Avast hlásí podezřelá zpráva Vyřešeno

[tomas06]

me to dela to sami.prosím co s tim?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:36:32, on 15.12.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\ostatni\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Admin\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {2951882A-72DF-4AED-9BAF-996FFDEB10B9} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: (no name) - {52D3C9FA-1667-4EEC-8B4A-C15C2BD1E3Df} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5499bcb1-5641-4a4c-9f75-462d4d8d0da0} - (no file)
O2 - BHO: (no name) - {589F7E7F-0ADE-4DD9-A9CF-7A59ACEEAF92} - (no file)
O2 - BHO: Little Fighter 2 Toolbar Helper - {AE90C38C-97CF-4696-B290-C7973DC9675E} - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.2\Little_Fighter_2_Toolbar.dll
O2 - BHO: (no name) - {b40515ff-c006-4841-9cb1-eddf83c368c0} - (no file)
O3 - Toolbar: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Little Fighter 2 Toolbar - {C3CD744D-2FAE-4640-8297-16B5DA423104} - C:\Program Files\Little Fighter 2 Toolbar\v3.3.0.2\Little_Fighter_2_Toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra 'Tools' menuitem: Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: bw+0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {72C1538D-6DD0-4D1A-B961-F9860C63F20C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: kbdlui - kbdlui.dll (file missing)
O20 - Winlogon Notify: qoMeDwvt - qoMeDwvt.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\ostatni\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Správa aplikací AppMgmtERSvcLVPrcSrv (AppMgmtERSvcLVPrcSrv) - Unknown owner - C:\WINDOWS\system32\actskin4y.exe (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\ostatni\Ares\chatServer.exe (file missing)
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Zasílání zpráv o chybách ERSvcLVPrcSrv (ERSvcLVPrcSrv) - Unknown owner - C:\WINDOWS\system32\acelpdeci.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Office Source Engine oseMSDTC (oseMSDTC) - Unknown owner - C:\WINDOWS\system32\aahkglpkr.exe (file missing)
O23 - Service: Office Source Engine oseRDSessMgr (oseRDSessMgr) - Unknown owner - C:\WINDOWS\system32\1031x.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Správce vzdáleného přístupu RasManaswUpdSv (RasManaswUpdSv) - Unknown owner - C:\WINDOWS\system32\adsmsextx.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Centrum zabezpečení wscsvcStarWindService (wscsvcStarWindService) - Unknown owner - C:\WINDOWS\system32\apphelps.exe (file missing)

Vítám Tě na Pc-help! Nejprve si laskavě přečti pravidla tohoto fóra a nadále se jimi řiď. Nevkládej dotaz do cizího tématu a to ještě k tomu dva roky starého, ale založ si téma vlastní. Dotaz vložen samostatně pod upraveným názvem. Děkuji za pochopení. Pic

[Reklama]

[Damned]

Odinstaluj si:
Logitech Desktop Manager
AskBarDis
Little Fighter 2 Toolbar

Pak sem vlož nový log z HJT.

[tomas06]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:16, on 16.12.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\ostatni\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Admin\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: (no name) - {2951882A-72DF-4AED-9BAF-996FFDEB10B9} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: (no name) - {52D3C9FA-1667-4EEC-8B4A-C15C2BD1E3Df} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5499bcb1-5641-4a4c-9f75-462d4d8d0da0} - (no file)
O2 - BHO: (no name) - {589F7E7F-0ADE-4DD9-A9CF-7A59ACEEAF92} - (no file)
O2 - BHO: (no name) - {b40515ff-c006-4841-9cb1-eddf83c368c0} - (no file)
O3 - Toolbar: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - (no file)
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra 'Tools' menuitem: Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: kbdlui - kbdlui.dll (file missing)
O20 - Winlogon Notify: qoMeDwvt - qoMeDwvt.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\ostatni\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Správa aplikací AppMgmtERSvcLVPrcSrv (AppMgmtERSvcLVPrcSrv) - Unknown owner - C:\WINDOWS\system32\actskin4y.exe (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\ostatni\Ares\chatServer.exe (file missing)
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe (file missing)
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Zasílání zpráv o chybách ERSvcLVPrcSrv (ERSvcLVPrcSrv) - Unknown owner - C:\WINDOWS\system32\acelpdeci.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Office Source Engine oseMSDTC (oseMSDTC) - Unknown owner - C:\WINDOWS\system32\aahkglpkr.exe (file missing)
O23 - Service: Office Source Engine oseRDSessMgr (oseRDSessMgr) - Unknown owner - C:\WINDOWS\system32\1031x.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Správce vzdáleného přístupu RasManaswUpdSv (RasManaswUpdSv) - Unknown owner - C:\WINDOWS\system32\adsmsextx.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Centrum zabezpečení wscsvcStarWindService (wscsvcStarWindService) - Unknown owner - C:\WINDOWS\system32\apphelps.exe (file missing)

--
End of file - 9633 bytes

[tomas06]

muzete se na to nekdo kouknout prosím?

[pitimir]

Co presne prosim ta hlasi Avast?

Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Do policka pod nazvom "Custom Scans/Fixes" skopiruj:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
CREATERESTOREPOINT

Potom klikni na "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.

[tomas06]

avast hlasi

PODEZŘELÁ ZPRÁVA
Příliš mnoho stejných e-mailů v daném časovém rozmezí


Odesílatel: Genuine VIAGRA © Online Store <jadam@clarkus.com>
Příjemce: jadam@clarkus.com
Předmět: Dear jadam gets special 80% OFF on Pfizer.

a občas mi tam skočí i rootkit

OTL.Txt
OTL logfile created on: 17.12.2009 22:31:34 - Run 2
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,36 Mb Total Physical Memory | 488,79 Mb Available Physical Memory | 47,76% Memory free
2,40 Gb Paging File | 1,96 Gb Available in Paging File | 81,47% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 25,23 Gb Free Space | 33,86% Space Free | Partition Type: NTFS
Drive D: | 2,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-6C0E251A4F6A
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
PRC - [2009.12.16 18:57:06 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.11.23 08:43:26 | 02,001,648 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009.08.24 18:04:04 | 00,935,176 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2008.12.03 08:39:45 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008.02.18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007.08.09 08:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007.07.20 14:21:34 | 00,557,056 | ---- | M] (Lavasoft AB) -- C:\ostatni\aawservice.exe
PRC - [2007.06.13 14:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.14 10:21:00 | 16,270,848 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006.09.10 20:56:24 | 00,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2006.06.26 10:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2004.08.17 14:49:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe


========== Modules (SafeList) ==========

MOD - [2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
MOD - [2006.08.25 16:51:20 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006.06.26 10:33:42 | 00,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wscsvcStarWindService)
SRV - File not found [Auto | Stopped] -- -- (RasManaswUpdSv)
SRV - File not found [Auto | Stopped] -- -- (oseRDSessMgr)
SRV - File not found [Auto | Stopped] -- -- (oseMSDTC)
SRV - File not found [Auto | Stopped] -- -- (ERSvcLVPrcSrv)
SRV - File not found [Auto | Stopped] -- -- (ASKUpgrade)
SRV - File not found [Auto | Stopped] -- -- (ASKService)
SRV - File not found [On_Demand | Stopped] -- -- (AresChatServer)
SRV - File not found [Auto | Stopped] -- -- (AppMgmtERSvcLVPrcSrv)
SRV - [2009.11.25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.08.24 18:04:08 | 01,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.08.24 18:04:04 | 00,935,176 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2008.12.03 08:39:45 | 00,163,908 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2008.02.18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007.08.09 08:27:52 | 00,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.07.20 14:21:34 | 00,557,056 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\ostatni\aawservice.exe -- (aawservice)
SRV - [2007.06.15 16:55:00 | 00,300,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.05.16 08:27:28 | 00,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.04.13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006.06.26 10:33:56 | 00,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006.06.26 10:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2005.12.15 04:13:38 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005.12.14 20:10:00 | 00,520,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2005.04.04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys.83724678 -- (sptd)
DRV - [2009.11.25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.11.23 08:43:30 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.11.23 08:43:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.11.23 08:43:28 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.08.20 10:11:30 | 00,073,232 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.03.24 14:19:07 | 00,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.03 17:11:23 | 00,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2008.12.03 08:39:45 | 06,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.08.18 12:02:02 | 00,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.08.18 12:02:01 | 00,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.11.13 11:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.06.29 10:12:48 | 00,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2007.06.29 10:12:48 | 00,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2007.06.29 10:12:48 | 00,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2007.06.29 10:12:47 | 00,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2007.06.29 10:12:47 | 00,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2007.06.20 21:27:46 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2007.02.22 11:15:56 | 00,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 11:15:14 | 00,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 11:15:14 | 00,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 11:15:14 | 00,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.11.15 07:34:00 | 04,225,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.08.14 14:09:48 | 00,083,200 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.07.01 21:42:58 | 00,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.06.26 10:33:40 | 00,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006.06.26 10:33:36 | 01,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006.06.26 10:33:28 | 01,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006.03.01 18:51:15 | 00,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.02.21 13:48:05 | 00,049,664 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.02.14 15:48:36 | 00,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.12.15 04:19:06 | 01,463,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.03.08 05:43:27 | 00,021,744 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005.03.08 05:43:26 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005.03.08 05:43:25 | 00,051,120 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2005.01.07 16:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.03 23:10:12 | 00,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004.08.03 23:10:12 | 00,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004.08.03 23:10:00 | 00,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2001.10.25 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [1997.12.23 03:02:46 | 00,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default = FA C9 D3 52 67 16 EC 4E 8B 4A C1 5C 2B D1 E3 DF [binary data]
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "YouTube Video Search"
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:2.0.2
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "YouTube Video Search"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.12.16 21:17:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.12.16 18:57:14 | 00,000,000 | ---D | M]

[2008.06.24 13:55:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2009.12.17 17:18:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions
[2008.02.22 18:02:59 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.04.03 15:38:08 | 00,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009.05.05 12:55:02 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.02.15 21:01:09 | 00,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.07.07 22:33:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\illimitux@illimitux.net
[2009.12.13 16:41:49 | 00,002,055 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\daemon-search.xml
[2009.12.16 21:27:20 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-1.xml
[2009.08.04 19:01:54 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-2.xml
[2009.09.12 20:32:20 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-3.xml
[2009.10.28 18:13:55 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-4.xml
[2009.11.06 20:06:55 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-5.xml
[2009.12.13 16:46:37 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-6.xml
[2009.07.22 10:11:21 | 00,000,944 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin.xml
[2009.02.15 21:01:05 | 00,003,915 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\sweetim.xml
[2008.01.05 00:02:27 | 00,001,437 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\yahoo-answers.xml
[2007.08.24 14:25:46 | 00,002,109 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\youtube-video-search.xml
[2009.12.13 20:08:14 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.11.11 08:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2007.03.02 00:08:58 | 00,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2005.04.27 21:10:49 | 00,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2009.10.28 18:13:08 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.10.28 18:13:08 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.10.28 18:13:08 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.10.28 18:13:08 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.10.28 18:13:08 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (737 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (no name) - {2951882A-72DF-4AED-9BAF-996FFDEB10B9} - No CLSID value found.
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (no name) - {52D3C9FA-1667-4EEC-8B4A-C15C2BD1E3Df} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5499bcb1-5641-4a4c-9f75-462d4d8d0da0} - No CLSID value found.
O2 - BHO: (no name) - {589F7E7F-0ADE-4DD9-A9CF-7A59ACEEAF92} - No CLSID value found.
O2 - BHO: (no name) - {b40515ff-c006-4841-9cb1-eddf83c368c0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C11483F7-D7D8-4804-98D8-6055470BB989} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C3CD744D-2FAE-4640-8297-16B5DA423104} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-682003330-1390067357-839522115-1003..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKU\S-1-5-21-682003330-1390067357-839522115-1003..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-682003330-1390067357-839522115-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra 'Tools' menuitem : Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\xxyaBRiH) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.06.20 21:53:11 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.08.14 01:30:58 | 00,402,696 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.10.02 18:40:41 | 00,000,000 | R--D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007.09.02 05:56:15 | 02,984,960 | R--- | M] () - D:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2007.09.02 05:50:18 | 00,000,136 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.06.20 21:52:40 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

[tomas06]

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55172544294027264)

========== Files/Folders - Created Within 7 Days ==========

[2009.12.17 20:27:36 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 10:02:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Plocha\Účty platby
[2009.12.17 09:13:21 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2009.12.16 20:16:16 | 00,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 20:16:13 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2009.12.16 20:16:13 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2009.12.16 20:16:13 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2009.12.16 20:16:13 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2009.12.16 20:16:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2009.12.16 20:16:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.12.15 21:35:51 | 00,000,000 | ---D | C] -- C:\Program Files\RegScrubXP
[2009.12.15 21:33:14 | 00,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2009.12.15 15:53:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Thunderbird
[2009.12.15 15:53:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.15 14:20:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:33 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009.12.15 14:17:58 | 00,000,000 | ---D | C] -- C:\Program Files\CPU Speed Pro
[2009.12.15 13:35:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2009.12.15 13:35:12 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.15 13:35:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.12.15 13:35:08 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.12.15 13:35:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.12.15 13:32:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Plocha\backups
[2009.12.15 13:26:11 | 00,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.14 18:02:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2009.12.13 17:14:19 | 00,000,000 | ---D | C] -- C:\Program Files\Alcohol 120
[2009.12.13 16:41:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:41:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:20:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.11.27 16:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.11.27 16:04:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.02.03 17:11:23 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.sys
[2008.11.11 17:33:51 | 00,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\implode.dll
[2008.08.17 22:08:40 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2008.08.17 22:04:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Mozilla
[2008.08.17 22:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Mozilla
[2008.05.10 07:53:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.06.20 22:06:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2009.12.17 22:34:32 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009.12.16 20:16:45 | 00,000,028 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2009.12.15 12:25:43 | 04,552,443 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 11:20:33 | 00,230,960 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:15:50 | 00,314,608 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.13 19:18:41 | 00,697,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.13 19:16:15 | 00,000,020 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:15:39 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 15:27:03 | 00,476,131 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[2009.12.13 12:40:15 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009.12.13 12:40:15 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009.12.02 18:58:38 | 00,019,344 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\b.exe
[2009.11.12 16:17:40 | 00,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI
[2009.11.03 20:18:39 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009.10.26 22:14:33 | 00,000,391 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.06.21 11:55:38 | 00,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009.06.14 18:13:13 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.03.30 16:59:07 | 00,000,020 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.02.28 14:02:03 | 01,537,536 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-hi.dll
[2009.02.28 14:02:03 | 00,360,448 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-lo.dll
[2009.02.03 17:11:38 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\vso_ts_preview.xml
[2009.02.03 17:11:30 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.log
[2009.02.03 17:11:23 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2009.02.03 17:11:23 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.cat
[2009.02.03 17:11:23 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.inf
[2008.12.03 08:39:45 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.12.03 08:39:45 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.12.03 08:39:45 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.12.03 08:39:45 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.12.03 08:39:45 | 00,007,237 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2008.11.11 17:33:53 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2008.11.11 17:33:52 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2008.10.26 13:45:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.10.25 17:22:12 | 00,000,050 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2008.10.25 17:21:51 | 00,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2008.08.18 12:02:02 | 00,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.08.18 12:02:01 | 00,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.06.28 10:22:03 | 00,002,023 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_PROTOCOL.log
[2008.06.28 10:22:03 | 00,000,571 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_UI.log
[2008.06.28 10:22:03 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008.06.28 10:22:03 | 00,000,106 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_API.log
[2008.05.19 18:24:52 | 00,004,712 | -HS- | C] () -- C:\WINDOWS\System32\lsfbyqfa.ini
[2008.04.21 18:32:20 | 00,000,769 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2008.03.24 15:52:02 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008.03.24 15:52:02 | 00,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007.12.28 15:07:13 | 00,044,681 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2007.12.28 15:07:13 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007.12.28 15:07:01 | 00,002,065 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\HPSU_48BitScanUpdate.log
[2007.12.28 15:07:01 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007.12.28 14:59:57 | 00,065,401 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Update_HP_RedboxHprblog_HPSU.log
[2007.12.28 14:59:57 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007.12.24 19:24:06 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.12.23 23:21:46 | 00,610,304 | ---- | C] () -- C:\WINDOWS\System32\dfxg115.dll
[2007.11.17 22:11:08 | 00,000,078 | ---- | C] () -- C:\WINDOWS\Rumble2.ini
[2007.10.12 13:21:25 | 00,000,027 | ---- | C] () -- C:\WINDOWS\ic.ini
[2007.09.29 14:13:41 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2007.09.28 12:44:51 | 00,002,803 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2007.08.20 13:00:47 | 00,020,247 | ---- | C] () -- C:\WINDOWS\msettings.ini
[2007.08.11 19:05:04 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.08.11 18:55:20 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.08.11 18:55:20 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.08.11 18:55:20 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.08.07 16:26:53 | 00,002,723 | -HS- | C] () -- C:\WINDOWS\oqtwyb.ini
[2007.08.05 14:27:18 | 01,199,773 | -HS- | C] () -- C:\WINDOWS\bccdfe.ini
[2007.06.26 16:33:36 | 00,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2007.06.24 10:16:53 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.06.23 18:20:42 | 00,107,520 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.21 02:19:47 | 00,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2007.06.20 21:32:59 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.06.20 21:31:34 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.06.20 20:32:42 | 00,001,103 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.03.29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006.10.28 19:57:48 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2006.06.26 10:33:40 | 00,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2005.10.14 11:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2004.08.17 14:49:10 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.03.18 17:40:32 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.03.18 17:40:24 | 00,667,648 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003.04.09 14:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.05.17 23:18:30 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001.07.06 14:30:00 | 00,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== LOP Check ==========

[2009.05.05 14:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\.BitTornado
[2009.05.05 12:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Azureus
[2007.07.01 17:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.02.03 17:01:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2009.05.09 09:45:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
[2009.02.18 12:31:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2007.06.22 16:37:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ Toolbar
[2008.05.28 15:59:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQLite
[2009.01.11 19:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Image Zone Express
[2007.12.25 11:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Leadertech
[2008.12.24 19:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia
[2008.12.27 17:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia Multimedia Player
[2008.09.01 15:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Opera
[2008.12.24 19:06:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PC Suite
[2007.12.28 15:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Printer Info Cache
[2007.09.17 17:55:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\RapidGet
[2009.04.18 19:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sachy
[2008.01.16 16:43:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Soldat
[2008.08.18 15:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SpieleEntwicklungsKombinat
[2007.06.29 10:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Teleca
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.02.14 16:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2008.01.11 18:24:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\XnView
[2009.05.05 12:55:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.07.14 23:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.24 19:03:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2008.12.24 19:06:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.03.11 17:57:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Phenomedia
[2008.08.18 12:08:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpieleEntwicklungsKombinat
[2009.02.15 21:23:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.10.06 18:58:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2008.08.17 22:13:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Winferno
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2009.10.25 09:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\rpc.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008.07.31 21:21:45 | 00,121,344 | ---- | M] () -- C:\bnupdate.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004.08.03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
[2007.06.20 21:27:46 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) MD5=92CEBC2BC7BE2C8D49391B365569F306 -- C:\WINDOWS\system32\drivers\vaxscsi.sys

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C46995DA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34
< End of report >
[2009.12.17 22:37:41 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:30:19 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009.12.17 22:30:08 | 00,000,000 | ---D | M] -- C:\Program Files\BitComet
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\MicroWorld
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.16 15:24:02 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009.12.16 15:22:17 | 00,000,000 | ---D | M] -- C:\Program Files\ATMA V
[2009.12.16 15:15:41 | 00,000,000 | ---D | M] -- C:\Program Files\RegScrubXP
[2009.12.15 21:47:11 | 00,000,000 | ---D | M] -- C:\Program Files\RegCleaner
[2009.12.15 15:54:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Thunderbird
[2009.12.15 15:53:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.15 14:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:38 | 00,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2009.12.15 14:20:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:12 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009.12.15 14:19:40 | 00,000,000 | ---D | M] -- C:\Program Files\CPU Speed Pro
[2009.12.15 13:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2009.12.15 13:35:19 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.12.15 13:35:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 18:02:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:49:38 | 00,000,000 | ---D | M] -- C:\Program Files\Alcohol 120
[2009.12.13 19:18:36 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 19:27:40 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009.12.11 19:27:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2009.12.11 18:29:41 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2009.12.11 18:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[2009.12.02 18:58:38 | 00,019,344 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\b.exe
[2009.11.27 16:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.11.27 16:04:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.02.14 16:49:02 | 00,000,033 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.log
[2009.02.14 16:49:01 | 00,087,608 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2009.02.14 16:49:01 | 00,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.sys
[2009.02.14 16:49:01 | 00,007,887 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.cat
[2009.02.14 16:49:01 | 00,001,144 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.inf
[2009.02.03 17:30:56 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\vso_ts_preview.xml
[2009.01.27 19:22:38 | 00,002,803 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2008.08.17 22:08:31 | 00,774,144 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2008.08.17 22:04:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Mozilla
[2008.08.17 22:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Mozilla
[2008.06.28 10:22:07 | 00,000,571 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_UI.log
[2008.06.28 10:22:05 | 00,000,106 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_API.log
[2008.06.28 10:22:04 | 00,002,023 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_PROTOCOL.log
[2008.05.10 07:53:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.12.28 16:00:24 | 00,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.12.28 15:07:18 | 00,044,681 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2007.12.28 15:07:04 | 00,002,065 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\HPSU_48BitScanUpdate.log
[2007.12.28 15:00:29 | 00,065,401 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Update_HP_RedboxHprblog_HPSU.log
[2007.06.21 02:19:47 | 00,000,125 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2007.06.20 23:28:12 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
[2007.06.20 23:28:12 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Admin\Data aplikací\desktop.ini
[2007.06.20 22:06:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2009.12.17 22:38:06 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== LOP Check ==========

[2009.05.05 14:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\.BitTornado
[2009.05.05 12:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Azureus
[2007.07.01 17:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.02.03 17:01:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2009.05.09 09:45:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
[2009.02.18 12:31:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2007.06.22 16:37:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ Toolbar
[2008.05.28 15:59:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQLite
[2009.01.11 19:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Image Zone Express
[2007.12.25 11:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Leadertech
[2008.12.24 19:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia
[2008.12.27 17:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia Multimedia Player
[2008.09.01 15:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Opera
[2008.12.24 19:06:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PC Suite
[2007.12.28 15:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Printer Info Cache
[2007.09.17 17:55:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\RapidGet
[2009.04.18 19:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sachy
[2008.01.16 16:43:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Soldat
[2008.08.18 15:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SpieleEntwicklungsKombinat
[2007.06.29 10:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Teleca
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.02.14 16:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2008.01.11 18:24:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\XnView
[2009.05.05 12:55:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.07.14 23:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.24 19:03:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2008.12.24 19:06:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.03.11 17:57:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Phenomedia
[2008.08.18 12:08:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpieleEntwicklungsKombinat
[2009.02.15 21:23:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.10.06 18:58:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2008.08.17 22:13:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Winferno
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2009.10.25 09:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\rpc.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008.07.31 21:21:45 | 00,121,344 | ---- | M] () -- C:\bnupdate.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004.08.03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
[2007.06.20 21:27:46 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) MD5=92CEBC2BC7BE2C8D49391B365569F306 -- C:\WINDOWS\system32\drivers\vaxscsi.sys

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C46995DA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34

< End of report >

[tomas06]

to druhý OTL

OTL logfile created on: 17.12.2009 22:31:34 - Run 2
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,36 Mb Total Physical Memory | 488,79 Mb Available Physical Memory | 47,76% Memory free
2,40 Gb Paging File | 1,96 Gb Available in Paging File | 81,47% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 25,23 Gb Free Space | 33,86% Space Free | Partition Type: NTFS
Drive D: | 2,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-6C0E251A4F6A
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
PRC - [2009.12.16 18:57:06 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.11.25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.11.23 08:43:26 | 02,001,648 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009.08.24 18:04:04 | 00,935,176 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2008.12.03 08:39:45 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008.02.18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007.08.09 08:27:52 | 00,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007.07.20 14:21:34 | 00,557,056 | ---- | M] (Lavasoft AB) -- C:\ostatni\aawservice.exe
PRC - [2007.06.13 14:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.14 10:21:00 | 16,270,848 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.exe
PRC - [2006.09.10 20:56:24 | 00,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2006.06.26 10:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2004.08.17 14:49:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe


========== Modules (SafeList) ==========

MOD - [2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
MOD - [2006.08.25 16:51:20 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006.06.26 10:33:42 | 00,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wscsvcStarWindService)
SRV - File not found [Auto | Stopped] -- -- (RasManaswUpdSv)
SRV - File not found [Auto | Stopped] -- -- (oseRDSessMgr)
SRV - File not found [Auto | Stopped] -- -- (oseMSDTC)
SRV - File not found [Auto | Stopped] -- -- (ERSvcLVPrcSrv)
SRV - File not found [Auto | Stopped] -- -- (ASKUpgrade)
SRV - File not found [Auto | Stopped] -- -- (ASKService)
SRV - File not found [On_Demand | Stopped] -- -- (AresChatServer)
SRV - File not found [Auto | Stopped] -- -- (AppMgmtERSvcLVPrcSrv)
SRV - [2009.11.25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.08.24 18:04:08 | 01,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.08.24 18:04:04 | 00,935,176 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2008.12.03 08:39:45 | 00,163,908 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2008.02.18 10:16:30 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007.08.09 08:27:52 | 00,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.07.20 14:21:34 | 00,557,056 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\ostatni\aawservice.exe -- (aawservice)
SRV - [2007.06.15 16:55:00 | 00,300,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.05.16 08:27:28 | 00,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.04.13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2006.06.26 10:33:56 | 00,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006.06.26 10:33:42 | 00,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2005.12.15 04:13:38 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005.12.14 20:10:00 | 00,520,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2005.04.04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys.83724678 -- (sptd)
DRV - [2009.11.25 00:50:59 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.11.23 08:43:30 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.11.23 08:43:30 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.11.23 08:43:28 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.08.20 10:11:30 | 00,073,232 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.03.24 14:19:07 | 00,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.03 17:11:23 | 00,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2008.12.03 08:39:45 | 06,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.08.18 12:02:02 | 00,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.08.18 12:02:01 | 00,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.11.13 11:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.06.29 10:12:48 | 00,089,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2007.06.29 10:12:48 | 00,081,728 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2007.06.29 10:12:48 | 00,079,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2007.06.29 10:12:47 | 00,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2007.06.29 10:12:47 | 00,006,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2007.06.20 21:27:46 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\vaxscsi.sys -- (vaxscsi)
DRV - [2007.02.22 11:15:56 | 00,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 11:15:14 | 00,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 11:15:14 | 00,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 11:15:14 | 00,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.11.15 07:34:00 | 04,225,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.08.14 14:09:48 | 00,083,200 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.07.01 21:42:58 | 00,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.06.26 10:33:40 | 00,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006.06.26 10:33:36 | 01,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006.06.26 10:33:28 | 01,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006.03.01 18:51:15 | 00,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.02.21 13:48:05 | 00,049,664 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.02.14 15:48:36 | 00,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.12.15 04:19:06 | 01,463,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.03.08 05:43:27 | 00,021,744 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005.03.08 05:43:26 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005.03.08 05:43:25 | 00,051,120 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2005.01.07 16:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.03 23:10:12 | 00,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004.08.03 23:10:12 | 00,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004.08.03 23:10:00 | 00,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2001.10.25 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [1997.12.23 03:02:46 | 00,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default = FA C9 D3 52 67 16 EC 4E 8B 4A C1 5C 2B D1 E3 DF [binary data]
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "YouTube Video Search"
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:2.0.2
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "YouTube Video Search"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.12.16 21:17:14 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.12.16 18:57:14 | 00,000,000 | ---D | M]

[2008.06.24 13:55:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2009.12.17 17:18:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions
[2008.02.22 18:02:59 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.04.03 15:38:08 | 00,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009.05.05 12:55:02 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.02.15 21:01:09 | 00,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.07.07 22:33:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\extensions\illimitux@illimitux.net
[2009.12.13 16:41:49 | 00,002,055 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\daemon-search.xml
[2009.12.16 21:27:20 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-1.xml
[2009.08.04 19:01:54 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-2.xml
[2009.09.12 20:32:20 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-3.xml
[2009.10.28 18:13:55 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-4.xml
[2009.11.06 20:06:55 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-5.xml
[2009.12.13 16:46:37 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-6.xml
[2009.07.22 10:11:21 | 00,000,944 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin.xml
[2009.02.15 21:01:05 | 00,003,915 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\sweetim.xml
[2008.01.05 00:02:27 | 00,001,437 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\yahoo-answers.xml
[2007.08.24 14:25:46 | 00,002,109 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\youtube-video-search.xml
[2009.12.13 20:08:14 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.11.11 08:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2007.03.02 00:08:58 | 00,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2005.04.27 21:10:49 | 00,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2009.10.28 18:13:08 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.10.28 18:13:08 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.10.28 18:13:08 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.10.28 18:13:08 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.10.28 18:13:08 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (737 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (no name) - {2951882A-72DF-4AED-9BAF-996FFDEB10B9} - No CLSID value found.
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (no name) - {52D3C9FA-1667-4EEC-8B4A-C15C2BD1E3Df} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5499bcb1-5641-4a4c-9f75-462d4d8d0da0} - No CLSID value found.
O2 - BHO: (no name) - {589F7E7F-0ADE-4DD9-A9CF-7A59ACEEAF92} - No CLSID value found.
O2 - BHO: (no name) - {b40515ff-c006-4841-9cb1-eddf83c368c0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C11483F7-D7D8-4804-98D8-6055470BB989} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C3CD744D-2FAE-4640-8297-16B5DA423104} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-682003330-1390067357-839522115-1003..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKU\S-1-5-21-682003330-1390067357-839522115-1003..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-682003330-1390067357-839522115-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra 'Tools' menuitem : Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll ()
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\xxyaBRiH) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.06.20 21:53:11 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007.08.14 01:30:58 | 00,402,696 | R--- | M] (Electronic Arts) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.10.02 18:40:41 | 00,000,000 | R--D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007.09.02 05:56:15 | 02,984,960 | R--- | M] () - D:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2007.09.02 05:50:18 | 00,000,136 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.06.20 21:52:40 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

[tomas06]

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55172544294027264)

========== Files/Folders - Created Within 7 Days ==========

[2009.12.17 20:27:36 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 10:02:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Plocha\Účty platby
[2009.12.17 09:13:21 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2009.12.16 20:39:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2009.12.16 20:16:16 | 00,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 20:16:13 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2009.12.16 20:16:13 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2009.12.16 20:16:13 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2009.12.16 20:16:13 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2009.12.16 20:16:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2009.12.16 20:16:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.12.15 21:35:51 | 00,000,000 | ---D | C] -- C:\Program Files\RegScrubXP
[2009.12.15 21:33:14 | 00,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2009.12.15 15:53:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Thunderbird
[2009.12.15 15:53:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.15 14:20:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:33 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009.12.15 14:17:58 | 00,000,000 | ---D | C] -- C:\Program Files\CPU Speed Pro
[2009.12.15 13:35:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2009.12.15 13:35:12 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009.12.15 13:35:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.12.15 13:35:08 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009.12.15 13:35:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.12.15 13:32:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Plocha\backups
[2009.12.15 13:26:11 | 00,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.14 18:02:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2009.12.13 17:14:19 | 00,000,000 | ---D | C] -- C:\Program Files\Alcohol 120
[2009.12.13 16:41:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:41:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:20:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.11.27 16:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.11.27 16:04:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.02.03 17:11:23 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.sys
[2008.11.11 17:33:51 | 00,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\implode.dll
[2008.08.17 22:08:40 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2008.08.17 22:04:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Mozilla
[2008.08.17 22:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Mozilla
[2008.05.10 07:53:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.06.20 22:06:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2009.12.17 22:34:32 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009.12.16 20:16:45 | 00,000,028 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2009.12.15 12:25:43 | 04,552,443 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 11:20:33 | 00,230,960 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:15:50 | 00,314,608 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.13 19:18:41 | 00,697,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.13 19:16:15 | 00,000,020 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:15:39 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 15:27:03 | 00,476,131 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[2009.12.13 12:40:15 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009.12.13 12:40:15 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009.12.02 18:58:38 | 00,019,344 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\b.exe
[2009.11.12 16:17:40 | 00,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI
[2009.11.03 20:18:39 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009.10.26 22:14:33 | 00,000,391 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.06.21 11:55:38 | 00,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009.06.14 18:13:13 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.03.30 16:59:07 | 00,000,020 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.02.28 14:02:03 | 01,537,536 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-hi.dll
[2009.02.28 14:02:03 | 00,360,448 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-lo.dll
[2009.02.03 17:11:38 | 00,000,671 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\vso_ts_preview.xml
[2009.02.03 17:11:30 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.log
[2009.02.03 17:11:23 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2009.02.03 17:11:23 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.cat
[2009.02.03 17:11:23 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.inf
[2008.12.03 08:39:45 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.12.03 08:39:45 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.12.03 08:39:45 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.12.03 08:39:45 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.12.03 08:39:45 | 00,007,237 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2008.11.11 17:33:53 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2008.11.11 17:33:52 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2008.10.26 13:45:48 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.10.25 17:22:12 | 00,000,050 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2008.10.25 17:21:51 | 00,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2008.08.18 12:02:02 | 00,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.08.18 12:02:01 | 00,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.06.28 10:22:03 | 00,002,023 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_PROTOCOL.log
[2008.06.28 10:22:03 | 00,000,571 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_UI.log
[2008.06.28 10:22:03 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008.06.28 10:22:03 | 00,000,106 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_API.log
[2008.05.19 18:24:52 | 00,004,712 | -HS- | C] () -- C:\WINDOWS\System32\lsfbyqfa.ini
[2008.04.21 18:32:20 | 00,000,769 | ---- | C] () -- C:\WINDOWS\Thps3.INI
[2008.03.24 15:52:02 | 00,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008.03.24 15:52:02 | 00,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007.12.28 15:07:13 | 00,044,681 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2007.12.28 15:07:13 | 00,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007.12.28 15:07:01 | 00,002,065 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\HPSU_48BitScanUpdate.log
[2007.12.28 15:07:01 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007.12.28 14:59:57 | 00,065,401 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Update_HP_RedboxHprblog_HPSU.log
[2007.12.28 14:59:57 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007.12.24 19:24:06 | 00,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.12.23 23:21:46 | 00,610,304 | ---- | C] () -- C:\WINDOWS\System32\dfxg115.dll
[2007.11.17 22:11:08 | 00,000,078 | ---- | C] () -- C:\WINDOWS\Rumble2.ini
[2007.10.12 13:21:25 | 00,000,027 | ---- | C] () -- C:\WINDOWS\ic.ini
[2007.09.29 14:13:41 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2007.09.28 12:44:51 | 00,002,803 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2007.08.20 13:00:47 | 00,020,247 | ---- | C] () -- C:\WINDOWS\msettings.ini
[2007.08.11 19:05:04 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.08.11 18:55:20 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.08.11 18:55:20 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.08.11 18:55:20 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.08.07 16:26:53 | 00,002,723 | -HS- | C] () -- C:\WINDOWS\oqtwyb.ini
[2007.08.05 14:27:18 | 01,199,773 | -HS- | C] () -- C:\WINDOWS\bccdfe.ini
[2007.06.26 16:33:36 | 00,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2007.06.24 10:16:53 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.06.23 18:20:42 | 00,107,520 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.21 02:19:47 | 00,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2007.06.20 21:32:59 | 00,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.06.20 21:31:34 | 00,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.06.20 20:32:42 | 00,001,103 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.03.29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006.10.28 19:57:48 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2006.06.26 10:33:40 | 00,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2005.10.14 11:56:50 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 00,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2004.08.17 14:49:10 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.03.18 17:40:32 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.03.18 17:40:24 | 00,667,648 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003.04.09 14:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.05.17 23:18:30 | 00,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001.07.06 14:30:00 | 00,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== LOP Check ==========

[2009.05.05 14:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\.BitTornado
[2009.05.05 12:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Azureus
[2007.07.01 17:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.02.03 17:01:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2009.05.09 09:45:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
[2009.02.18 12:31:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2007.06.22 16:37:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ Toolbar
[2008.05.28 15:59:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQLite
[2009.01.11 19:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Image Zone Express
[2007.12.25 11:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Leadertech
[2008.12.24 19:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia
[2008.12.27 17:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia Multimedia Player
[2008.09.01 15:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Opera
[2008.12.24 19:06:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PC Suite
[2007.12.28 15:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Printer Info Cache
[2007.09.17 17:55:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\RapidGet
[2009.04.18 19:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sachy
[2008.01.16 16:43:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Soldat
[2008.08.18 15:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SpieleEntwicklungsKombinat
[2007.06.29 10:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Teleca
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.02.14 16:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2008.01.11 18:24:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\XnView
[2009.05.05 12:55:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.07.14 23:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.24 19:03:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2008.12.24 19:06:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.03.11 17:57:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Phenomedia
[2008.08.18 12:08:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpieleEntwicklungsKombinat
[2009.02.15 21:23:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.10.06 18:58:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2008.08.17 22:13:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Winferno
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2009.10.25 09:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\rpc.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008.07.31 21:21:45 | 00,121,344 | ---- | M] () -- C:\bnupdate.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004.08.03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
[2007.06.20 21:27:46 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) MD5=92CEBC2BC7BE2C8D49391B365569F306 -- C:\WINDOWS\system32\drivers\vaxscsi.sys

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C46995DA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34
< End of report >
[2009.12.17 22:37:41 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:30:19 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009.12.17 22:30:08 | 00,000,000 | ---D | M] -- C:\Program Files\BitComet
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\MicroWorld
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.16 15:24:02 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009.12.16 15:22:17 | 00,000,000 | ---D | M] -- C:\Program Files\ATMA V
[2009.12.16 15:15:41 | 00,000,000 | ---D | M] -- C:\Program Files\RegScrubXP
[2009.12.15 21:47:11 | 00,000,000 | ---D | M] -- C:\Program Files\RegCleaner
[2009.12.15 15:54:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Thunderbird
[2009.12.15 15:53:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.15 14:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:38 | 00,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2009.12.15 14:20:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:12 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009.12.15 14:19:40 | 00,000,000 | ---D | M] -- C:\Program Files\CPU Speed Pro
[2009.12.15 13:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2009.12.15 13:35:19 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.12.15 13:35:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 18:02:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:49:38 | 00,000,000 | ---D | M] -- C:\Program Files\Alcohol 120
[2009.12.13 19:18:36 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 19:27:40 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009.12.11 19:27:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2009.12.11 18:29:41 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2009.12.11 18:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[2009.12.02 18:58:38 | 00,019,344 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\b.exe
[2009.11.27 16:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.11.27 16:04:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.02.14 16:49:02 | 00,000,033 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.log
[2009.02.14 16:49:01 | 00,087,608 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2009.02.14 16:49:01 | 00,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.sys
[2009.02.14 16:49:01 | 00,007,887 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.cat
[2009.02.14 16:49:01 | 00,001,144 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.inf
[2009.02.03 17:30:56 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\vso_ts_preview.xml
[2009.01.27 19:22:38 | 00,002,803 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2008.08.17 22:08:31 | 00,774,144 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2008.08.17 22:04:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Mozilla
[2008.08.17 22:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Mozilla
[2008.06.28 10:22:07 | 00,000,571 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_UI.log
[2008.06.28 10:22:05 | 00,000,106 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_API.log
[2008.06.28 10:22:04 | 00,002,023 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_PROTOCOL.log
[2008.05.10 07:53:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.12.28 16:00:24 | 00,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.12.28 15:07:18 | 00,044,681 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2007.12.28 15:07:04 | 00,002,065 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\HPSU_48BitScanUpdate.log
[2007.12.28 15:00:29 | 00,065,401 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Update_HP_RedboxHprblog_HPSU.log
[2007.06.21 02:19:47 | 00,000,125 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2007.06.20 23:28:12 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
[2007.06.20 23:28:12 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Admin\Data aplikací\desktop.ini
[2007.06.20 22:06:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[tomas06]

========== Files - Modified Within 7 Days ==========

[2009.12.17 22:38:06 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== LOP Check ==========

[2009.05.05 14:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\.BitTornado
[2009.05.05 12:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Azureus
[2007.07.01 17:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.02.03 17:01:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2009.05.09 09:45:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
[2009.02.18 12:31:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2007.06.22 16:37:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ Toolbar
[2008.05.28 15:59:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQLite
[2009.01.11 19:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Image Zone Express
[2007.12.25 11:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Leadertech
[2008.12.24 19:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia
[2008.12.27 17:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia Multimedia Player
[2008.09.01 15:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Opera
[2008.12.24 19:06:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PC Suite
[2007.12.28 15:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Printer Info Cache
[2007.09.17 17:55:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\RapidGet
[2009.04.18 19:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sachy
[2008.01.16 16:43:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Soldat
[2008.08.18 15:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SpieleEntwicklungsKombinat
[2007.06.29 10:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Teleca
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.02.14 16:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2008.01.11 18:24:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\XnView
[2009.05.05 12:55:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.07.14 23:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.24 19:03:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2008.12.24 19:06:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.03.11 17:57:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Phenomedia
[2008.08.18 12:08:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpieleEntwicklungsKombinat
[2009.02.15 21:23:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.10.06 18:58:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2008.08.17 22:13:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Winferno
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2009.10.25 09:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\rpc.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008.07.31 21:21:45 | 00,121,344 | ---- | M] () -- C:\bnupdate.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004.08.03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
[2007.06.20 21:27:46 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) MD5=92CEBC2BC7BE2C8D49391B365569F306 -- C:\WINDOWS\system32\drivers\vaxscsi.sys

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C46995DA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34

< End of report >
[2009.12.17 22:38:56 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:30:19 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009.12.17 22:30:08 | 00,000,000 | ---D | M] -- C:\Program Files\BitComet
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\MicroWorld
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.12.16 15:24:02 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009.12.16 15:22:17 | 00,000,000 | ---D | M] -- C:\Program Files\ATMA V
[2009.12.16 15:15:41 | 00,000,000 | ---D | M] -- C:\Program Files\RegScrubXP
[2009.12.15 21:47:11 | 00,000,000 | ---D | M] -- C:\Program Files\RegCleaner
[2009.12.15 15:54:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Thunderbird
[2009.12.15 15:53:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.15 14:20:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:38 | 00,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2009.12.15 14:20:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SUPERAntiSpyware.com
[2009.12.15 14:20:12 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009.12.15 14:19:40 | 00,000,000 | ---D | M] -- C:\Program Files\CPU Speed Pro
[2009.12.15 13:35:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2009.12.15 13:35:19 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009.12.15 13:35:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 18:02:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:49:38 | 00,000,000 | ---D | M] -- C:\Program Files\Alcohol 120
[2009.12.13 19:18:36 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 19:27:40 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2009.12.11 19:27:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2009.12.11 18:29:41 | 00,000,000 | ---D | M] -- C:\Program Files\DivX
[2009.12.11 18:28:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[2009.12.02 18:58:38 | 00,019,344 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\b.exe
[2009.11.27 16:27:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.11.27 16:04:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.02.14 16:49:02 | 00,000,033 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.log
[2009.02.14 16:49:01 | 00,087,608 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2009.02.14 16:49:01 | 00,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.sys
[2009.02.14 16:49:01 | 00,007,887 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.cat
[2009.02.14 16:49:01 | 00,001,144 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.inf
[2009.02.03 17:30:56 | 00,000,671 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\vso_ts_preview.xml
[2009.01.27 19:22:38 | 00,002,803 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2008.08.17 22:08:31 | 00,774,144 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2008.08.17 22:04:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Mozilla
[2008.08.17 22:04:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Mozilla
[2008.06.28 10:22:07 | 00,000,571 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_UI.log
[2008.06.28 10:22:05 | 00,000,106 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_API.log
[2008.06.28 10:22:04 | 00,002,023 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Hewlett-PackardHP PSC 1500 series1190980337_PROTOCOL.log
[2008.05.10 07:53:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.12.28 16:00:24 | 00,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.12.28 15:07:18 | 00,044,681 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\PatchUpdate_HP_CounterReport_Update_HPSU.log
[2007.12.28 15:07:04 | 00,002,065 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\HPSU_48BitScanUpdate.log
[2007.12.28 15:00:29 | 00,065,401 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Update_HP_RedboxHprblog_HPSU.log
[2007.06.21 02:19:47 | 00,000,125 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2007.06.20 23:28:12 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
[2007.06.20 23:28:12 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Admin\Data aplikací\desktop.ini
[2007.06.20 22:06:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2007.06.20 21:52:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2009.12.17 22:39:21 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2009.12.17 22:28:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.12.17 22:28:43 | 00,203,188 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.12.17 22:28:36 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.12.17 22:27:52 | 13,631,488 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009.12.17 22:25:51 | 02,108,342 | -H-- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\IconCache.db
[2009.12.17 20:27:43 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2009.12.17 18:27:12 | 00,025,048 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2009.12.17 16:37:47 | 00,000,111 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2009.12.17 16:23:09 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.17 09:47:48 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Microsoft Office Word 2003.lnk
[2009.12.16 20:16:45 | 00,000,028 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2009.12.16 20:16:15 | 00,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2009.12.16 18:00:00 | 00,000,408 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job
[2009.12.16 16:05:07 | 00,132,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.12.15 13:26:22 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Admin\Plocha\hijackthis.exe
[2009.12.15 12:32:13 | 04,552,443 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\03 meet me halfway.mp3
[2009.12.15 12:24:51 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009.12.15 11:17:10 | 00,230,960 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01388.JPG
[2009.12.15 11:13:38 | 00,314,608 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01387.JPG
[2009.12.14 19:55:02 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2009.12.13 19:15:39 | 00,000,004 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\avdrn.dat
[2009.12.13 16:33:19 | 00,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.83724678
[2009.12.13 12:40:15 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009.12.12 16:51:40 | 00,107,520 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.11 09:44:14 | 00,476,131 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC01942.JPG
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== LOP Check ==========

[2009.05.05 14:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\.BitTornado
[2009.05.05 12:56:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Azureus
[2007.07.01 17:06:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BitTorrent
[2009.12.13 16:41:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2009.02.03 17:01:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2009.05.09 09:45:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
[2009.02.18 12:31:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2007.06.22 16:37:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ Toolbar
[2008.05.28 15:59:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQLite
[2009.01.11 19:50:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Image Zone Express
[2007.12.25 11:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Leadertech
[2008.12.24 19:11:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia
[2008.12.27 17:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nokia Multimedia Player
[2008.09.01 15:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Opera
[2008.12.24 19:06:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PC Suite
[2007.12.28 15:11:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Printer Info Cache
[2007.09.17 17:55:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\RapidGet
[2009.04.18 19:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sachy
[2008.01.16 16:43:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Soldat
[2008.08.18 15:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\SpieleEntwicklungsKombinat
[2007.06.29 10:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Teleca
[2009.12.15 15:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2009.12.13 16:20:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2009.02.14 16:49:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2008.01.11 18:24:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\XnView
[2009.05.05 12:55:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.12.13 16:41:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.07.14 23:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.24 19:03:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.12.16 20:16:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2008.12.24 19:06:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.03.11 17:57:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Phenomedia
[2008.08.18 12:08:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpieleEntwicklungsKombinat
[2009.02.15 21:23:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.12.16 15:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.10.06 18:58:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2008.08.17 22:13:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Winferno
[2009.12.17 22:28:52 | 00,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2009.10.25 09:00:00 | 00,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\rpc.job


========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008.07.31 21:21:45 | 00,121,344 | ---- | M] () -- C:\bnupdate.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004.08.03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
[2007.06.20 21:27:46 | 00,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) MD5=92CEBC2BC7BE2C8D49391B365569F306 -- C:\WINDOWS\system32\drivers\vaxscsi.sys

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C46995DA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34

< End of report >

[pitimir]

Dal si sem 2x ten isty log...

Skopiruj v OTL do policka pod nazvom "Custom Scans/Fixes":

Kód: Vybrat vše

:otl
SRV - File not found [Auto | Stopped] -- -- (wscsvcStarWindService)
SRV - File not found [Auto | Stopped] -- -- (RasManaswUpdSv)
SRV - File not found [Auto | Stopped] -- -- (oseRDSessMgr)
SRV - File not found [Auto | Stopped] -- -- (oseMSDTC)
SRV - File not found [Auto | Stopped] -- -- (ERSvcLVPrcSrv)
SRV - File not found [Auto | Stopped] -- -- (ASKUpgrade)
SRV - File not found [Auto | Stopped] -- -- (ASKService)
SRV - File not found [On_Demand | Stopped] -- -- (AresChatServer)
SRV - File not found [Auto | Stopped] -- -- (AppMgmtERSvcLVPrcSrv)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default = FA C9 D3 52 67 16 EC 4E 8B 4A C1 5C 2B D1 E3 DF [binary data]
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
[2009.12.13 16:41:49 | 00,002,055 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\daemon-search.xml
[2009.12.16 21:27:20 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-1.xml
[2009.08.04 19:01:54 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-2.xml
[2009.09.12 20:32:20 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-3.xml
[2009.10.28 18:13:55 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-4.xml
[2009.11.06 20:06:55 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-5.xml
[2009.12.13 16:46:37 | 00,000,961 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-6.xml
[2009.07.22 10:11:21 | 00,000,944 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin.xml
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (no name) - {2951882A-72DF-4AED-9BAF-996FFDEB10B9} - No CLSID value found.
O2 - BHO: (no name) - {52D3C9FA-1667-4EEC-8B4A-C15C2BD1E3Df} - No CLSID value found.
O2 - BHO: (no name) - {5499bcb1-5641-4a4c-9f75-462d4d8d0da0} - No CLSID value found.
O2 - BHO: (no name) - {589F7E7F-0ADE-4DD9-A9CF-7A59ACEEAF92} - No CLSID value found.
O2 - BHO: (no name) - {b40515ff-c006-4841-9cb1-eddf83c368c0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C11483F7-D7D8-4804-98D8-6055470BB989} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {C3CD744D-2FAE-4640-8297-16B5DA423104} - No CLSID value found.
O3 - HKU\S-1-5-21-682003330-1390067357-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\xxyaBRiH) - File not found
[2009.12.17 22:34:32 | 00,697,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\okpfkoo.sys
[2009.12.14 15:57:29 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat
[2008.05.19 18:24:52 | 00,004,712 | -HS- | C] () -- C:\WINDOWS\System32\lsfbyqfa.ini
[2007.08.07 16:26:53 | 00,002,723 | -HS- | C] () -- C:\WINDOWS\oqtwyb.ini
[2007.08.05 14:27:18 | 01,199,773 | -HS- | C] () -- C:\WINDOWS\bccdfe.ini
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C46995DA
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34

:files
C:\Documents and Settings\Admin\Data aplikací\ICQ Toolbar

:commands
[emptytemp]
[reboot]

Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.

[tomas06]

All processes killed
========== OTL ==========
Service wscsvcStarWindService stopped successfully!
Service wscsvcStarWindService deleted successfully!
Service RasManaswUpdSv stopped successfully!
Service RasManaswUpdSv deleted successfully!
Service oseRDSessMgr stopped successfully!
Service oseRDSessMgr deleted successfully!
Service oseMSDTC stopped successfully!
Service oseMSDTC deleted successfully!
Service ERSvcLVPrcSrv stopped successfully!
Service ERSvcLVPrcSrv deleted successfully!
Service ASKUpgrade stopped successfully!
Service ASKUpgrade deleted successfully!
Service ASKService stopped successfully!
Service ASKService deleted successfully!
Service AresChatServer stopped successfully!
Service AresChatServer deleted successfully!
Service AppMgmtERSvcLVPrcSrv stopped successfully!
Service AppMgmtERSvcLVPrcSrv deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-682003330-1390067357-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default| /E!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\8eeswhdp.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2951882A-72DF-4AED-9BAF-996FFDEB10B9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2951882A-72DF-4AED-9BAF-996FFDEB10B9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52D3C9FA-1667-4EEC-8B4A-C15C2BD1E3Df}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52D3C9FA-1667-4EEC-8B4A-C15C2BD1E3Df}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5499bcb1-5641-4a4c-9f75-462d4d8d0da0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5499bcb1-5641-4a4c-9f75-462d4d8d0da0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{589F7E7F-0ADE-4DD9-A9CF-7A59ACEEAF92}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{589F7E7F-0ADE-4DD9-A9CF-7A59ACEEAF92}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b40515ff-c006-4841-9cb1-eddf83c368c0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b40515ff-c006-4841-9cb1-eddf83c368c0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AE33802-00D3-4F1B-B5C7-6FEE34E402CE}\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AE33802-00D3-4F1B-B5C7-6FEE34E402CE}\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C11483F7-D7D8-4804-98D8-6055470BB989} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C11483F7-D7D8-4804-98D8-6055470BB989}\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C3CD744D-2FAE-4640-8297-16B5DA423104} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3CD744D-2FAE-4640-8297-16B5DA423104}\ not found.
Registry value HKEY_USERS\S-1-5-21-682003330-1390067357-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\ deleted successfully.
File About:Home not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:C:\WINDOWS\system32\xxyaBRiH deleted successfully.
File move failed. C:\WINDOWS\system32\drivers\okpfkoo.sys scheduled to be moved on reboot.
C:\Documents and Settings\Admin\Data aplikací\fvgqad.dat moved successfully.
C:\WINDOWS\system32\lsfbyqfa.ini moved successfully.
C:\WINDOWS\oqtwyb.ini moved successfully.
C:\WINDOWS\bccdfe.ini moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:C46995DA deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:5C321E34 deleted successfully.
========== FILES ==========
C:\Documents and Settings\Admin\Data aplikací\ICQ Toolbar folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 212628064 bytes
->Temporary Internet Files folder emptied: 4537744 bytes
->Java cache emptied: 14281 bytes
->FireFox cache emptied: 56319971 bytes
->Opera cache emptied: 121044885 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 17607069 bytes
->FireFox cache emptied: 1890612 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 99520722 bytes

%systemdrive% .tmp files removed: 2560 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 1107912 bytes
Windows Temp folder emptied: 580069 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 709904384 bytes

Total Files Cleaned = 1170,54 mb


OTL by OldTimer - Version 3.1.17.0 log created on 12182009_152557

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\system32\drivers\okpfkoo.sys scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_2a0.dat not found!

Registry entries deleted on Reboot...


a omlouvam se jestli sem tam dal 2x ten isty log mam to udelat znova?