Zde je log OTL
OTL logfile created on: 9.10.2010 20:44:21 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 623,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 15,96 Gb Free Space | 47,63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,36 Gb Free Space | 32,57% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 306,96 Gb Free Space | 65,91% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
PRC - [2010.10.09 20:08:35 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
========== Modules (SafeList) ==========
MOD - [2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
MOD - [2008.04.14 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008.04.14 14:00:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008.04.14 14:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.04.14 14:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008.04.14 14:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008.04.14 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008.04.14 14:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008.04.14 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008.04.14 14:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.20 22:15:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.01.31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.06.09 22:02:40 | 000,018,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009.01.05 14:22:16 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.01.01 19:50:00 | 000,354,176 | ---- | M] (TrueCrypt Foundation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\supersafer.sys -- (supersafer)
DRV - [2008.11.02 10:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.04 08:33:32 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.11.15 21:00:06 | 000,016,768 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\xbpublic.sys -- (xbpublic)
DRV - [2006.11.06 10:01:50 | 004,024,832 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.04.03 09:41:36 | 000,030,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb2vcom.sys -- (usb2vcom)
DRV - [2006.02.23 05:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.02.23 05:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.12.20 10:57:40 | 000,027,008 | ---- | M] (Philips Consumer Electronics Co.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aexpamdrv.sys -- (AEXPAM)
DRV - [2003.09.08 16:06:36 | 000,255,360 | R--- | M] (D-Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)
DRV - [2002.07.17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [1999.02.10 22:08:44 | 000,120,544 | ---- | M] (Shuttle Technology.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppscan.sys -- (PPSCAN)
DRV - [1997.04.09 16:38:24 | 000,085,868 | ---- | M] (Silitek Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppclass.sys -- (PPCLASS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.0
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.29 14:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions
[2010.10.08 23:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions
[2010.04.28 10:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.08 22:18:01 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2009.09.01 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\udelatko@shabbi.cz
[2009.07.31 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.16 23:55:21 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.16 23:55:21 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.16 23:55:21 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.16 23:55:21 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.16 23:55:21 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.10.09 20:24:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 6528132875 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.01 12:24:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 90 Days ==========
[2010.10.09 20:08:41 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 20:08:30 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
[2010.10.09 11:57:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.10.09 11:52:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.10.09 11:52:30 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.10.09 11:52:30 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.10.09 11:52:30 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.10.09 11:52:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.10.09 11:50:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.10.09 10:48:35 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.09 10:48:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.09 10:48:35 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.09 10:48:34 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.09 10:48:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.09 10:48:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.09 10:48:33 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.09 10:48:21 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.09 10:48:20 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 23:02:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.10.08 23:02:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.10.08 23:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.08 21:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\DoctorWeb
[2010.10.08 21:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\prog
[2010.10.08 20:55:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\J.H\Plocha\HijackThis.exe
[2010.10.08 02:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\Pmcc
[2010.10.08 02:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.10.08 02:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2010.10.08 01:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.10.06 15:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.10.06 15:09:19 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.10.03 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.08.18 22:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2010.08.12 20:03:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Downloads
[2010.08.05 22:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010.07.22 18:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.07.22 17:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Updater5
[2010.07.22 14:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Registry Booster
[2010.07.22 12:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Best Folder Encryptor
[2010.07.22 12:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\AreaGuard
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Softwrap
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Fonts
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Config
[2010.07.22 12:07:16 | 000,000,000 | ---D | C] -- C:\abisoft
========== Files - Modified Within 90 Days ==========
[2120.02.04 01:01:46 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job
[2010.10.09 20:46:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 20:40:48 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.10.09 20:32:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.09 20:31:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.09 20:31:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.09 20:31:01 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\J.H\ntuser.dat
[2010.10.09 20:31:01 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\J.H\ntuser.ini
[2010.10.09 20:30:57 | 009,132,292 | -H-- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\IconCache.db
[2010.10.09 20:30:33 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.10.09 20:30:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.10.09 20:30:33 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.10.09 20:24:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 20:08:35 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 11:32:16 | 003,876,009 | R--- | M] () -- C:\Documents and Settings\J.H\Plocha\ComboFix.exe
[2010.10.09 10:48:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.09 10:48:34 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.08 23:02:51 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.10.08 20:55:09 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\J.H\Plocha\HijackThis.exe
[2010.10.08 16:02:37 | 000,002,807 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.10.06 15:03:34 | 000,003,594 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.10.06 10:28:14 | 001,035,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 10:28:14 | 000,453,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 10:28:14 | 000,074,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 14:18:27 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.01 22:45:42 | 003,169,381 | ---- | M] () -- C:\WINDOWS\System32\QRIALYCPQ
[2010.10.01 10:05:29 | 014,008,896 | ---- | M] () -- C:\WINDOWS\System32\LLSPJ
[2010.09.27 13:10:15 | 000,005,338 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.09.27 13:10:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.09.23 00:02:22 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\Šetření.doc
[2010.09.20 00:54:49 | 000,311,123 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\opel-Corsa-15-TD-rv-1996-spotreba-4-5-L-.mht
[2010.09.20 00:03:42 | 000,275,791 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\Prodam-VW-Golf-II-16-TD.mht
[2010.09.17 17:55:34 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Word.lnk
[2010.09.17 17:53:15 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.17 17:53:05 | 001,450,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.17 17:51:18 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.08.30 10:26:14 | 000,000,379 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\ELEKTRO 40.lnk
[2010.08.22 18:26:53 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.05 22:38:56 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\PeerBlock.lnk
[2010.07.30 09:13:49 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.22 19:24:10 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 8 Professional.lnk
[2010.07.22 13:29:29 | 000,000,260 | ---- | M] () -- C:\WINDOWS\System32\FSEPath.dat
[2010.07.22 12:40:04 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Zástupce - Crypto.exe.lnk
[2010.07.22 12:19:47 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw
[2010.07.18 09:41:28 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
========== Files Created - No Company Name ==========
[2010.10.09 11:57:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.10.09 11:57:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.10.09 11:52:30 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.10.09 11:52:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.10.09 11:52:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.10.09 11:52:30 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.10.09 11:52:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.10.09 11:31:29 | 003,876,009 | R--- | C] () -- C:\Documents and Settings\J.H\Plocha\ComboFix.exe
[2010.10.09 10:48:36 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.08 23:02:51 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.10.05 14:18:27 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.01 22:44:57 | 003,169,381 | ---- | C] () -- C:\WINDOWS\System32\QRIALYCPQ
[2010.10.01 10:02:13 | 014,008,896 | ---- | C] () -- C:\WINDOWS\System32\LLSPJ
[2010.09.23 00:02:22 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\Šetření.doc
[2010.09.20 00:54:48 | 000,311,123 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\opel-Corsa-15-TD-rv-1996-spotreba-4-5-L-.mht
[2010.09.20 00:03:39 | 000,275,791 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\Prodam-VW-Golf-II-16-TD.mht
[2010.08.30 10:29:13 | 000,000,379 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\ELEKTRO 40.lnk
[2010.07.22 18:55:25 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 8 Professional.lnk
[2010.07.22 12:45:08 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\FSEPath.dat
[2010.07.22 12:07:54 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw
[2010.07.22 11:24:18 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\Zástupce - Crypto.exe.lnk
[2010.02.06 11:21:47 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.06 11:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.03 18:02:00 | 009,756,912 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_6
[2010.02.03 18:00:51 | 009,631,260 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_5
[2010.02.03 18:00:47 | 011,571,936 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_4
[2010.02.03 18:00:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_3
[2010.01.03 09:00:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009.08.30 12:35:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2009.08.01 09:49:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2009.07.31 21:35:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.28 21:49:16 | 000,002,615 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2009.05.28 21:03:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FS.INI
[2009.05.28 20:52:14 | 000,006,736 | ---- | C] () -- C:\WINDOWS\coolcust.ini
[2009.05.28 20:52:13 | 000,003,467 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2009.04.24 19:44:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.24 19:44:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.24 19:44:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.24 19:44:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.22 16:50:55 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll
[2009.04.22 16:50:55 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll
[2009.04.22 16:50:55 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll
[2009.04.22 16:50:54 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll
[2009.04.22 16:50:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll
[2009.02.28 16:45:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msxfcg32.dll
[2009.02.19 00:12:51 | 000,000,281 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.12.05 14:19:52 | 000,001,197 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008.10.25 23:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.10.25 19:15:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2008.10.18 02:22:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.17 19:00:47 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2008.10.14 20:04:45 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.10.14 20:04:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.10.14 20:04:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.10.14 20:04:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.10.14 20:02:59 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.14 20:02:11 | 000,002,807 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.10.14 19:58:07 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.10.14 19:57:51 | 000,005,338 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.10.14 19:57:18 | 000,003,594 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.10.10 22:55:30 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.02 23:20:16 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.10.02 22:13:51 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.02 22:13:50 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.10.02 19:47:04 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.02 00:40:45 | 000,030,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2008.10.01 20:44:25 | 000,002,333 | ---- | C] () -- C:\WINDOWS\vista32d.ini
[2008.10.01 20:31:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2008.10.01 20:26:09 | 000,003,948 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2008.10.01 20:26:09 | 000,000,189 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.10.01 20:26:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2008.10.01 20:26:05 | 000,047,616 | ---- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2008.10.01 20:26:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2008.10.01 20:26:02 | 000,199,696 | ---- | C] () -- C:\WINDOWS\p1220_16.dll
[2008.10.01 20:26:02 | 000,140,320 | ---- | C] () -- C:\WINDOWS\p1220_32.dll
[2008.10.01 20:26:02 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2008.10.01 20:08:48 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2008.10.01 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.10.01 13:24:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.10.01 13:13:10 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.10.01 13:13:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.10.09 10:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 02:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2008.11.14 21:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
[2008.10.22 23:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2009.12.30 00:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.30 00:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2008.10.02 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.12.29 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.12.30 00:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.28 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.10.01 10:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RFA_Backups
[2010.10.08 02:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.14 02:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2008.12.12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Record Edit Toolbox Pro
[2008.12.12 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Recorder for Free
[2010.07.10 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\GetRightToGo
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Global Graphics
[2009.01.04 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\gtopala
[2009.03.15 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IEPro
[2010.10.05 14:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.02.03 18:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\jaws
[2010.08.18 22:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2009.03.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\MiniDm
[2009.12.30 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Nokia
[2009.04.18 19:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OfficeUpdate12
[2009.04.23 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OpenCandy
[2008.10.02 22:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\PC Suite
[2010.10.08 02:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.06.17 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ProfiCAD
[2008.12.15 10:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Softplicity
[2010.10.02 00:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Uniblue
[2010.10.08 02:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2009.04.23 08:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\WinCare2009
[2009.10.13 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Desktop Search
[2009.10.13 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Search
[2009.09.08 13:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ZIP RAR ACE Password Recovery
[2010.10.09 20:46:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2120.02.04 01:01:46 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2008.10.01 12:24:32 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010.10.08 02:50:45 | 000,001,602 | ---- | M] () -- C:\avenger.txt
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 20:30:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2008.04.14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009.02.22 10:42:34 | 000,152,978 | ---- | M] () -- C:\cc_20090222_093849.reg
[2004.08.03 23:00:04 | 000,261,312 | RHS- | M] () -- C:\cmldr
[2008.10.01 12:24:32 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008.10.02 21:24:15 | 000,043,418 | ---- | M] () -- C:\DxDiag.txt
[2008.10.01 12:24:32 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.10.01 12:24:32 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.04.14 14:00:00 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2010.10.09 20:31:40 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2009.10.21 00:09:40 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2010.02.11 14:06:20 | 000,000,129 | ---- | M] () -- C:\Zástupce - Jednotka CD-ROM.lnk
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.10.01 14:11:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.10.01 14:11:05 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.10.01 14:11:05 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 61 bytes -> C:\WINDOWS\WindowsUpdate.log:MX-3.DynamicLogViewer.Properties
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E
< End of report >
Neviditelné soubory v RECYCLERu na C: ,F: , G: Vyřešeno
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Již jednou jsem log OTL odesílal ale nevidím ho tak posílám znovu.
OTL logfile created on: 9.10.2010 20:44:21 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 623,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 15,96 Gb Free Space | 47,63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,36 Gb Free Space | 32,57% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 306,96 Gb Free Space | 65,91% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
PRC - [2010.10.09 20:08:35 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
========== Modules (SafeList) ==========
MOD - [2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
MOD - [2008.04.14 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008.04.14 14:00:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008.04.14 14:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.04.14 14:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008.04.14 14:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008.04.14 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008.04.14 14:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008.04.14 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008.04.14 14:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.20 22:15:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.01.31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.06.09 22:02:40 | 000,018,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009.01.05 14:22:16 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.01.01 19:50:00 | 000,354,176 | ---- | M] (TrueCrypt Foundation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\supersafer.sys -- (supersafer)
DRV - [2008.11.02 10:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.04 08:33:32 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.11.15 21:00:06 | 000,016,768 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\xbpublic.sys -- (xbpublic)
DRV - [2006.11.06 10:01:50 | 004,024,832 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.04.03 09:41:36 | 000,030,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb2vcom.sys -- (usb2vcom)
DRV - [2006.02.23 05:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.02.23 05:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.12.20 10:57:40 | 000,027,008 | ---- | M] (Philips Consumer Electronics Co.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aexpamdrv.sys -- (AEXPAM)
DRV - [2003.09.08 16:06:36 | 000,255,360 | R--- | M] (D-Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)
DRV - [2002.07.17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [1999.02.10 22:08:44 | 000,120,544 | ---- | M] (Shuttle Technology.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppscan.sys -- (PPSCAN)
DRV - [1997.04.09 16:38:24 | 000,085,868 | ---- | M] (Silitek Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppclass.sys -- (PPCLASS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.0
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.29 14:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions
[2010.10.08 23:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions
[2010.04.28 10:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.08 22:18:01 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2009.09.01 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\udelatko@shabbi.cz
[2009.07.31 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.16 23:55:21 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.16 23:55:21 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.16 23:55:21 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.16 23:55:21 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.16 23:55:21 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.10.09 20:24:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 6528132875 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.01 12:24:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 90 Days ==========
[2010.10.09 20:08:41 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 20:08:30 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
[2010.10.09 11:57:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.10.09 11:52:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.10.09 11:52:30 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.10.09 11:52:30 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.10.09 11:52:30 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.10.09 11:52:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.10.09 11:50:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.10.09 10:48:35 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.09 10:48:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.09 10:48:35 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.09 10:48:34 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.09 10:48:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.09 10:48:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.09 10:48:33 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.09 10:48:21 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.09 10:48:20 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 23:02:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.10.08 23:02:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.10.08 23:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.08 21:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\DoctorWeb
[2010.10.08 21:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\prog
[2010.10.08 20:55:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\J.H\Plocha\HijackThis.exe
[2010.10.08 02:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\Pmcc
[2010.10.08 02:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.10.08 02:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2010.10.08 01:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.10.06 15:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.10.06 15:09:19 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.10.03 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.08.18 22:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2010.08.12 20:03:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Downloads
[2010.08.05 22:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010.07.22 18:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.07.22 17:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Updater5
[2010.07.22 14:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Registry Booster
[2010.07.22 12:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Best Folder Encryptor
[2010.07.22 12:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\AreaGuard
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Softwrap
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Fonts
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Config
[2010.07.22 12:07:16 | 000,000,000 | ---D | C] -- C:\abisoft
========== Files - Modified Within 90 Days ==========
[2120.02.04 01:01:46 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job
[2010.10.09 20:46:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 20:40:48 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.10.09 20:32:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.09 20:31:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.09 20:31:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.09 20:31:01 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\J.H\ntuser.dat
[2010.10.09 20:31:01 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\J.H\ntuser.ini
[2010.10.09 20:30:57 | 009,132,292 | -H-- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\IconCache.db
[2010.10.09 20:30:33 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.10.09 20:30:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.10.09 20:30:33 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.10.09 20:24:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 20:08:35 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 11:32:16 | 003,876,009 | R--- | M] () -- C:\Documents and Settings\J.H\Plocha\ComboFix.exe
[2010.10.09 10:48:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.09 10:48:34 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.08 23:02:51 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.10.08 20:55:09 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\J.H\Plocha\HijackThis.exe
[2010.10.08 16:02:37 | 000,002,807 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.10.06 15:03:34 | 000,003,594 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.10.06 10:28:14 | 001,035,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 10:28:14 | 000,453,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 10:28:14 | 000,074,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 14:18:27 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.01 22:45:42 | 003,169,381 | ---- | M] () -- C:\WINDOWS\System32\QRIALYCPQ
[2010.10.01 10:05:29 | 014,008,896 | ---- | M] () -- C:\WINDOWS\System32\LLSPJ
[2010.09.27 13:10:15 | 000,005,338 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.09.27 13:10:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.09.23 00:02:22 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\Šetření.doc
[2010.09.20 00:54:49 | 000,311,123 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\opel-Corsa-15-TD-rv-1996-spotreba-4-5-L-.mht
[2010.09.20 00:03:42 | 000,275,791 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\Prodam-VW-Golf-II-16-TD.mht
[2010.09.17 17:55:34 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Word.lnk
[2010.09.17 17:53:15 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.17 17:53:05 | 001,450,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.17 17:51:18 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.08.30 10:26:14 | 000,000,379 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\ELEKTRO 40.lnk
[2010.08.22 18:26:53 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.05 22:38:56 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\PeerBlock.lnk
[2010.07.30 09:13:49 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.22 19:24:10 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 8 Professional.lnk
[2010.07.22 13:29:29 | 000,000,260 | ---- | M] () -- C:\WINDOWS\System32\FSEPath.dat
[2010.07.22 12:40:04 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Zástupce - Crypto.exe.lnk
[2010.07.22 12:19:47 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw
[2010.07.18 09:41:28 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
========== Files Created - No Company Name ==========
[2010.10.09 11:57:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.10.09 11:57:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.10.09 11:52:30 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.10.09 11:52:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.10.09 11:52:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.10.09 11:52:30 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.10.09 11:52:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.10.09 11:31:29 | 003,876,009 | R--- | C] () -- C:\Documents and Settings\J.H\Plocha\ComboFix.exe
[2010.10.09 10:48:36 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.08 23:02:51 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.10.05 14:18:27 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.01 22:44:57 | 003,169,381 | ---- | C] () -- C:\WINDOWS\System32\QRIALYCPQ
[2010.10.01 10:02:13 | 014,008,896 | ---- | C] () -- C:\WINDOWS\System32\LLSPJ
[2010.09.23 00:02:22 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\Šetření.doc
[2010.09.20 00:54:48 | 000,311,123 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\opel-Corsa-15-TD-rv-1996-spotreba-4-5-L-.mht
[2010.09.20 00:03:39 | 000,275,791 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\Prodam-VW-Golf-II-16-TD.mht
[2010.08.30 10:29:13 | 000,000,379 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\ELEKTRO 40.lnk
[2010.07.22 18:55:25 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 8 Professional.lnk
[2010.07.22 12:45:08 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\FSEPath.dat
[2010.07.22 12:07:54 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw
[2010.07.22 11:24:18 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\Zástupce - Crypto.exe.lnk
[2010.02.06 11:21:47 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.06 11:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.03 18:02:00 | 009,756,912 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_6
[2010.02.03 18:00:51 | 009,631,260 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_5
[2010.02.03 18:00:47 | 011,571,936 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_4
[2010.02.03 18:00:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_3
[2010.01.03 09:00:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009.08.30 12:35:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2009.08.01 09:49:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2009.07.31 21:35:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.28 21:49:16 | 000,002,615 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2009.05.28 21:03:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FS.INI
[2009.05.28 20:52:14 | 000,006,736 | ---- | C] () -- C:\WINDOWS\coolcust.ini
[2009.05.28 20:52:13 | 000,003,467 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2009.04.24 19:44:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.24 19:44:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.24 19:44:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.24 19:44:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.22 16:50:55 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll
[2009.04.22 16:50:55 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll
[2009.04.22 16:50:55 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll
[2009.04.22 16:50:54 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll
[2009.04.22 16:50:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll
[2009.02.28 16:45:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msxfcg32.dll
[2009.02.19 00:12:51 | 000,000,281 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.12.05 14:19:52 | 000,001,197 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008.10.25 23:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.10.25 19:15:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2008.10.18 02:22:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.17 19:00:47 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2008.10.14 20:04:45 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.10.14 20:04:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.10.14 20:04:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.10.14 20:04:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.10.14 20:02:59 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.14 20:02:11 | 000,002,807 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.10.14 19:58:07 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.10.14 19:57:51 | 000,005,338 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.10.14 19:57:18 | 000,003,594 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.10.10 22:55:30 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.02 23:20:16 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.10.02 22:13:51 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.02 22:13:50 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.10.02 19:47:04 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.02 00:40:45 | 000,030,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2008.10.01 20:44:25 | 000,002,333 | ---- | C] () -- C:\WINDOWS\vista32d.ini
[2008.10.01 20:31:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2008.10.01 20:26:09 | 000,003,948 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2008.10.01 20:26:09 | 000,000,189 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.10.01 20:26:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2008.10.01 20:26:05 | 000,047,616 | ---- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2008.10.01 20:26:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2008.10.01 20:26:02 | 000,199,696 | ---- | C] () -- C:\WINDOWS\p1220_16.dll
[2008.10.01 20:26:02 | 000,140,320 | ---- | C] () -- C:\WINDOWS\p1220_32.dll
[2008.10.01 20:26:02 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2008.10.01 20:08:48 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2008.10.01 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.10.01 13:24:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.10.01 13:13:10 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.10.01 13:13:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.10.09 10:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 02:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2008.11.14 21:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
[2008.10.22 23:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2009.12.30 00:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.30 00:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2008.10.02 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.12.29 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.12.30 00:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.28 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.10.01 10:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RFA_Backups
[2010.10.08 02:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.14 02:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2008.12.12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Record Edit Toolbox Pro
[2008.12.12 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Recorder for Free
[2010.07.10 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\GetRightToGo
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Global Graphics
[2009.01.04 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\gtopala
[2009.03.15 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IEPro
[2010.10.05 14:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.02.03 18:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\jaws
[2010.08.18 22:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2009.03.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\MiniDm
[2009.12.30 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Nokia
[2009.04.18 19:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OfficeUpdate12
[2009.04.23 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OpenCandy
[2008.10.02 22:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\PC Suite
[2010.10.08 02:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.06.17 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ProfiCAD
[2008.12.15 10:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Softplicity
[2010.10.02 00:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Uniblue
[2010.10.08 02:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2009.04.23 08:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\WinCare2009
[2009.10.13 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Desktop Search
[2009.10.13 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Search
[2009.09.08 13:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ZIP RAR ACE Password Recovery
[2010.10.09 20:46:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2120.02.04 01:01:46 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2008.10.01 12:24:32 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010.10.08 02:50:45 | 000,001,602 | ---- | M] () -- C:\avenger.txt
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 20:30:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2008.04.14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009.02.22 10:42:34 | 000,152,978 | ---- | M] () -- C:\cc_20090222_093849.reg
[2004.08.03 23:00:04 | 000,261,312 | RHS- | M] () -- C:\cmldr
[2008.10.01 12:24:32 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008.10.02 21:24:15 | 000,043,418 | ---- | M] () -- C:\DxDiag.txt
[2008.10.01 12:24:32 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.10.01 12:24:32 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.04.14 14:00:00 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2010.10.09 20:31:40 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2009.10.21 00:09:40 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2010.02.11 14:06:20 | 000,000,129 | ---- | M] () -- C:\Zástupce - Jednotka CD-ROM.lnk
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.10.01 14:11:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.10.01 14:11:05 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.10.01 14:11:05 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 61 bytes -> C:\WINDOWS\WindowsUpdate.log:MX-3.DynamicLogViewer.Properties
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E
< End of report >
Další log Extras v další zprávě.
OTL logfile created on: 9.10.2010 20:44:21 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 623,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 15,96 Gb Free Space | 47,63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,36 Gb Free Space | 32,57% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 306,96 Gb Free Space | 65,91% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
PRC - [2010.10.09 20:08:35 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
========== Modules (SafeList) ==========
MOD - [2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
MOD - [2008.04.14 14:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008.04.14 14:00:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008.04.14 14:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008.04.14 14:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008.04.14 14:00:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008.04.14 14:00:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008.04.14 14:00:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008.04.14 14:00:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008.04.14 14:00:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008.04.14 14:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.20 22:15:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.01.31 15:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.06.09 22:02:40 | 000,018,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009.01.05 14:22:16 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.01.01 19:50:00 | 000,354,176 | ---- | M] (TrueCrypt Foundation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\supersafer.sys -- (supersafer)
DRV - [2008.11.02 10:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.04 08:33:32 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.11.15 21:00:06 | 000,016,768 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\xbpublic.sys -- (xbpublic)
DRV - [2006.11.06 10:01:50 | 004,024,832 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.04.03 09:41:36 | 000,030,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb2vcom.sys -- (usb2vcom)
DRV - [2006.02.23 05:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.02.23 05:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.12.20 10:57:40 | 000,027,008 | ---- | M] (Philips Consumer Electronics Co.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aexpamdrv.sys -- (AEXPAM)
DRV - [2003.09.08 16:06:36 | 000,255,360 | R--- | M] (D-Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)
DRV - [2002.07.17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [1999.02.10 22:08:44 | 000,120,544 | ---- | M] (Shuttle Technology.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppscan.sys -- (PPSCAN)
DRV - [1997.04.09 16:38:24 | 000,085,868 | ---- | M] (Silitek Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ppclass.sys -- (PPCLASS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.0
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.29 14:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions
[2010.10.08 23:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions
[2010.04.28 10:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.08 22:18:01 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2009.09.01 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\udelatko@shabbi.cz
[2009.07.31 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.16 23:55:21 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.16 23:55:21 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.16 23:55:21 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.16 23:55:21 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.16 23:55:21 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.10.09 20:24:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 6528132875 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.01 12:24:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 90 Days ==========
[2010.10.09 20:08:41 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 20:08:30 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
[2010.10.09 11:57:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.10.09 11:52:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.10.09 11:52:30 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.10.09 11:52:30 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.10.09 11:52:30 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.10.09 11:52:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.10.09 11:50:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.10.09 10:48:35 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.09 10:48:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.09 10:48:35 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.09 10:48:34 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.09 10:48:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.09 10:48:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.09 10:48:33 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.09 10:48:21 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.09 10:48:20 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 23:02:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.10.08 23:02:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.10.08 23:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.08 21:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\DoctorWeb
[2010.10.08 21:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\prog
[2010.10.08 20:55:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\J.H\Plocha\HijackThis.exe
[2010.10.08 02:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\Pmcc
[2010.10.08 02:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.10.08 02:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2010.10.08 01:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.10.06 15:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.10.06 15:09:19 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.10.03 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.08.18 22:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2010.08.12 20:03:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Downloads
[2010.08.05 22:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010.07.22 18:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.07.22 17:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Updater5
[2010.07.22 14:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Registry Booster
[2010.07.22 12:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Best Folder Encryptor
[2010.07.22 12:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\AreaGuard
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Softwrap
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Fonts
[2010.07.22 12:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Config
[2010.07.22 12:07:16 | 000,000,000 | ---D | C] -- C:\abisoft
========== Files - Modified Within 90 Days ==========
[2120.02.04 01:01:46 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job
[2010.10.09 20:46:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 20:40:48 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.10.09 20:32:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.09 20:31:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.09 20:31:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.09 20:31:01 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\J.H\ntuser.dat
[2010.10.09 20:31:01 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\J.H\ntuser.ini
[2010.10.09 20:30:57 | 009,132,292 | -H-- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\IconCache.db
[2010.10.09 20:30:33 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.10.09 20:30:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.10.09 20:30:33 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.10.09 20:24:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.09 20:08:44 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 20:08:35 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTH.scr
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 11:32:16 | 003,876,009 | R--- | M] () -- C:\Documents and Settings\J.H\Plocha\ComboFix.exe
[2010.10.09 10:48:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.09 10:48:34 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.08 23:02:51 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.10.08 20:55:09 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\J.H\Plocha\HijackThis.exe
[2010.10.08 16:02:37 | 000,002,807 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.10.06 15:03:34 | 000,003,594 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.10.06 10:28:14 | 001,035,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 10:28:14 | 000,453,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 10:28:14 | 000,074,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 14:18:27 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.01 22:45:42 | 003,169,381 | ---- | M] () -- C:\WINDOWS\System32\QRIALYCPQ
[2010.10.01 10:05:29 | 014,008,896 | ---- | M] () -- C:\WINDOWS\System32\LLSPJ
[2010.09.27 13:10:15 | 000,005,338 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.09.27 13:10:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.09.23 00:02:22 | 000,080,896 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\Šetření.doc
[2010.09.20 00:54:49 | 000,311,123 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\opel-Corsa-15-TD-rv-1996-spotreba-4-5-L-.mht
[2010.09.20 00:03:42 | 000,275,791 | ---- | M] () -- C:\Documents and Settings\J.H\Dokumenty\Prodam-VW-Golf-II-16-TD.mht
[2010.09.17 17:55:34 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Word.lnk
[2010.09.17 17:53:15 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.17 17:53:05 | 001,450,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.17 17:51:18 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.08.30 10:26:14 | 000,000,379 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\ELEKTRO 40.lnk
[2010.08.22 18:26:53 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.08.05 22:38:56 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\PeerBlock.lnk
[2010.07.30 09:13:49 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.22 19:24:10 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 8 Professional.lnk
[2010.07.22 13:29:29 | 000,000,260 | ---- | M] () -- C:\WINDOWS\System32\FSEPath.dat
[2010.07.22 12:40:04 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Zástupce - Crypto.exe.lnk
[2010.07.22 12:19:47 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw
[2010.07.18 09:41:28 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
========== Files Created - No Company Name ==========
[2010.10.09 11:57:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.10.09 11:57:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.10.09 11:52:30 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.10.09 11:52:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.10.09 11:52:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.10.09 11:52:30 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.10.09 11:52:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.10.09 11:31:29 | 003,876,009 | R--- | C] () -- C:\Documents and Settings\J.H\Plocha\ComboFix.exe
[2010.10.09 10:48:36 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.08 23:02:51 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.10.05 14:18:27 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.01 22:44:57 | 003,169,381 | ---- | C] () -- C:\WINDOWS\System32\QRIALYCPQ
[2010.10.01 10:02:13 | 014,008,896 | ---- | C] () -- C:\WINDOWS\System32\LLSPJ
[2010.09.23 00:02:22 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\Šetření.doc
[2010.09.20 00:54:48 | 000,311,123 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\opel-Corsa-15-TD-rv-1996-spotreba-4-5-L-.mht
[2010.09.20 00:03:39 | 000,275,791 | ---- | C] () -- C:\Documents and Settings\J.H\Dokumenty\Prodam-VW-Golf-II-16-TD.mht
[2010.08.30 10:29:13 | 000,000,379 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\ELEKTRO 40.lnk
[2010.07.22 18:55:25 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Acrobat 8 Professional.lnk
[2010.07.22 12:45:08 | 000,000,260 | ---- | C] () -- C:\WINDOWS\System32\FSEPath.dat
[2010.07.22 12:07:54 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Global.sw
[2010.07.22 11:24:18 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\Zástupce - Crypto.exe.lnk
[2010.02.06 11:21:47 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.06 11:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.03 18:02:00 | 009,756,912 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_6
[2010.02.03 18:00:51 | 009,631,260 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_5
[2010.02.03 18:00:47 | 011,571,936 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_4
[2010.02.03 18:00:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_3
[2010.01.03 09:00:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009.08.30 12:35:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2009.08.01 09:49:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2009.07.31 21:35:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.28 21:49:16 | 000,002,615 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2009.05.28 21:03:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FS.INI
[2009.05.28 20:52:14 | 000,006,736 | ---- | C] () -- C:\WINDOWS\coolcust.ini
[2009.05.28 20:52:13 | 000,003,467 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2009.04.24 19:44:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.24 19:44:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.24 19:44:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.24 19:44:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.22 16:50:55 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll
[2009.04.22 16:50:55 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll
[2009.04.22 16:50:55 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll
[2009.04.22 16:50:54 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll
[2009.04.22 16:50:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll
[2009.02.28 16:45:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msxfcg32.dll
[2009.02.19 00:12:51 | 000,000,281 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.12.05 14:19:52 | 000,001,197 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008.10.25 23:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.10.25 19:15:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2008.10.18 02:22:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.17 19:00:47 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2008.10.14 20:04:45 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.10.14 20:04:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.10.14 20:04:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.10.14 20:04:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.10.14 20:02:59 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.14 20:02:11 | 000,002,807 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.10.14 19:58:07 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.10.14 19:57:51 | 000,005,338 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.10.14 19:57:18 | 000,003,594 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.10.10 22:55:30 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.02 23:20:16 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.10.02 22:13:51 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.02 22:13:50 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.10.02 19:47:04 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.02 00:40:45 | 000,030,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2008.10.01 20:44:25 | 000,002,333 | ---- | C] () -- C:\WINDOWS\vista32d.ini
[2008.10.01 20:31:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2008.10.01 20:26:09 | 000,003,948 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2008.10.01 20:26:09 | 000,000,189 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.10.01 20:26:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2008.10.01 20:26:05 | 000,047,616 | ---- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2008.10.01 20:26:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2008.10.01 20:26:02 | 000,199,696 | ---- | C] () -- C:\WINDOWS\p1220_16.dll
[2008.10.01 20:26:02 | 000,140,320 | ---- | C] () -- C:\WINDOWS\p1220_32.dll
[2008.10.01 20:26:02 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2008.10.01 20:08:48 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2008.10.01 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.10.01 13:24:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.10.01 13:13:10 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.10.01 13:13:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.10.09 10:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 02:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2008.11.14 21:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avg7
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
[2008.10.22 23:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2009.12.30 00:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.30 00:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2008.10.02 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.12.29 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.12.30 00:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.28 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.10.01 10:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RFA_Backups
[2010.10.08 02:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.14 02:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2008.12.12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Record Edit Toolbox Pro
[2008.12.12 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Recorder for Free
[2010.07.10 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\GetRightToGo
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Global Graphics
[2009.01.04 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\gtopala
[2009.03.15 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IEPro
[2010.10.05 14:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.02.03 18:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\jaws
[2010.08.18 22:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2009.03.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\MiniDm
[2009.12.30 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Nokia
[2009.04.18 19:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OfficeUpdate12
[2009.04.23 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OpenCandy
[2008.10.02 22:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\PC Suite
[2010.10.08 02:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.06.17 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ProfiCAD
[2008.12.15 10:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Softplicity
[2010.10.02 00:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Uniblue
[2010.10.08 02:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2009.04.23 08:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\WinCare2009
[2009.10.13 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Desktop Search
[2009.10.13 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Search
[2009.09.08 13:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ZIP RAR ACE Password Recovery
[2010.10.09 20:46:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2120.02.04 01:01:46 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2008.10.01 12:24:32 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010.10.08 02:50:45 | 000,001,602 | ---- | M] () -- C:\avenger.txt
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 20:30:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2008.04.14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2009.02.22 10:42:34 | 000,152,978 | ---- | M] () -- C:\cc_20090222_093849.reg
[2004.08.03 23:00:04 | 000,261,312 | RHS- | M] () -- C:\cmldr
[2008.10.01 12:24:32 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008.10.02 21:24:15 | 000,043,418 | ---- | M] () -- C:\DxDiag.txt
[2008.10.01 12:24:32 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008.10.01 12:24:32 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.04.14 14:00:00 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2010.10.09 20:31:40 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2009.10.21 00:09:40 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2010.02.11 14:06:20 | 000,000,129 | ---- | M] () -- C:\Zástupce - Jednotka CD-ROM.lnk
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.10.01 14:11:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.10.01 14:11:05 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.10.01 14:11:05 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 61 bytes -> C:\WINDOWS\WindowsUpdate.log:MX-3.DynamicLogViewer.Properties
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E
< End of report >
Další log Extras v další zprávě.
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Nevím zda jsem neudělal chybu když jsem před těmito dvěma posledními logy restartoval abych zrušil spuštění Defenderu.
Log Extras:
OTL Extras logfile created on: 9.10.2010 20:44:21 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 623,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 15,96 Gb Free Space | 47,63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,36 Gb Free Space | 32,57% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 306,96 Gb Free Space | 65,91% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office\WINWORD.EXE" = C:\Program Files\Microsoft Office\Office\WINWORD.EXE:*:Enabled:Microsoft Word for Windows -- (Microsoft Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0+ (r404)
"{04302E9D-9EF9-70AC-BB4B-F38C6BC87F47}" = Catalyst Control Center Localization Thai
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{088C9BEE-CB92-5879-5E38-174426D1F8E6}" = ccc-core-preinstall
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08EA9064-A050-F2D3-83B8-737C84F8152E}" = CCC Help German
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0A945AEB-A020-25CF-DA17-A1CA45DD87E9}" = CCC Help Turkish
"{0D5C7E1D-2B24-0776-7B07-B568B802DABD}" = Catalyst Control Center Localization Italian
"{10B23720-AB24-D8B0-F881-27C85243A1F5}" = CCC Help Korean
"{1393E8E4-FD21-64A1-29EC-46BDEAB2B998}" = CCC Help Italian
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1ABBBA20-D31A-A4B6-0BBA-D05D68FF4F1A}" = CCC Help Greek
"{1D44C5C7-FCB6-8732-A960-3E3486661B02}" = Catalyst Control Center Graphics Full Existing
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205D6B09-C479-76A2-B2BD-9F0FDD5BFF41}" = CCC Help Danish
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{212B3742-5B29-B7C3-3973-69EE036E574E}" = Catalyst Control Center Graphics Previews Common
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23430AE3-6FFF-47CF-B7E7-1552FC61DF39}" = Philips Flat Panel Adjust
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2DBB8878-9A6C-D992-E9A1-F83B8B110CCF}" = ccc-core-static
"{2EF8D8C2-1257-C7DE-228E-79F9D495A645}" = CCC Help Finnish
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35279851-031F-67BB-FAF0-D75783BDE296}" = Catalyst Control Center Localization Japanese
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C88E9D6-F1AC-E9DE-958D-8E6C75028CBD}" = CCC Help Hungarian
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{4401D988-F166-0939-EED9-10D054AD021F}" = Catalyst Control Center Localization Spanish
"{48F95CE7-69D9-4967-81F7-D763CABFBD53}" = Debugging Tools for Windows (x86)
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}" = PC Connectivity Solution
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{543DFD2B-7DAD-67BC-4D6A-EB5A114DCD96}" = Catalyst Control Center Localization Danish
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E6AC92-E270-5FA1-22AC-A43650098986}" = Skins
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57CDA1B9-ED35-4382-AA87-C55A87676E65}_is1" = Fortop FLV Player 1.1
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{63F0042F-1EF8-91AF-6117-99CCFE3B0A97}" = CCC Help Swedish
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691514DF-190C-5762-7BD7-6ED620BE5645}" = Catalyst Control Center Localization Greek
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6CDD245C-6DE4-7E95-FBA8-E85DCFB1D6EF}" = Catalyst Control Center Localization Polish
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FDD0A02-A328-BEF2-E2B4-A62965620D09}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79D342F5-FAB1-A1D4-9F89-FE2FE3C07955}" = Catalyst Control Center Localization Dutch
"{7F68B2EA-2344-08EE-38A7-ABC056A269D4}" = CCC Help Norwegian
"{7F83EA69-6063-6FB4-73A8-F8CB51FD0290}" = Catalyst Control Center Localization Russian
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87830D90-51A8-2B7A-EFA4-A5A7A1B15158}" = Catalyst Control Center Localization Hungarian
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F41BFFC-3692-A4CB-AD35-892B636CFCC4}" = Catalyst Control Center Localization Finnish
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{902F251A-1069-4A64-ABB9-DFBB96E8F759}_is1" = Spotmau
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{9462A6D5-63C3-4B7C-399E-B2EBE24F0E0B}" = Catalyst Control Center Localization Turkish
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{971EB438-C938-BD97-7AE7-CB0164E8E2E6}" = Catalyst Control Center Localization Chinese Standard
"{97ECD9CC-E6EC-996C-03B9-6B44CF2AEFA7}" = Catalyst Control Center Localization Chinese Traditional
"{989EC86B-6D10-F330-54C6-352322D8D077}" = Catalyst Control Center Core Implementation
"{98F394A4-DC7F-1156-DBD6-3220390AAAAA}" = CCC Help Japanese
"{9BD91669-25C9-43CD-9367-BF60591B837B}" = Camedia Master 4.3
"{9C393B11-DA28-6DE2-EBE5-CAE49E318A30}" = Catalyst Control Center Localization French
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D6F0D1D-A84E-BF17-427D-B94D50B0B66B}" = Catalyst Control Center Localization Swedish
"{9DF0D039-BAD2-254D-F54D-99537E86115B}" = CCC Help English
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A0D7E29C-AA8A-AA7B-2C68-CC48BCA959DE}" = CCC Help Portuguese
"{A1E345E8-C3EA-F1BC-1F56-9E79C575E2F8}" = CCC Help Chinese Traditional
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A9F265E1-7804-FEE2-0A91-29BFB6CC9D1C}" = CCC Help Thai
"{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 8.0 Professional Edition
"{AC1635BC-63CC-DF13-63BD-3C11B78EC40C}" = Catalyst Control Center Graphics Light
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B8035D53-49FB-D8D1-1604-7CD016FE81B5}" = Catalyst Control Center Graphics Full New
"{BD0717EA-2250-D620-5E9A-7A8DECAEDA4C}" = Catalyst Control Center Localization Portuguese
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BE2261A7-99D8-9D26-2E89-3333F19B628F}" = CCC Help Russian
"{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}" = Canon PhotoRecord
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C496A527-08DE-A72F-1F7A-2A21C3ABDB93}" = CCC Help Dutch
"{C8B96335-B514-C65E-42AF-8774D48CEEA9}" = Catalyst Control Center Localization Czech
"{CA509945-C95E-6959-15CB-3C5BF15314F7}" = Catalyst Control Center Localization German
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3B2A44C-C17A-9112-059E-39A7163B7177}" = CCC Help Chinese Standard
"{D91E5373-8D42-9182-01D5-C7C5758DF4D3}" = Catalyst Control Center Localization Korean
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD4C0A88-E905-44CC-A558-5BBE656DEDC8}" = Altiris Philips SmartManage Agent
"{DFEA96E2-7089-A1BD-735F-5BF1F35B8453}" = CCC Help Spanish
"{E264076A-B44D-887B-F3B9-046D86901B52}" = CCC Help French
"{E41690B5-80BD-D86B-45C3-96C6465C384B}" = CCC Help Polish
"{ECDCD820-4223-0D22-478C-F7BCC9609446}" = CCC Help Czech
"{ECF5E8ED-69DB-A493-03C5-288FA3D10D35}" = Catalyst Control Center Localization Norwegian
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.4 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_824" = Adobe Acrobat 8.2.4 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"Audio Recorder for Free" = Audio Recorder for Free
"avast5" = avast! Free Antivirus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANONBJ_Deinstall_CNMCP5m.DLL" = Canon i865
"CCleaner" = CCleaner (remove only)
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Balíček ovladače systému Windows - Nokia Modem (05/24/2007 6.84.0.1)
"CSCLIB" = Canon Camera Support Core Library
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"FreshDevices - FreshView_is1" = FreshView
"GraphTablet_is1" = GraphTablet 4.05
"GSpot" = GSpot Codec Information Appliance
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"jetMailMonitor 6.2x Czech Language Pack" = jetMailMonitor 6.2x Czech Language Pack
"Jízdní řády - ProgramTT" = Jízdní řády - Prohlížeč jízdních řádů
"Jízdní řády - Vlaky 2008/2009" = Jízdní řády - Vlaky 2008/2009
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Full)
"MagicTracer 2.0" = MagicTracer 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NeoPaint for Windows" = NeoPaint for Windows
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = Nero Digital
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Paint Shop Pro 6.0" = Paint Shop Pro 6.0 (ESD)
"PC Translator" = PC Translator
"PowerISO" = PowerISO
"ProfiCAD" = ProfiCAD
"ProfiCAD_is1" = ProfiCAD
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Registry First Aid_is1" = Registry First Aid
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SereneScreen Marine Aquarium Time_is1" = SereneScreen Marine Aquarium Time
"SuDoku_is1" = SuDoku v.1.8.1
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Unlocker" = Unlocker 1.8.7
"Vector Magic" = Vector Magic
"VLC media player" = VLC media player 1.0.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{435CD4CB-C686-49EB-96D4-A658F5EF99CF}" = jetMailMonitor
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1.10.2010 3:46:10 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: Systém nemůže nalézt uvedený soubor.
(0x80070002)
Error - 1.10.2010 3:46:12 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)
Error - 1.10.2010 3:46:12 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application
Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)
Error - 1.10.2010 4:32:36 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: Systém nemůže nalézt uvedený soubor.
(0x80070002)
Error - 1.10.2010 4:32:37 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)
Error - 1.10.2010 4:32:37 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application
Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)
Error - 2.10.2010 16:06:02 | Computer Name = B60A6B1D7C3F4DD | Source = Application Error | ID = 1000
Description = Chybující aplikace upm.exe, verze 4.1.0.3, chybující modul msvbvm60.dll,
verze 6.0.98.2, adresa chyby 0x000d9f54.
Error - 5.10.2010 11:48:15 | Computer Name = B60A6B1D7C3F4DD | Source = Application Error | ID = 1000
Description = Chybující aplikace teatimer.exe, verze 1.6.6.32, chybující modul teatimer.exe,
verze 1.6.6.32, adresa chyby 0x0006e66e.
Error - 9.10.2010 14:24:59 | Computer Name = B60A6B1D7C3F4DD | Source = WinDefendRtp | ID = 3003
Description = Kontrolní bod ochrany v reálném čase programu %%827 zjistil chybu
a nepodařilo se jej spustit. Uživatel: B60A6B1D7C3F4DD\J.H Kontrolní bod: 1 Kód chyby:
0x80070005 Popis chyby: Přístup byl odepřen.
Error - 9.10.2010 14:24:59 | Computer Name = B60A6B1D7C3F4DD | Source = WinDefendRtp | ID = 3003
Description = Kontrolní bod ochrany v reálném čase programu %%827 zjistil chybu
a nepodařilo se jej spustit. Uživatel: B60A6B1D7C3F4DD\J.H Kontrolní bod: 1 Kód chyby:
0x8000ffff Popis chyby: Katastrofální selhání
[ System Events ]
Error - 15.2.2010 16:39:21 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:21 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:21 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:29 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:30 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:32 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:06 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:06 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:07 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:15 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
< End of report >
Log Extras:
OTL Extras logfile created on: 9.10.2010 20:44:21 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 623,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 15,96 Gb Free Space | 47,63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,36 Gb Free Space | 32,57% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 306,96 Gb Free Space | 65,91% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office\WINWORD.EXE" = C:\Program Files\Microsoft Office\Office\WINWORD.EXE:*:Enabled:Microsoft Word for Windows -- (Microsoft Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0+ (r404)
"{04302E9D-9EF9-70AC-BB4B-F38C6BC87F47}" = Catalyst Control Center Localization Thai
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{088C9BEE-CB92-5879-5E38-174426D1F8E6}" = ccc-core-preinstall
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08EA9064-A050-F2D3-83B8-737C84F8152E}" = CCC Help German
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0A945AEB-A020-25CF-DA17-A1CA45DD87E9}" = CCC Help Turkish
"{0D5C7E1D-2B24-0776-7B07-B568B802DABD}" = Catalyst Control Center Localization Italian
"{10B23720-AB24-D8B0-F881-27C85243A1F5}" = CCC Help Korean
"{1393E8E4-FD21-64A1-29EC-46BDEAB2B998}" = CCC Help Italian
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1ABBBA20-D31A-A4B6-0BBA-D05D68FF4F1A}" = CCC Help Greek
"{1D44C5C7-FCB6-8732-A960-3E3486661B02}" = Catalyst Control Center Graphics Full Existing
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205D6B09-C479-76A2-B2BD-9F0FDD5BFF41}" = CCC Help Danish
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{212B3742-5B29-B7C3-3973-69EE036E574E}" = Catalyst Control Center Graphics Previews Common
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23430AE3-6FFF-47CF-B7E7-1552FC61DF39}" = Philips Flat Panel Adjust
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2DBB8878-9A6C-D992-E9A1-F83B8B110CCF}" = ccc-core-static
"{2EF8D8C2-1257-C7DE-228E-79F9D495A645}" = CCC Help Finnish
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35279851-031F-67BB-FAF0-D75783BDE296}" = Catalyst Control Center Localization Japanese
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C88E9D6-F1AC-E9DE-958D-8E6C75028CBD}" = CCC Help Hungarian
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{4401D988-F166-0939-EED9-10D054AD021F}" = Catalyst Control Center Localization Spanish
"{48F95CE7-69D9-4967-81F7-D763CABFBD53}" = Debugging Tools for Windows (x86)
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}" = PC Connectivity Solution
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{543DFD2B-7DAD-67BC-4D6A-EB5A114DCD96}" = Catalyst Control Center Localization Danish
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E6AC92-E270-5FA1-22AC-A43650098986}" = Skins
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57CDA1B9-ED35-4382-AA87-C55A87676E65}_is1" = Fortop FLV Player 1.1
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{63F0042F-1EF8-91AF-6117-99CCFE3B0A97}" = CCC Help Swedish
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{691514DF-190C-5762-7BD7-6ED620BE5645}" = Catalyst Control Center Localization Greek
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6CDD245C-6DE4-7E95-FBA8-E85DCFB1D6EF}" = Catalyst Control Center Localization Polish
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FDD0A02-A328-BEF2-E2B4-A62965620D09}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79D342F5-FAB1-A1D4-9F89-FE2FE3C07955}" = Catalyst Control Center Localization Dutch
"{7F68B2EA-2344-08EE-38A7-ABC056A269D4}" = CCC Help Norwegian
"{7F83EA69-6063-6FB4-73A8-F8CB51FD0290}" = Catalyst Control Center Localization Russian
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87830D90-51A8-2B7A-EFA4-A5A7A1B15158}" = Catalyst Control Center Localization Hungarian
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F41BFFC-3692-A4CB-AD35-892B636CFCC4}" = Catalyst Control Center Localization Finnish
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{902F251A-1069-4A64-ABB9-DFBB96E8F759}_is1" = Spotmau
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{9462A6D5-63C3-4B7C-399E-B2EBE24F0E0B}" = Catalyst Control Center Localization Turkish
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{971EB438-C938-BD97-7AE7-CB0164E8E2E6}" = Catalyst Control Center Localization Chinese Standard
"{97ECD9CC-E6EC-996C-03B9-6B44CF2AEFA7}" = Catalyst Control Center Localization Chinese Traditional
"{989EC86B-6D10-F330-54C6-352322D8D077}" = Catalyst Control Center Core Implementation
"{98F394A4-DC7F-1156-DBD6-3220390AAAAA}" = CCC Help Japanese
"{9BD91669-25C9-43CD-9367-BF60591B837B}" = Camedia Master 4.3
"{9C393B11-DA28-6DE2-EBE5-CAE49E318A30}" = Catalyst Control Center Localization French
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D6F0D1D-A84E-BF17-427D-B94D50B0B66B}" = Catalyst Control Center Localization Swedish
"{9DF0D039-BAD2-254D-F54D-99537E86115B}" = CCC Help English
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A0D7E29C-AA8A-AA7B-2C68-CC48BCA959DE}" = CCC Help Portuguese
"{A1E345E8-C3EA-F1BC-1F56-9E79C575E2F8}" = CCC Help Chinese Traditional
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A9F265E1-7804-FEE2-0A91-29BFB6CC9D1C}" = CCC Help Thai
"{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 8.0 Professional Edition
"{AC1635BC-63CC-DF13-63BD-3C11B78EC40C}" = Catalyst Control Center Graphics Light
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B8035D53-49FB-D8D1-1604-7CD016FE81B5}" = Catalyst Control Center Graphics Full New
"{BD0717EA-2250-D620-5E9A-7A8DECAEDA4C}" = Catalyst Control Center Localization Portuguese
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BE2261A7-99D8-9D26-2E89-3333F19B628F}" = CCC Help Russian
"{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}" = Canon PhotoRecord
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C496A527-08DE-A72F-1F7A-2A21C3ABDB93}" = CCC Help Dutch
"{C8B96335-B514-C65E-42AF-8774D48CEEA9}" = Catalyst Control Center Localization Czech
"{CA509945-C95E-6959-15CB-3C5BF15314F7}" = Catalyst Control Center Localization German
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3B2A44C-C17A-9112-059E-39A7163B7177}" = CCC Help Chinese Standard
"{D91E5373-8D42-9182-01D5-C7C5758DF4D3}" = Catalyst Control Center Localization Korean
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD4C0A88-E905-44CC-A558-5BBE656DEDC8}" = Altiris Philips SmartManage Agent
"{DFEA96E2-7089-A1BD-735F-5BF1F35B8453}" = CCC Help Spanish
"{E264076A-B44D-887B-F3B9-046D86901B52}" = CCC Help French
"{E41690B5-80BD-D86B-45C3-96C6465C384B}" = CCC Help Polish
"{ECDCD820-4223-0D22-478C-F7BCC9609446}" = CCC Help Czech
"{ECF5E8ED-69DB-A493-03C5-288FA3D10D35}" = Catalyst Control Center Localization Norwegian
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.4 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_824" = Adobe Acrobat 8.2.4 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"Audio Recorder for Free" = Audio Recorder for Free
"avast5" = avast! Free Antivirus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANONBJ_Deinstall_CNMCP5m.DLL" = Canon i865
"CCleaner" = CCleaner (remove only)
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Balíček ovladače systému Windows - Nokia Modem (05/24/2007 6.84.0.1)
"CSCLIB" = Canon Camera Support Core Library
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"FreshDevices - FreshView_is1" = FreshView
"GraphTablet_is1" = GraphTablet 4.05
"GSpot" = GSpot Codec Information Appliance
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"jetMailMonitor 6.2x Czech Language Pack" = jetMailMonitor 6.2x Czech Language Pack
"Jízdní řády - ProgramTT" = Jízdní řády - Prohlížeč jízdních řádů
"Jízdní řády - Vlaky 2008/2009" = Jízdní řády - Vlaky 2008/2009
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.5 (Full)
"MagicTracer 2.0" = MagicTracer 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NeoPaint for Windows" = NeoPaint for Windows
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = Nero Digital
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Paint Shop Pro 6.0" = Paint Shop Pro 6.0 (ESD)
"PC Translator" = PC Translator
"PowerISO" = PowerISO
"ProfiCAD" = ProfiCAD
"ProfiCAD_is1" = ProfiCAD
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Registry First Aid_is1" = Registry First Aid
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SereneScreen Marine Aquarium Time_is1" = SereneScreen Marine Aquarium Time
"SuDoku_is1" = SuDoku v.1.8.1
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Unlocker" = Unlocker 1.8.7
"Vector Magic" = Vector Magic
"VLC media player" = VLC media player 1.0.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{435CD4CB-C686-49EB-96D4-A658F5EF99CF}" = jetMailMonitor
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1.10.2010 3:46:10 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: Systém nemůže nalézt uvedený soubor.
(0x80070002)
Error - 1.10.2010 3:46:12 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)
Error - 1.10.2010 3:46:12 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application
Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)
Error - 1.10.2010 4:32:36 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3038
Description = The gatherer is unable to read the registry DocIdMapFile. Context:
Application, SystemIndex Catalog Details: Systém nemůže nalézt uvedený soubor.
(0x80070002)
Error - 1.10.2010 4:32:37 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3028
Description = The gatherer object cannot be initialized. Context: Windows Application,
SystemIndex Catalog Details: The registry value cannot be read because the configuration
is invalid. Recreate the content index configuration by removing the content index.
(0x80040d03)
Error - 1.10.2010 4:32:37 | Computer Name = B60A6B1D7C3F4DD | Source = Windows Search Service | ID = 3058
Description = The application cannot be initialized. Context: Windows Application
Details:
The
registry value cannot be read because the configuration is invalid. Recreate the
content index configuration by removing the content index. (0x80040d03)
Error - 2.10.2010 16:06:02 | Computer Name = B60A6B1D7C3F4DD | Source = Application Error | ID = 1000
Description = Chybující aplikace upm.exe, verze 4.1.0.3, chybující modul msvbvm60.dll,
verze 6.0.98.2, adresa chyby 0x000d9f54.
Error - 5.10.2010 11:48:15 | Computer Name = B60A6B1D7C3F4DD | Source = Application Error | ID = 1000
Description = Chybující aplikace teatimer.exe, verze 1.6.6.32, chybující modul teatimer.exe,
verze 1.6.6.32, adresa chyby 0x0006e66e.
Error - 9.10.2010 14:24:59 | Computer Name = B60A6B1D7C3F4DD | Source = WinDefendRtp | ID = 3003
Description = Kontrolní bod ochrany v reálném čase programu %%827 zjistil chybu
a nepodařilo se jej spustit. Uživatel: B60A6B1D7C3F4DD\J.H Kontrolní bod: 1 Kód chyby:
0x80070005 Popis chyby: Přístup byl odepřen.
Error - 9.10.2010 14:24:59 | Computer Name = B60A6B1D7C3F4DD | Source = WinDefendRtp | ID = 3003
Description = Kontrolní bod ochrany v reálném čase programu %%827 zjistil chybu
a nepodařilo se jej spustit. Uživatel: B60A6B1D7C3F4DD\J.H Kontrolní bod: 1 Kód chyby:
0x8000ffff Popis chyby: Katastrofální selhání
[ System Events ]
Error - 15.2.2010 16:39:21 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:21 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:21 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:29 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:30 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:39:32 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:06 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:06 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:07 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
Error - 15.2.2010 16:40:15 | Computer Name = B60A6B1D7C3F4DD | Source = Service Control Manager | ID = 7001
Description = Služba Správce vzdáleného přístupu závisí na službě Telefonní subsystém,
která neuspěla při spuštění v důsledku následující chyby: %%1058
< End of report >
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Nevložil jsem doposud odkaz na výsledek ze stránek Virustotalu tak tady je: http://www.virustotal.com/file-scan/rep ... 1286653339
Stav je stále stejný ale po včerejším proběhnutí skenu z ComboFix mi zmizel panel jazyků s přepínáním klávesnic a nereaguje ani na příkaz k obnovení.
Stav je stále stejný ale po včerejším proběhnutí skenu z ComboFix mi zmizel panel jazyků s přepínáním klávesnic a nereaguje ani na příkaz k obnovení.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Zkusil si několikrát restartovat??
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
********************************************************************************************************************************************
Odinstaluj (pokud tam ještě máš):
Avg7
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Znáš tyto složky:
C:\Documents and Settings\J.H\Data aplikací\edltmp_6
C:\Documents and Settings\J.H\Data aplikací\edltmp_5
C:\Documents and Settings\J.H\Data aplikací\edltmp_4
C:\Documents and Settings\J.H\Data aplikací\edltmp_3
?? Co v nich je?
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\Eudcedit.ini
C:\WINDOWS\crywmvtoavi.ini
C:\WINDOWS\msxfcg32.dll
C:\WINDOWS\System32\vchelpex.sys
C:\WINDOWS\UN32P.INI
C:\WINDOWS\vista32d.ini
C:\WINDOWS\ppdrv.ini
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Tuto adresu znáš:
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4 ??
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
********************************************************************************************************************************************
Odinstaluj (pokud tam ještě máš):
Avg7
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys -- (catchme)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\System32\QRIALYCPQ
C:\WINDOWS\System32\LLSPJ
C:\WINDOWS\XXLGSC
C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\All Users\Data aplikací\Avg7
C:\Documents and Settings\All Users\Data aplikací\Grisoft
C:\cc_20090222_093849.reg
C:\RECYCLER\ă.
:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Znáš tyto složky:
C:\Documents and Settings\J.H\Data aplikací\edltmp_6
C:\Documents and Settings\J.H\Data aplikací\edltmp_5
C:\Documents and Settings\J.H\Data aplikací\edltmp_4
C:\Documents and Settings\J.H\Data aplikací\edltmp_3
?? Co v nich je?
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\Eudcedit.ini
C:\WINDOWS\crywmvtoavi.ini
C:\WINDOWS\msxfcg32.dll
C:\WINDOWS\System32\vchelpex.sys
C:\WINDOWS\UN32P.INI
C:\WINDOWS\vista32d.ini
C:\WINDOWS\ppdrv.ini
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Tuto adresu znáš:
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4 ??
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Restart po Combofix jednou ale problém s panelem jazyků je prkotina ten jsem si obnovil z Ovládacích panelů.
AVG jsem odinstalovával před zavedením Awastu. Zbyly zřejmě pozůstatky.
Složky edltmp jsem nemohl prohlédnout protože zmizely a nevím v kterém okamžiku.
Provedl jsem opravu v OTL ale log se mi nevytvořil, protože po rebootu vystartoval Awast s hláškou že zabránil malware. Tak jsem proces opakoval s vypnutým Awastem ale ani pak se log nevytvořil.
Na C: _OTL /moved Files se vytvořily textovky které vkládám:
první:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\MP Scheduled Scan.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\WINDOWS\System32\QRIALYCPQ moved successfully.
C:\WINDOWS\System32\LLSPJ moved successfully.
C:\WINDOWS\XXLGSC moved successfully.
C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Avg7 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Grisoft\Avg7Data folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Grisoft folder moved successfully.
C:\cc_20090222_093849.reg moved successfully.
File\Folder C:\RECYCLER\ă. not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: J.H
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 162813 bytes
->FireFox cache emptied: 43982379 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 641 bytes
User: J~H
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 3536 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 42,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: J.H
->Flash cache emptied: 0 bytes
User: J~H
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.14.1 log created on 10102010_144542
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\usgthrsvc\Perflib_Perfdata_3e0.dat not found!
Registry entries deleted on Reboot...
druhá:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 .
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51 .
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C .
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E .
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\MP Scheduled Scan.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
File\Folder C:\WINDOWS\System32\QRIALYCPQ not found.
File\Folder C:\WINDOWS\System32\LLSPJ not found.
File\Folder C:\WINDOWS\XXLGSC not found.
File\Folder C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\Avg7 not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\Grisoft not found.
File\Folder C:\cc_20090222_093849.reg not found.
File\Folder C:\RECYCLER\ă. not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: J.H
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 3805844 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 562 bytes
User: J~H
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 4,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: J.H
->Flash cache emptied: 0 bytes
User: J~H
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.14.1 log created on 10102010_145417
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\usgthrsvc\Perflib_Perfdata_12c.dat not found!
Registry entries deleted on Reboot...
Odkaz na Eudcedit.ini: http://www.virustotal.com/file-scan/rep ... 1286716629
Odkaz na crywmvtoavi.ini
http://www.virustotal.com/file-scan/rep ... 1286716819
Odkaz na msxfcg.ini:
http://www.virustotal.com/file-scan/rep ... 1286717046
Odkaz na vchelpex.sys:
http://www.virustotal.com/file-scan/rep ... 1286717318
Odkaz na UN32P.ini:
http://www.virustotal.com/file-scan/rep ... 1286717494
Odkaz na wista32d.ini:
http://www.virustotal.com/file-scan/rep ... 1286717638
Odkaz na ppdrv.ini:
http://www.virustotal.com/file-scan/rep ... 1286717791
Udelatko je doplněk do FF pro automatické stahování požadovaného pgm z Rapidshare. Nějakou dobu jí nevyužívám.
Teď jsem zjistil že složky RECYCLER i SYSTEM VOLUME INFORMATION zmizely z C: i F: , datový disk G: jsem před touto operací měl vyjmutý. Tyto složky na něm byly také. Mám ho v rámečku a teď nevím jestli půjde připojit bez rizika?
To že zmizel z C: System Volume Information znamená že zmizely i body obnovení?
Teď se musím na několik hodin vzdálit. Tak se omlouvám.
Vypadá to na úspěch. Děkuji
AVG jsem odinstalovával před zavedením Awastu. Zbyly zřejmě pozůstatky.
Složky edltmp jsem nemohl prohlédnout protože zmizely a nevím v kterém okamžiku.
Provedl jsem opravu v OTL ale log se mi nevytvořil, protože po rebootu vystartoval Awast s hláškou že zabránil malware. Tak jsem proces opakoval s vypnutým Awastem ale ani pak se log nevytvořil.
Na C: _OTL /moved Files se vytvořily textovky které vkládám:
první:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\MP Scheduled Scan.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{E24F360E-1DF8-48F9-B36A-8DDB069198F0}.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\WINDOWS\System32\QRIALYCPQ moved successfully.
C:\WINDOWS\System32\LLSPJ moved successfully.
C:\WINDOWS\XXLGSC moved successfully.
C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Avg7 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Grisoft\Avg7Data folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Grisoft folder moved successfully.
C:\cc_20090222_093849.reg moved successfully.
File\Folder C:\RECYCLER\ă. not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: J.H
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 162813 bytes
->FireFox cache emptied: 43982379 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 641 bytes
User: J~H
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 3536 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 42,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: J.H
->Flash cache emptied: 0 bytes
User: J~H
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.14.1 log created on 10102010_144542
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\usgthrsvc\Perflib_Perfdata_3e0.dat not found!
Registry entries deleted on Reboot...
druhá:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\DOCUME~1\J.H\LOCALS~1\Temp\catchme.sys not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 .
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51 .
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:5D96771C .
Unable to delete ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:24975D5E .
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\MP Scheduled Scan.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
File\Folder C:\WINDOWS\System32\QRIALYCPQ not found.
File\Folder C:\WINDOWS\System32\LLSPJ not found.
File\Folder C:\WINDOWS\XXLGSC not found.
File\Folder C:\Documents and Settings\J.H\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\Avg7 not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\Grisoft not found.
File\Folder C:\cc_20090222_093849.reg not found.
File\Folder C:\RECYCLER\ă. not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: J.H
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 3805844 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 562 bytes
User: J~H
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 4,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: J.H
->Flash cache emptied: 0 bytes
User: J~H
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.14.1 log created on 10102010_145417
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\usgthrsvc\Perflib_Perfdata_12c.dat not found!
Registry entries deleted on Reboot...
Odkaz na Eudcedit.ini: http://www.virustotal.com/file-scan/rep ... 1286716629
Odkaz na crywmvtoavi.ini
http://www.virustotal.com/file-scan/rep ... 1286716819
Odkaz na msxfcg.ini:
http://www.virustotal.com/file-scan/rep ... 1286717046
Odkaz na vchelpex.sys:
http://www.virustotal.com/file-scan/rep ... 1286717318
Odkaz na UN32P.ini:
http://www.virustotal.com/file-scan/rep ... 1286717494
Odkaz na wista32d.ini:
http://www.virustotal.com/file-scan/rep ... 1286717638
Odkaz na ppdrv.ini:
http://www.virustotal.com/file-scan/rep ... 1286717791
Udelatko je doplněk do FF pro automatické stahování požadovaného pgm z Rapidshare. Nějakou dobu jí nevyužívám.
Teď jsem zjistil že složky RECYCLER i SYSTEM VOLUME INFORMATION zmizely z C: i F: , datový disk G: jsem před touto operací měl vyjmutý. Tyto složky na něm byly také. Mám ho v rámečku a teď nevím jestli půjde připojit bez rizika?
To že zmizel z C: System Volume Information znamená že zmizely i body obnovení?
Teď se musím na několik hodin vzdálit. Tak se omlouvám.
Vypadá to na úspěch. Děkuji
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Tak jsem jásal předčasně. Ono se v Exploreru pouze změnilo nastavení pro skryté soubory. Zviditelnil jsem opět skryté soubory a zkusil smazat RECYCLER na F: , takže se bohužel nic nezměnilo a opět jse dostal původní hlášku "..adresář není prázdný.." Ale byl to na chvilku hezký pocit že je to pryč.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Měl si nechat zapojené všechny HDD , měl jsem Ti to napsat...
Ještě jednou ( a nech zapojeny všechny HDD!):
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Ještě jednou ( a nech zapojeny všechny HDD!):
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Tak se stal nějaký zádrhel. Zapnul jsem všechnyd disky a nastavil OTL ale vidím jen OTL.txt
zde:
OTL logfile created on: 10.10.2010 19:51:57 - Run 3
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 544,00 Mb Available Physical Memory | 53,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 21,39 Gb Free Space | 63,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,40 Gb Free Space | 32,68% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 278,95 Gb Free Space | 59,89% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (supersafer) -- C:\WINDOWS\system32\drivers\supersafer.sys (TrueCrypt Foundation)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (xbpublic) -- C:\WINDOWS\System32\drivers\xbpublic.sys (Microsoft Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (usb2vcom) -- C:\WINDOWS\system32\drivers\usb2vcom.sys ()
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (AEXPAM) -- C:\WINDOWS\system32\drivers\aexpamdrv.sys (Philips Consumer Electronics Co.)
DRV - (AIRPLUS) -- C:\WINDOWS\system32\drivers\AIRPLUS.sys (D-Link)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (PPSCAN) -- C:\WINDOWS\System32\drivers\ppscan.sys (Shuttle Technology.)
DRV - (PPCLASS) -- C:\WINDOWS\System32\drivers\ppclass.sys (Silitek Corporation.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.01 18:11:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.29 14:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.10.09 23:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions
[2010.04.28 10:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.08 22:18:01 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2009.09.01 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\udelatko@shabbi.cz
[2009.07.31 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.16 23:55:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.09.16 23:55:11 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.09.16 23:55:12 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.03.12 16:44:02 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.09.16 23:55:17 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.08.13 06:58:22 | 000,095,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.09.16 23:55:21 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.09.16 23:55:21 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.16 23:55:21 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.16 23:55:21 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.16 23:55:21 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.16 23:55:21 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.10.09 20:24:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk = C:\Program Files\JetMailMonitor\JetMM.exe (JetAudio, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 6528132875 (MUWebControl Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.10 14:45:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.10 14:44:18 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 23:44:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Stažené soubory
[2010.10.09 11:57:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.10.09 10:48:35 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.09 10:48:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.09 10:48:35 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.09 10:48:34 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.09 10:48:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.09 10:48:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.09 10:48:33 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.09 10:48:21 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.09 10:48:20 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 23:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.08 21:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\prog
[2010.10.08 02:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\Pmcc
[2010.10.08 02:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.10.08 02:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2010.10.08 01:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.10.03 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
========== Files - Modified Within 30 Days ==========
[2010.10.10 19:50:51 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.10.10 19:35:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.10 19:32:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.10 19:32:05 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.10 19:31:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.10 19:30:15 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\J.H\ntuser.dat
[2010.10.10 19:30:15 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\J.H\ntuser.ini
[2010.10.10 19:30:09 | 010,193,002 | -H-- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\IconCache.db
[2010.10.10 14:44:25 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.10 08:39:07 | 000,002,808 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.10.09 22:21:05 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.10.09 22:21:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.10.09 22:21:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.10.09 20:24:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 10:48:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.09 10:48:34 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.06 15:03:34 | 000,003,594 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.10.06 10:28:14 | 001,035,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 10:28:14 | 000,453,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 10:28:14 | 000,074,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 14:18:27 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.02 22:42:47 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.09.27 13:10:15 | 000,005,338 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.09.17 17:55:34 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Word.lnk
[2010.09.17 17:53:15 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.17 17:53:05 | 001,450,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.17 17:51:18 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
========== Files Created - No Company Name ==========
[2010.10.10 14:58:18 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 22:21:04 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.10.09 11:57:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.10.09 11:57:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.10.09 10:48:36 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.05 14:18:27 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.02.06 11:21:47 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.06 11:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.03 18:02:00 | 009,756,912 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_6
[2010.02.03 18:00:51 | 009,631,260 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_5
[2010.02.03 18:00:47 | 011,571,936 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_4
[2010.02.03 18:00:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_3
[2010.01.03 09:00:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009.08.30 12:35:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2009.08.01 09:49:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2009.07.31 21:35:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.28 21:49:16 | 000,002,615 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2009.05.28 21:03:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FS.INI
[2009.05.28 20:52:14 | 000,006,736 | ---- | C] () -- C:\WINDOWS\coolcust.ini
[2009.05.28 20:52:13 | 000,003,467 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2009.04.24 19:44:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.24 19:44:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.24 19:44:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.24 19:44:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.22 16:50:55 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll
[2009.04.22 16:50:55 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll
[2009.04.22 16:50:55 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll
[2009.04.22 16:50:54 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll
[2009.04.22 16:50:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll
[2009.02.28 16:45:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msxfcg32.dll
[2009.02.19 00:12:51 | 000,000,281 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.12.05 14:19:52 | 000,001,197 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008.10.25 23:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.10.25 19:15:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2008.10.18 02:22:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.17 19:00:47 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2008.10.14 20:04:45 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.10.14 20:04:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.10.14 20:04:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.10.14 20:04:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.10.14 20:02:59 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.14 20:02:11 | 000,002,808 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.10.14 19:58:07 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.10.14 19:57:51 | 000,005,338 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.10.14 19:57:18 | 000,003,594 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.10.02 23:20:16 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.10.02 22:13:51 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.02 22:13:50 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.10.02 19:47:04 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.02 00:40:45 | 000,030,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2008.10.01 20:44:25 | 000,002,333 | ---- | C] () -- C:\WINDOWS\vista32d.ini
[2008.10.01 20:31:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2008.10.01 20:26:09 | 000,003,948 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2008.10.01 20:26:09 | 000,000,189 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.10.01 20:26:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2008.10.01 20:26:05 | 000,047,616 | ---- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2008.10.01 20:26:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2008.10.01 20:26:02 | 000,199,696 | ---- | C] () -- C:\WINDOWS\p1220_16.dll
[2008.10.01 20:26:02 | 000,140,320 | ---- | C] () -- C:\WINDOWS\p1220_32.dll
[2008.10.01 20:26:02 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2008.10.01 20:08:48 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2008.10.01 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.10.01 13:24:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.10.01 13:13:10 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.10.01 13:13:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.10.09 10:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 02:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
[2009.12.30 00:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.30 00:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2008.10.02 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.12.29 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.12.30 00:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.28 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.10.01 10:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RFA_Backups
[2010.10.08 02:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.14 02:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2008.12.12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Record Edit Toolbox Pro
[2008.12.12 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Recorder for Free
[2010.07.10 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\GetRightToGo
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Global Graphics
[2009.01.04 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\gtopala
[2009.03.15 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IEPro
[2010.10.05 14:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.02.03 18:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\jaws
[2010.08.18 22:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2009.03.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\MiniDm
[2009.12.30 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Nokia
[2009.04.18 19:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OfficeUpdate12
[2009.04.23 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OpenCandy
[2008.10.02 22:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\PC Suite
[2010.10.08 02:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.06.17 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ProfiCAD
[2008.12.15 10:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Softplicity
[2010.10.02 00:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Uniblue
[2010.10.08 02:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2009.04.23 08:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\WinCare2009
[2009.10.13 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Desktop Search
[2009.10.13 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Search
[2009.09.08 13:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ZIP RAR ACE Password Recovery
[2010.10.10 19:35:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 61 bytes -> C:\WINDOWS\WindowsUpdate.log:MX-3.DynamicLogViewer.Properties
< End of report >
Soubor Extras.text se také vytvořil na ploše ale nikde ho nevidím. Příkaz "hledat" ho hlásí na ploše ale ani v adresáři který je udán jej nevidím.
Má smysl stáhnout OTL znovu a zkusit? Při prvním použití byly tyto soub. vidět normálně.
zde:
OTL logfile created on: 10.10.2010 19:51:57 - Run 3
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 544,00 Mb Available Physical Memory | 53,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 21,39 Gb Free Space | 63,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,40 Gb Free Space | 32,68% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 278,95 Gb Free Space | 59,89% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (supersafer) -- C:\WINDOWS\system32\drivers\supersafer.sys (TrueCrypt Foundation)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (xbpublic) -- C:\WINDOWS\System32\drivers\xbpublic.sys (Microsoft Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (usb2vcom) -- C:\WINDOWS\system32\drivers\usb2vcom.sys ()
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (AEXPAM) -- C:\WINDOWS\system32\drivers\aexpamdrv.sys (Philips Consumer Electronics Co.)
DRV - (AIRPLUS) -- C:\WINDOWS\system32\drivers\AIRPLUS.sys (D-Link)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (PPSCAN) -- C:\WINDOWS\System32\drivers\ppscan.sys (Shuttle Technology.)
DRV - (PPCLASS) -- C:\WINDOWS\System32\drivers\ppclass.sys (Silitek Corporation.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.01 18:11:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.29 14:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.10.09 23:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions
[2010.04.28 10:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.08 22:18:01 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2009.09.01 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\udelatko@shabbi.cz
[2009.07.31 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.16 23:55:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.09.16 23:55:11 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.09.16 23:55:12 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.03.12 16:44:02 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.09.16 23:55:17 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.08.13 06:58:22 | 000,095,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.09.16 23:55:21 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.09.16 23:55:21 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.16 23:55:21 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.16 23:55:21 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.16 23:55:21 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.16 23:55:21 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.10.09 20:24:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk = C:\Program Files\JetMailMonitor\JetMM.exe (JetAudio, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 6528132875 (MUWebControl Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.10 14:45:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.10 14:44:18 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 23:44:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Stažené soubory
[2010.10.09 11:57:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.10.09 10:48:35 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.09 10:48:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.09 10:48:35 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.09 10:48:34 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.09 10:48:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.09 10:48:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.09 10:48:33 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.09 10:48:21 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.09 10:48:20 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 23:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.08 21:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\prog
[2010.10.08 02:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\Pmcc
[2010.10.08 02:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.10.08 02:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2010.10.08 01:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.10.03 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
========== Files - Modified Within 30 Days ==========
[2010.10.10 19:50:51 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.10.10 19:35:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.10 19:32:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.10 19:32:05 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.10 19:31:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.10 19:30:15 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\J.H\ntuser.dat
[2010.10.10 19:30:15 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\J.H\ntuser.ini
[2010.10.10 19:30:09 | 010,193,002 | -H-- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\IconCache.db
[2010.10.10 14:44:25 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.10 08:39:07 | 000,002,808 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.10.09 22:21:05 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.10.09 22:21:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.10.09 22:21:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.10.09 20:24:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 10:48:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.09 10:48:34 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.06 15:03:34 | 000,003,594 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.10.06 10:28:14 | 001,035,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 10:28:14 | 000,453,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 10:28:14 | 000,074,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 14:18:27 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.02 22:42:47 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.09.27 13:10:15 | 000,005,338 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.09.17 17:55:34 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Word.lnk
[2010.09.17 17:53:15 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.17 17:53:05 | 001,450,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.17 17:51:18 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
========== Files Created - No Company Name ==========
[2010.10.10 14:58:18 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 22:21:04 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.10.09 11:57:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.10.09 11:57:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.10.09 10:48:36 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.05 14:18:27 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.02.06 11:21:47 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.06 11:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.03 18:02:00 | 009,756,912 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_6
[2010.02.03 18:00:51 | 009,631,260 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_5
[2010.02.03 18:00:47 | 011,571,936 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_4
[2010.02.03 18:00:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_3
[2010.01.03 09:00:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009.08.30 12:35:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2009.08.01 09:49:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2009.07.31 21:35:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.28 21:49:16 | 000,002,615 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2009.05.28 21:03:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FS.INI
[2009.05.28 20:52:14 | 000,006,736 | ---- | C] () -- C:\WINDOWS\coolcust.ini
[2009.05.28 20:52:13 | 000,003,467 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2009.04.24 19:44:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.24 19:44:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.24 19:44:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.24 19:44:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.22 16:50:55 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll
[2009.04.22 16:50:55 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll
[2009.04.22 16:50:55 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll
[2009.04.22 16:50:54 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll
[2009.04.22 16:50:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll
[2009.02.28 16:45:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msxfcg32.dll
[2009.02.19 00:12:51 | 000,000,281 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.12.05 14:19:52 | 000,001,197 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008.10.25 23:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.10.25 19:15:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2008.10.18 02:22:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.17 19:00:47 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2008.10.14 20:04:45 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.10.14 20:04:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.10.14 20:04:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.10.14 20:04:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.10.14 20:02:59 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.14 20:02:11 | 000,002,808 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.10.14 19:58:07 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.10.14 19:57:51 | 000,005,338 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.10.14 19:57:18 | 000,003,594 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.10.02 23:20:16 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.10.02 22:13:51 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.02 22:13:50 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.10.02 19:47:04 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.02 00:40:45 | 000,030,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2008.10.01 20:44:25 | 000,002,333 | ---- | C] () -- C:\WINDOWS\vista32d.ini
[2008.10.01 20:31:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2008.10.01 20:26:09 | 000,003,948 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2008.10.01 20:26:09 | 000,000,189 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.10.01 20:26:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2008.10.01 20:26:05 | 000,047,616 | ---- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2008.10.01 20:26:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2008.10.01 20:26:02 | 000,199,696 | ---- | C] () -- C:\WINDOWS\p1220_16.dll
[2008.10.01 20:26:02 | 000,140,320 | ---- | C] () -- C:\WINDOWS\p1220_32.dll
[2008.10.01 20:26:02 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2008.10.01 20:08:48 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2008.10.01 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.10.01 13:24:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.10.01 13:13:10 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.10.01 13:13:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.10.09 10:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 02:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
[2009.12.30 00:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.30 00:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2008.10.02 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.12.29 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.12.30 00:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.28 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.10.01 10:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RFA_Backups
[2010.10.08 02:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.14 02:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2008.12.12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Record Edit Toolbox Pro
[2008.12.12 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Recorder for Free
[2010.07.10 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\GetRightToGo
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Global Graphics
[2009.01.04 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\gtopala
[2009.03.15 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IEPro
[2010.10.05 14:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.02.03 18:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\jaws
[2010.08.18 22:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2009.03.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\MiniDm
[2009.12.30 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Nokia
[2009.04.18 19:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OfficeUpdate12
[2009.04.23 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OpenCandy
[2008.10.02 22:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\PC Suite
[2010.10.08 02:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.06.17 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ProfiCAD
[2008.12.15 10:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Softplicity
[2010.10.02 00:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Uniblue
[2010.10.08 02:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2009.04.23 08:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\WinCare2009
[2009.10.13 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Desktop Search
[2009.10.13 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Search
[2009.09.08 13:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ZIP RAR ACE Password Recovery
[2010.10.10 19:35:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 61 bytes -> C:\WINDOWS\WindowsUpdate.log:MX-3.DynamicLogViewer.Properties
< End of report >
Soubor Extras.text se také vytvořil na ploše ale nikde ho nevidím. Příkaz "hledat" ho hlásí na ploše ale ani v adresáři který je udán jej nevidím.
Má smysl stáhnout OTL znovu a zkusit? Při prvním použití byly tyto soub. vidět normálně.
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Zkusil jsem znovu-výsledek stejný. Vyhledávání ho najde ale má ikonku internetové adresy. Má být na ploše a Příkaz otevřít hlásí že hedaná cesta neexistuje.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
AVP Tool by Kaspersky.
Stáhni AVP Tools
na svojí plochu.
Zaškrtni :
Hidden startup objels
System Memory
Disk boot sectors
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Místní disk F
Místní disk G
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Pokračuj podle instrukcí.Na konci se objeví textový soubor , který si hned ulož (save log) na svojí plochu pod názvem KAS.txt .Poté sem vlož celý obsah toho logu.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18 - Protocol\Handler\msdaipp - No CLSID value found
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
F:\WINDOWS\System32\*.tmp
F:\WINDOWS\*.tmp
F:\*.tmp
G:\WINDOWS\System32\*.tmp
G:\WINDOWS\*.tmp
G:\*.tmp
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
AVP Tool by Kaspersky.
Stáhni AVP Tools
na svojí plochu.
Zaškrtni :
Hidden startup objels
System Memory
Disk boot sectors
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Místní disk F
Místní disk G
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Pokračuj podle instrukcí.Na konci se objeví textový soubor , který si hned ulož (save log) na svojí plochu pod názvem KAS.txt .Poté sem vlož celý obsah toho logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Neviditelné soubory v RECYCLERu na C: ,F: , G:
Provedl jsem podle pokynů:
log z OTL (Extras se opět nevytvořil)
OTL logfile created on: 10.10.2010 21:01:22 - Run 9
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 515,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 21,40 Gb Free Space | 63,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,40 Gb Free Space | 32,68% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 278,95 Gb Free Space | 59,89% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (supersafer) -- C:\WINDOWS\system32\drivers\supersafer.sys (TrueCrypt Foundation)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (xbpublic) -- C:\WINDOWS\System32\drivers\xbpublic.sys (Microsoft Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (usb2vcom) -- C:\WINDOWS\system32\drivers\usb2vcom.sys ()
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (AEXPAM) -- C:\WINDOWS\system32\drivers\aexpamdrv.sys (Philips Consumer Electronics Co.)
DRV - (AIRPLUS) -- C:\WINDOWS\system32\drivers\AIRPLUS.sys (D-Link)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (PPSCAN) -- C:\WINDOWS\System32\drivers\ppscan.sys (Shuttle Technology.)
DRV - (PPCLASS) -- C:\WINDOWS\System32\drivers\ppclass.sys (Silitek Corporation.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.01 18:11:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.29 14:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.10.09 23:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions
[2010.04.28 10:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.08 22:18:01 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2009.09.01 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\udelatko@shabbi.cz
[2009.07.31 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.16 23:55:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.09.16 23:55:11 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.09.16 23:55:12 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.03.12 16:44:02 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.09.16 23:55:17 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.08.13 06:58:22 | 000,095,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.09.16 23:55:21 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.09.16 23:55:21 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.16 23:55:21 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.16 23:55:21 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.16 23:55:21 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.16 23:55:21 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.10.09 20:24:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk = C:\Program Files\JetMailMonitor\JetMM.exe (JetAudio, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 6528132875 (MUWebControl Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.10 14:44:18 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 23:44:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Stažené soubory
[2010.10.09 11:57:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.10.09 10:48:35 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.09 10:48:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.09 10:48:35 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.09 10:48:34 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.09 10:48:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.09 10:48:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.09 10:48:33 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.09 10:48:21 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.09 10:48:20 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 23:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.08 21:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\prog
[2010.10.08 02:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\Pmcc
[2010.10.08 02:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.10.08 02:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2010.10.08 01:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.10.03 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
========== Files - Modified Within 30 Days ==========
[2010.10.10 21:00:22 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.10.10 20:50:06 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.10 20:47:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.10 20:47:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.10 20:46:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.10 20:46:13 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\J.H\ntuser.dat
[2010.10.10 20:46:13 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\J.H\ntuser.ini
[2010.10.10 20:46:07 | 010,194,064 | -H-- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\IconCache.db
[2010.10.10 20:24:38 | 000,002,808 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.10.10 20:17:15 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 22:21:05 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.10.09 22:21:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.10.09 22:21:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.10.09 20:24:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 10:48:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.09 10:48:34 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.06 15:03:34 | 000,003,594 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.10.06 10:28:14 | 001,035,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 10:28:14 | 000,453,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 10:28:14 | 000,074,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 14:18:27 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.02 22:42:47 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.09.27 13:10:15 | 000,005,338 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.09.17 17:55:34 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Word.lnk
[2010.09.17 17:53:15 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.17 17:53:05 | 001,450,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.17 17:51:18 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
========== Files Created - No Company Name ==========
[2010.10.10 14:58:18 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 22:21:04 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.10.09 11:57:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.10.09 11:57:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.10.09 10:48:36 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.05 14:18:27 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.02.06 11:21:47 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.06 11:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.03 18:02:00 | 009,756,912 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_6
[2010.02.03 18:00:51 | 009,631,260 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_5
[2010.02.03 18:00:47 | 011,571,936 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_4
[2010.02.03 18:00:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_3
[2010.01.03 09:00:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009.08.30 12:35:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2009.08.01 09:49:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2009.07.31 21:35:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.28 21:49:16 | 000,002,615 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2009.05.28 21:03:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FS.INI
[2009.05.28 20:52:14 | 000,006,736 | ---- | C] () -- C:\WINDOWS\coolcust.ini
[2009.05.28 20:52:13 | 000,003,467 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2009.04.24 19:44:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.24 19:44:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.24 19:44:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.24 19:44:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.22 16:50:55 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll
[2009.04.22 16:50:55 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll
[2009.04.22 16:50:55 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll
[2009.04.22 16:50:54 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll
[2009.04.22 16:50:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll
[2009.02.28 16:45:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msxfcg32.dll
[2009.02.19 00:12:51 | 000,000,281 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.12.05 14:19:52 | 000,001,197 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008.10.25 23:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.10.25 19:15:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2008.10.18 02:22:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.17 19:00:47 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2008.10.14 20:04:45 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.10.14 20:04:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.10.14 20:04:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.10.14 20:04:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.10.14 20:02:59 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.14 20:02:11 | 000,002,808 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.10.14 19:58:07 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.10.14 19:57:51 | 000,005,338 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.10.14 19:57:18 | 000,003,594 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.10.02 23:20:16 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.10.02 22:13:51 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.02 22:13:50 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.10.02 19:47:04 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.02 00:40:45 | 000,030,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2008.10.01 20:44:25 | 000,002,333 | ---- | C] () -- C:\WINDOWS\vista32d.ini
[2008.10.01 20:31:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2008.10.01 20:26:09 | 000,003,948 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2008.10.01 20:26:09 | 000,000,189 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.10.01 20:26:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2008.10.01 20:26:05 | 000,047,616 | ---- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2008.10.01 20:26:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2008.10.01 20:26:02 | 000,199,696 | ---- | C] () -- C:\WINDOWS\p1220_16.dll
[2008.10.01 20:26:02 | 000,140,320 | ---- | C] () -- C:\WINDOWS\p1220_32.dll
[2008.10.01 20:26:02 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2008.10.01 20:08:48 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2008.10.01 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.10.01 13:24:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.10.01 13:13:10 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.10.01 13:13:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.10.09 10:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 02:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
[2009.12.30 00:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.30 00:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2008.10.02 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.12.29 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.12.30 00:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.28 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.10.01 10:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RFA_Backups
[2010.10.08 02:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.14 02:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2008.12.12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Record Edit Toolbox Pro
[2008.12.12 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Recorder for Free
[2010.07.10 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\GetRightToGo
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Global Graphics
[2009.01.04 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\gtopala
[2009.03.15 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IEPro
[2010.10.05 14:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.02.03 18:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\jaws
[2010.08.18 22:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2009.03.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\MiniDm
[2009.12.30 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Nokia
[2009.04.18 19:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OfficeUpdate12
[2009.04.23 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OpenCandy
[2008.10.02 22:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\PC Suite
[2010.10.08 02:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.06.17 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ProfiCAD
[2008.12.15 10:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Softplicity
[2010.10.02 00:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Uniblue
[2010.10.08 02:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2009.04.23 08:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\WinCare2009
[2009.10.13 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Desktop Search
[2009.10.13 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Search
[2009.09.08 13:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ZIP RAR ACE Password Recovery
[2010.10.10 20:50:06 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 61 bytes -> C:\WINDOWS\WindowsUpdate.log:MX-3.DynamicLogViewer.Properties
< End of report >
log z OTL (Extras se opět nevytvořil)
OTL logfile created on: 10.10.2010 21:01:22 - Run 9
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\J.H\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 515,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33,51 Gb Total Space | 21,40 Gb Free Space | 63,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 41,01 Gb Total Space | 13,40 Gb Free Space | 32,68% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 278,95 Gb Free Space | 59,89% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: B60A6B1D7C3F4DD
Current User Name: J.H
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\J.H\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (supersafer) -- C:\WINDOWS\system32\drivers\supersafer.sys (TrueCrypt Foundation)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (xbpublic) -- C:\WINDOWS\System32\drivers\xbpublic.sys (Microsoft Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (usb2vcom) -- C:\WINDOWS\system32\drivers\usb2vcom.sys ()
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (AEXPAM) -- C:\WINDOWS\system32\drivers\aexpamdrv.sys (Philips Consumer Electronics Co.)
DRV - (AIRPLUS) -- C:\WINDOWS\system32\drivers\AIRPLUS.sys (D-Link)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (PPSCAN) -- C:\WINDOWS\System32\drivers\ppscan.sys (Shuttle Technology.)
DRV - (PPCLASS) -- C:\WINDOWS\System32\drivers\ppclass.sys (Silitek Corporation.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: udelatko@shabbi.cz:2.8.4
FF - prefs.js..extensions.enabledItems: {f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}:5.6.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.01 18:11:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.29 14:20:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 23:55:28 | 000,000,000 | ---D | M]
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions
[2009.01.09 19:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.10.09 23:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions
[2010.04.28 10:32:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.08 22:18:01 | 000,000,000 | ---D | M] (UnMHT) -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}
[2009.09.01 21:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Mozilla\Firefox\Profiles\4ynfxv4y.default\extensions\udelatko@shabbi.cz
[2009.07.31 10:40:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.16 23:55:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.09.16 23:55:11 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.09.16 23:55:12 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.03.12 16:44:02 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.09.16 23:55:17 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.08.13 06:58:22 | 000,095,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.06.04 17:29:23 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.09.16 23:55:21 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.09.16 23:55:21 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.16 23:55:21 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.16 23:55:21 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.16 23:55:21 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.16 23:55:21 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.10.09 20:24:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk = C:\Program Files\JetMailMonitor\JetMM.exe (JetAudio, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 6528132875 (MUWebControl Class)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdat ... /opuc4.cab (Office Update Installation Engine)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J.H\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.10 14:44:18 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 23:44:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\Stažené soubory
[2010.10.09 11:57:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.10.09 10:48:35 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.10.09 10:48:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.10.09 10:48:35 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.10.09 10:48:34 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.10.09 10:48:33 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.10.09 10:48:33 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.10.09 10:48:33 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.10.09 10:48:21 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.10.09 10:48:20 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.10.09 10:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 23:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.10.08 21:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Dokumenty\prog
[2010.10.08 02:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\Pmcc
[2010.10.08 02:56:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.10.08 02:00:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2010.10.08 01:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.10.05 14:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.10.03 20:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
========== Files - Modified Within 30 Days ==========
[2010.10.10 21:00:22 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.10.10 20:50:06 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.10 20:47:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.10 20:47:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.10 20:46:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.10 20:46:13 | 015,990,784 | ---- | M] () -- C:\Documents and Settings\J.H\ntuser.dat
[2010.10.10 20:46:13 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\J.H\ntuser.ini
[2010.10.10 20:46:07 | 010,194,064 | -H-- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\IconCache.db
[2010.10.10 20:24:38 | 000,002,808 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.10.10 20:17:15 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J.H\Plocha\OTL.exe
[2010.10.09 22:21:05 | 000,000,587 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.10.09 22:21:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.10.09 22:21:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.10.09 20:24:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.09 11:47:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.10.09 10:48:36 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.09 10:48:34 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.10.06 15:03:34 | 000,003,594 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.10.06 10:28:14 | 001,035,902 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 10:28:14 | 000,453,400 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 10:28:14 | 000,074,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 14:18:27 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.10.02 22:42:47 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.09.27 13:10:15 | 000,005,338 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.09.17 17:55:34 | 000,002,539 | ---- | M] () -- C:\Documents and Settings\J.H\Plocha\Word.lnk
[2010.09.17 17:53:15 | 000,032,320 | ---- | M] () -- C:\Documents and Settings\J.H\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.09.17 17:53:05 | 001,450,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.17 17:51:18 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
========== Files Created - No Company Name ==========
[2010.10.10 14:58:18 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.10.09 22:21:04 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\J.H\Nabídka Start\Programy\Po spuštění\jetMailMonitor.lnk
[2010.10.09 11:57:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.10.09 11:57:35 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.10.09 10:48:36 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.10.05 14:18:27 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Advanced SystemCare.lnk
[2010.10.03 20:16:49 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\J.H\Plocha\SD.lnk
[2010.02.06 11:21:47 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.06 11:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.03 18:02:00 | 009,756,912 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_6
[2010.02.03 18:00:51 | 009,631,260 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_5
[2010.02.03 18:00:47 | 011,571,936 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_4
[2010.02.03 18:00:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J.H\Data aplikací\edltmp_3
[2010.01.03 09:00:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2009.08.30 12:35:28 | 000,000,221 | ---- | C] () -- C:\WINDOWS\SOFTEK.INI
[2009.08.01 09:49:27 | 000,000,055 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2009.07.31 21:35:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.28 21:49:16 | 000,002,615 | ---- | C] () -- C:\WINDOWS\xnview.ini
[2009.05.28 21:03:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FS.INI
[2009.05.28 20:52:14 | 000,006,736 | ---- | C] () -- C:\WINDOWS\coolcust.ini
[2009.05.28 20:52:13 | 000,003,467 | ---- | C] () -- C:\WINDOWS\COOL.INI
[2009.04.24 19:44:28 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.24 19:44:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.04.24 19:44:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.04.24 19:44:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.22 16:50:55 | 002,771,968 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_core_vc_custom.dll
[2009.04.22 16:50:55 | 000,681,472 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_adv_vc_custom.dll
[2009.04.22 16:50:55 | 000,470,528 | ---- | C] () -- C:\WINDOWS\System32\wxmsw28u_html_vc_custom.dll
[2009.04.22 16:50:54 | 001,163,776 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_vc_custom.dll
[2009.04.22 16:50:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\wxbase28u_xml_vc_custom.dll
[2009.02.28 16:45:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msxfcg32.dll
[2009.02.19 00:12:51 | 000,000,281 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.12.05 14:19:52 | 000,001,197 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008.10.25 23:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.10.25 19:15:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll
[2008.10.18 02:22:11 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.17 19:00:47 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2008.10.14 20:04:45 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.10.14 20:04:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.10.14 20:04:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.10.14 20:04:26 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.10.14 20:02:59 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.14 20:02:11 | 000,002,808 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.10.14 19:58:07 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.10.14 19:57:51 | 000,005,338 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.10.14 19:57:18 | 000,003,594 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.10.02 23:20:16 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.10.02 22:13:51 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.02 22:13:50 | 000,000,122 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008.10.02 19:47:04 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.10.02 00:40:45 | 000,030,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb2vcom.sys
[2008.10.01 20:44:25 | 000,002,333 | ---- | C] () -- C:\WINDOWS\vista32d.ini
[2008.10.01 20:31:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2008.10.01 20:26:09 | 000,003,948 | ---- | C] () -- C:\WINDOWS\vista32.ini
[2008.10.01 20:26:09 | 000,000,189 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.10.01 20:26:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\umaxdrv.ini
[2008.10.01 20:26:05 | 000,047,616 | ---- | C] () -- C:\WINDOWS\ucmsp_32.dll
[2008.10.01 20:26:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\uxmail32.dll
[2008.10.01 20:26:02 | 000,199,696 | ---- | C] () -- C:\WINDOWS\p1220_16.dll
[2008.10.01 20:26:02 | 000,140,320 | ---- | C] () -- C:\WINDOWS\p1220_32.dll
[2008.10.01 20:26:02 | 000,068,608 | ---- | C] () -- C:\WINDOWS\vufile32.dll
[2008.10.01 20:08:48 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5m.DLL
[2008.10.01 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.10.01 13:24:50 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.10.01 13:13:10 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.10.01 13:13:02 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007.09.27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007.09.27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007.09.27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010.10.09 10:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.08 02:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
[2009.12.30 00:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.30 00:46:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2008.10.02 22:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.12.29 14:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.12.30 00:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.28 09:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.10.01 10:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RFA_Backups
[2010.10.08 02:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.14 02:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2008.12.12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Record Edit Toolbox Pro
[2008.12.12 23:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Audio Recorder for Free
[2010.07.10 00:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\GetRightToGo
[2010.02.03 21:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Global Graphics
[2009.01.04 20:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\gtopala
[2009.03.15 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IEPro
[2010.10.05 14:18:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\IObit
[2010.02.03 18:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\jaws
[2010.08.18 22:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\KeePass
[2009.03.15 17:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\MiniDm
[2009.12.30 01:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Nokia
[2009.04.18 19:59:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OfficeUpdate12
[2009.04.23 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\OpenCandy
[2008.10.02 22:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\PC Suite
[2010.10.08 02:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Pmcc
[2010.06.17 09:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ProfiCAD
[2008.12.15 10:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Softplicity
[2010.10.02 00:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Uniblue
[2010.10.08 02:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\URSoft
[2009.04.23 08:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\WinCare2009
[2009.10.13 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Desktop Search
[2009.10.13 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\Windows Search
[2009.09.08 13:10:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\J.H\Data aplikací\ZIP RAR ACE Password Recovery
[2010.10.10 20:50:06 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 61 bytes -> C:\WINDOWS\WindowsUpdate.log:MX-3.DynamicLogViewer.Properties
< End of report >
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti