OTL logfile created on: 21.1.2010 21:32:15 - Run 1
OTL by OldTimer - Version 3.1.25.3 Folder = C:\Documents and Settings\g@spon\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 730,00 Mb Available Physical Memory | 71,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 246,61 Gb Free Space | 82,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GASPON
Current User Name: g@spon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\g@spon\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\g@spon\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (nvsvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Driver Services (SafeList) ==========
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (AmdLLD) -- C:\WINDOWS\system32\drivers\AmdLLD.sys (Advanced Micro Devices)
DRV - (cpuz132) -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (AsIO) -- C:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (speedfan) -- C:\WINDOWS\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (S3G700) -- C:\WINDOWS\system32\drivers\S3G700m.sys (S3 Graphics Co., Ltd.)
DRV - (FETND5BV) -- C:\WINDOWS\system32\drivers\fetnd5bv.sys (VIA Technologies, Inc. )
DRV - (vulfntrs) -- C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA Technologies, Inc.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (vulfnths) -- C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA Technologies, Inc.)
DRV - (ENTECH) -- C:\WINDOWS\system32\drivers\Entech.sys (EnTech Taiwan)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys ()
DRV - (Asushwio) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS ()
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (FETNDIS) -- C:\WINDOWS\system32\drivers\fetnd5.sys (VIA Technologies, Inc. )
DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.2.119
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.12.24 12:09:10 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.16 15:16:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.06 16:12:29 | 00,000,000 | ---D | M]
[2009.12.24 01:02:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Extensions
[2009.12.24 01:02:22 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.01.21 15:05:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions
[2010.01.21 15:05:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com
[2009.12.24 01:29:01 | 00,002,061 | ---- | M] () -- C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\searchplugins\qipsearch.xml
[2010.01.21 21:31:08 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.06 16:12:29 | 00,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.01.11 22:07:30 | 00,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2010.01.06 16:12:25 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.01.06 16:12:25 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.10.14 15:01:04 | 00,118,000 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\qippipe.dll
[2009.11.14 01:47:38 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2010.01.06 16:12:27 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009.11.03 02:45:38 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009.11.03 02:45:38 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.11.03 02:45:38 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.11.03 02:45:38 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.11.03 02:45:38 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.11.03 02:45:38 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.01.21 20:37:46 | 00,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF19827.cfx File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\g@spon\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\g@spon\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.24 00:17:02 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 14 Days ==========
[2010.01.21 21:29:50 | 00,547,840 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\g@spon\Plocha\OTL.exe
[2010.01.21 17:47:25 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.01.21 17:47:24 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.01.21 17:47:23 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.01.21 17:47:21 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010.01.21 17:47:21 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.01.21 17:47:20 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.01.21 17:47:20 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.01.21 17:47:20 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.01.21 17:46:56 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.01.21 17:46:54 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.01.21 17:42:00 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\g@spon\Recent
[2010.01.21 17:40:04 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.01.21 02:09:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Data aplikací\GlarySoft
[2010.01.21 02:09:21 | 00,000,000 | ---D | C] -- C:\Program Files\Glary Registry Repair
[2010.01.20 23:53:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\DoctorWeb
[2010.01.20 23:31:03 | 00,000,000 | ---D | C] -- C:\ComboFix(2)
[2010.01.20 22:52:01 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2010.01.20 22:50:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.01.20 22:30:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Data aplikací\Malwarebytes
[2010.01.20 22:30:14 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.01.20 22:30:13 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.01.20 22:30:13 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.01.20 22:30:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.01.20 20:47:24 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.01.20 18:37:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
[2010.01.20 18:37:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Application Data
[2010.01.20 18:33:23 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010.01.20 18:31:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.01.20 18:30:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Local Settings\Data aplikací\Adobe
[2010.01.20 18:29:04 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.01.20 18:29:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Adobe
[2010.01.20 18:22:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.01.20 18:19:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Plocha\Adobe CS4
[2010.01.20 16:01:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Data aplikací\Corel
[2010.01.20 16:00:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.01.20 16:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Corel
[2010.01.20 15:58:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2010.01.20 12:34:13 | 00,356,352 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2010.01.20 12:34:13 | 00,266,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.Cpl
[2010.01.20 12:34:13 | 00,086,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2010.01.20 12:34:12 | 15,961,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
[2010.01.20 12:34:12 | 09,710,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2010.01.20 12:34:12 | 04,137,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys
[2010.01.20 12:34:12 | 02,809,856 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2010.01.20 12:34:12 | 02,158,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010.01.20 12:34:12 | 00,299,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.Cpl
[2010.01.20 12:34:12 | 00,069,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2010.01.20 12:34:11 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.01.20 01:14:33 | 00,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2010.01.20 01:14:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.01.20 01:14:20 | 00,000,000 | ---D | C] -- C:\Program Files\Sony
[2010.01.20 01:03:56 | 00,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010.01.20 01:03:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Plocha\Sony Vegas Pro 8.0b Build 217-AVCHD-MPG-AC3 FIXED
[2010.01.18 23:27:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.01.16 23:38:21 | 00,000,000 | ---D | C] -- C:\Program Files\RamCleaner
[2010.01.11 22:18:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Data aplikací\skypePM
[2010.01.11 22:08:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\g@spon\Data aplikací\Skype
[2010.01.11 22:07:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.01.11 22:07:06 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.01.11 22:06:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2009.12.24 00:21:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.12.24 00:20:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.12.24 00:16:54 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.12.24 00:16:54 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2010.01.21 21:30:41 | 02,097,152 | ---- | M] () -- C:\Documents and Settings\g@spon\ntuser.dat
[2010.01.21 21:29:54 | 00,547,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\g@spon\Plocha\OTL.exe
[2010.01.21 21:29:09 | 00,248,739 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.01.21 21:28:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.21 21:28:29 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.21 21:27:42 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\g@spon\ntuser.ini
[2010.01.21 20:38:01 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.01.21 20:37:46 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.01.21 19:40:47 | 00,001,352 | ---- | M] () -- C:\Documents and Settings\g@spon\Dokumenty\AutoHotkey.ahk
[2010.01.21 17:47:25 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Antivirus.lnk
[2010.01.21 17:47:20 | 00,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.01.21 17:40:05 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\g@spon\Plocha\CCleaner.lnk
[2010.01.21 15:32:14 | 05,335,686 | -H-- | M] () -- C:\Documents and Settings\g@spon\Local Settings\Data aplikací\IconCache.db
[2010.01.21 02:09:25 | 00,000,160 | ---- | M] () -- C:\Documents and Settings\g@spon\Plocha\Glary Utilities Freeware.url
[2010.01.20 22:52:03 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2010.01.20 22:30:16 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.01.20 20:47:24 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\g@spon\Plocha\HijackThis.lnk
[2010.01.20 18:40:02 | 00,014,352 | ---- | M] () -- C:\Documents and Settings\g@spon\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.01.20 18:39:24 | 01,979,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.01.20 16:01:57 | 00,002,828 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2010.01.20 16:01:57 | 00,000,088 | RHS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys
[2010.01.20 01:21:39 | 00,002,552 | ---- | M] () -- C:\Documents and Settings\g@spon\Dokumenty\Register Vegas Pro.htm
[2010.01.20 01:21:08 | 00,000,616 | ---- | M] () -- C:\Documents and Settings\g@spon\Dokumenty\Default.sfvidcap
[2010.01.18 23:40:10 | 00,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.18 23:40:10 | 00,000,211 | ---- | M] () -- C:\Boot.bak
[2010.01.17 12:28:57 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.17 00:17:00 | 00,004,608 | ---- | M] () -- C:\Documents and Settings\g@spon\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.16 23:38:22 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\g@spon\Plocha\RamCleaner.lnk
[2010.01.16 18:14:35 | 00,000,022 | ---- | M] () -- C:\Documents and Settings\g@spon\config.ini
[2010.01.11 22:07:11 | 00,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.01.21 19:40:47 | 00,001,352 | ---- | C] () -- C:\Documents and Settings\g@spon\Dokumenty\AutoHotkey.ahk
[2010.01.21 17:47:25 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Antivirus.lnk
[2010.01.21 17:46:56 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010.01.21 17:40:05 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\g@spon\Plocha\CCleaner.lnk
[2010.01.21 02:09:25 | 00,000,160 | ---- | C] () -- C:\Documents and Settings\g@spon\Plocha\Glary Utilities Freeware.url
[2010.01.20 22:53:36 | 02,097,152 | ---- | C] () -- C:\Documents and Settings\g@spon\ntuser.dat
[2010.01.20 22:52:03 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2010.01.20 22:52:02 | 00,261,312 | ---- | C] () -- C:\cmldr
[2010.01.20 22:30:16 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.01.20 20:47:24 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\g@spon\Plocha\HijackThis.lnk
[2010.01.20 16:01:48 | 00,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2010.01.20 16:01:48 | 00,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys
[2010.01.20 15:57:30 | 00,019,133 | ---- | C] () -- C:\Documents and Settings\g@spon\Plocha\keygen.rar
[2010.01.20 12:34:24 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.01.20 12:34:24 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.01.20 01:21:08 | 00,000,616 | ---- | C] () -- C:\Documents and Settings\g@spon\Dokumenty\Default.sfvidcap
[2010.01.20 01:08:50 | 00,002,552 | ---- | C] () -- C:\Documents and Settings\g@spon\Dokumenty\Register Vegas Pro.htm
[2010.01.20 01:03:34 | 02,580,353 | ---- | C] () -- C:\Documents and Settings\g@spon\Plocha\Soubory WinRAR archiv.rar
[2010.01.16 23:38:22 | 00,000,706 | ---- | C] () -- C:\Documents and Settings\g@spon\Plocha\RamCleaner.lnk
[2010.01.16 18:14:35 | 00,000,022 | ---- | C] () -- C:\Documents and Settings\g@spon\config.ini
[2010.01.11 22:07:11 | 00,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.01.04 17:54:42 | 00,004,608 | ---- | C] () -- C:\Documents and Settings\g@spon\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.24 17:33:59 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009.12.24 17:33:59 | 00,012,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009.12.24 16:22:15 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2009.12.24 14:07:28 | 02,796,544 | R--- | C] () -- C:\WINDOWS\System32\s3gcil_inv.dll
[2009.12.24 14:07:27 | 01,979,392 | R--- | C] () -- C:\WINDOWS\System32\s3gcil_csr.dll
[2009.12.24 12:15:02 | 00,000,000 | RH-- | C] () -- C:\Documents and Settings\g@spon\Data aplikací\bcac5580677a6f3c0d55f12e839478a8
[2009.12.24 12:08:51 | 00,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.12.24 00:29:39 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2009.12.24 00:24:49 | 00,000,264 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2009.12.24 00:24:21 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2009.12.24 00:22:52 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.12.24 00:22:48 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.08.03 00:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004.08.17 14:49:10 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.07.17 10:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[1996.04.03 20:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2009.12.25 11:34:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.20 01:14:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2009.12.25 12:28:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\g@spon\Data aplikací\DAEMON Tools Lite
[2010.01.21 02:24:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\g@spon\Data aplikací\GlarySoft
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 21.1.2010 21:32:15 - Run 1
OTL by OldTimer - Version 3.1.25.3 Folder = C:\Documents and Settings\g@spon\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 730,00 Mb Available Physical Memory | 71,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 246,61 Gb Free Space | 82,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GASPON
Current User Name: g@spon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE" = C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE:*:Enabled:SPEED2 -- ()
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- (QIP)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{8AB445D0-CD91-47CC-B1A9-A654B4B261E4}" = AMD CPUInfo
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"Badaboom" = Badaboom 1.2.0.91
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Garena" = Garena
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"RamCleaner" = RamCleaner
"SpeedFan" = SpeedFan (remove only)
"VIA/S3G DeltaChrome IGP Win2K/XP/Server2003 Display" = VIA/S3G Display Driver
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"eb89d5e66703b48c" = LoiLoScope
"QIP Infium" = QIP Infium 2.0.9033.7 Nightly
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 25.12.2009 14:43:32 | Computer Name = GASPON | Source = Application Error | ID = 1000
Description = Chybující aplikace , verze 0.0.0.0, chybující modul sfc_os.dll, verze
5.1.2600.2180, adresa chyby 0x00014de7.
Error - 27.12.2009 2:19:29 | Computer Name = GASPON | Source = Application Error | ID = 1004
Description = Chybující aplikace winlogon.exe, verze 0.0.0.0, chybující modul sfc_os.dll,
verze 5.1.2600.2180, adresa chyby 0x00014de7.
Error - 31.12.2009 8:46:08 | Computer Name = GASPON | Source = Application Error | ID = 1000
Description = Chybující aplikace speed2.exe, verze 0.0.0.0, chybující modul speed2.exe,
verze 0.0.0.0, adresa chyby 0x0006100b.
Error - 16.1.2010 18:28:38 | Computer Name = GASPON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3642, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 16.1.2010 18:28:41 | Computer Name = GASPON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3642, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 9.1.2010 5:45:00 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 10.1.2010 7:21:58 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 10.1.2010 11:57:38 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 11.1.2010 2:58:03 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 11.1.2010 19:49:24 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 12.1.2010 3:22:56 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 13.1.2010 1:33:46 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 14.1.2010 4:00:16 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 15.1.2010 3:28:00 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 15.1.2010 13:29:36 | Computer Name = GASPON | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2
< End of report >
Prosím o prohlídnutí logu Vyřešeno
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o prohlídnutí logu
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.
C:\WINDOWS\System32\vusetup.dll
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.
C:\WINDOWS\System32\vusetup.dll
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o prohlídnutí logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.2.119
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
[2010.01.21 15:05:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com
[2009.12.24 01:29:01 | 00,002,061 | ---- | M] () -- C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\searchplugins\qipsearch.xml
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF19827.cfx File not found
::Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\WINDOWS\tasks\SA.DAT
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys
C:\Documents and Settings\g@spon\Plocha\keygen.rar
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o prohlídnutí logu
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "QIP Search" removed from browser.search.selectedEngine
Prefs.js: toolbar@ask.com:3.6.2.119 removed from extensions.enabledItems
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\searchplugins\qipsearch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
Error: Unable to interpret <::Files> in the current context!
Error: Unable to interpret <C:\Windows\*.tmp> in the current context!
Error: Unable to interpret <C:\Windows\System32\*.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\SA.DAT> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\g@spon\Plocha\keygen.rar> in the current context!
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: g@spon
->Temp folder emptied: 89595 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->FireFox cache emptied: 73163163 bytes
User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 72,00 mb
OTL by OldTimer - Version 3.1.25.3 log created on 01212010_225022
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_764.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
A na ploše se mi objevilo thumbs.db :-)
========== OTL ==========
No active process named explorer.exe was found!
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "QIP Search" removed from browser.search.selectedEngine
Prefs.js: toolbar@ask.com:3.6.2.119 removed from extensions.enabledItems
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\g@spon\Data aplikací\Mozilla\Firefox\Profiles\2y8gdpl9.default\searchplugins\qipsearch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
Error: Unable to interpret <::Files> in the current context!
Error: Unable to interpret <C:\Windows\*.tmp> in the current context!
Error: Unable to interpret <C:\Windows\System32\*.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\SA.DAT> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\g@spon\Plocha\keygen.rar> in the current context!
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: g@spon
->Temp folder emptied: 89595 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->FireFox cache emptied: 73163163 bytes
User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 72,00 mb
OTL by OldTimer - Version 3.1.25.3 log created on 01212010_225022
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_764.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
A na ploše se mi objevilo thumbs.db :-)
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o prohlídnutí logu
Nastav si v Nástroje --> Možnosti složky na kartě Zobrazení: Skrýt systémové soubory a Nezobrazovat skryté soubory a složky.
Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.
Zkus spustit ten Dr. Web CureIt, aktualizuj ho a proveď sken.
Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.
Zkus spustit ten Dr. Web CureIt, aktualizuj ho a proveď sken.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o prohlídnutí logu
Takže všechno jelo tak jak má :-) první rpgoram smazán... a ten dr.Web taky jel... po cca 10 ti minutách skončil a dole je napsáno Hotovo - Nebyl nalezen žádný vir
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o prohlídnutí logu
Ještě jednou ten OTL, vloudila se mi tam chybička. A už to bude vše.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Vlož mi sem pak log z HijackThis a popiš chování PC.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
:Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\WINDOWS\tasks\SA.DAT
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys
C:\Documents and Settings\g@spon\Plocha\keygen.rar
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Vlož mi sem pak log z HijackThis a popiš chování PC.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o prohlídnutí logu
Počítač běžel bez nějakých větších závad :-) akorát při tom restartování celkem dlouho najížděl :-)
All processes killed
========== OTL ==========
========== FILES ==========
File\Folder C:\Windows\*.tmp not found.
File\Folder C:\Windows\System32\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys moved successfully.
C:\Documents and Settings\g@spon\Plocha\keygen.rar moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: g@spon
->Temp folder emptied: 5903 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 31714377 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 30,00 mb
OTL by OldTimer - Version 3.1.25.3 log created on 01212010_234230
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_764.dat not found!
Registry entries deleted on Reboot...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:46:53, on 21.1.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\g@spon\Dokumenty\Stažené soubory\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
--
End of file - 2310 bytes
All processes killed
========== OTL ==========
========== FILES ==========
File\Folder C:\Windows\*.tmp not found.
File\Folder C:\Windows\System32\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\E971A783BD.sys moved successfully.
C:\Documents and Settings\g@spon\Plocha\keygen.rar moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: g@spon
->Temp folder emptied: 5903 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 31714377 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 30,00 mb
OTL by OldTimer - Version 3.1.25.3 log created on 01212010_234230
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_764.dat not found!
Registry entries deleted on Reboot...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:46:53, on 21.1.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\g@spon\Dokumenty\Stažené soubory\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
--
End of file - 2310 bytes
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o prohlídnutí logu
Měl by si to mít OK. Vir ani jiná potvora tam už není.
Smaž složku C:\_OTL
Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.
Smaž složku C:\_OTL
Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o prohlídnutí logu
:-) tak vám mockrát děkuji 
A kdykoliv by se mi objevil sebemenší problém ihned se na vás obrátím :-)
A kdykoliv by se mi objevil sebemenší problém ihned se na vás obrátím :-)Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 79 hostů