.13 07:59:11 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wincheater.ini
[2000.06.13 07:59:09 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2000.06.13 07:59:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2000.06.13 07:59:08 | 000,000,735 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2000.06.13 07:59:08 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2000.06.13 07:59:07 | 000,000,449 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2000.06.13 07:59:03 | 000,000,717 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2000.06.13 07:59:03 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2000.06.13 07:59:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Pohoda.INI
[2000.06.13 07:59:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\RTD.ini
[2000.06.13 07:59:01 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2000.06.13 07:59:01 | 000,000,504 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2000.06.13 07:59:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nwcontbuild.INI
[2000.06.13 07:59:00 | 000,000,154 | ---- | C] () -- C:\WINDOWS\mta.ini
[2000.06.13 07:59:00 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2000.06.13 07:58:58 | 000,001,621 | ---- | C] () -- C:\WINDOWS\level.ini
[2000.06.13 07:58:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2000.06.13 07:58:48 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2000.06.13 07:58:48 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GUNZLAUNCHER.INI
[2000.06.13 07:58:45 | 000,001,476 | ---- | C] () -- C:\WINDOWS\disney.ini
[2000.06.13 07:58:45 | 000,001,130 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2000.06.13 07:58:45 | 000,000,196 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2000.06.13 07:58:45 | 000,000,065 | ---- | C] () -- C:\WINDOWS\frikikmulti.ini
[2000.06.13 07:58:45 | 000,000,049 | ---- | C] () -- C:\WINDOWS\Folder Icons.ini
[2000.06.13 07:58:45 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2000.06.13 07:58:44 | 000,001,383 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2000.06.13 07:58:44 | 000,000,677 | ---- | C] () -- C:\WINDOWS\ChaseHQ2EvoConfig.ini
[2000.06.13 07:58:43 | 000,000,049 | ---- | C] () -- C:\WINDOWS\atomic.ini
[2000.06.13 07:58:43 | 000,000,009 | ---- | C] () -- C:\WINDOWS\Appdrive$ + Appdir$ + Umbrella.ini
[2000.06.12 13:05:26 | 000,000,123 | ---- | C] () -- C:\Documents and Settings\xxx\Local Settings\Data aplikací\fusioncache.dat
[1999.08.11 23:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1999.08.11 23:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999.08.11 23:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1999.08.11 23:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997.06.14 02:56:08 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2000.06.13 07:59:15 | 008,981,440 | ---- | M] (InstallShield Software Corporation) -- C:\AR505ENU.EXE


< MD5 for: AGP440.SYS >
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 19:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2006.11.13 15:54:58 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\eventlog.dll
[2004.08.17 23:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 23:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 19:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 23:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 23:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\netlogon.dll
[2002.09.20 19:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 23:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 23:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\ab04a73630759d84a46114bfca20f64c\scecli.dll
[2002.09.20 19:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< %systemroot%\*. /mp /s >

< End of report >

[jaro3]

C:\WINDOWS\System32\drivers\PDoor.sys - http://www.virustotal.com/file-scan/report.html?
id=7ef69bb1aa74236fbedd19db44abab56708b09485b82ee2fba472c8c71954b9a-1290894142 (3)
--zkus ještě jednou , odkaz neodkazuje.

C:\WINDOWS\System32\drivers\sptd9565.sys---zkus zastavit v procesech a zkusit znovu na Virustotal.