prosím o kontrolu Logu

Alan-K · Příspěvekod **Alan-K** » 24 kvě 2010 18:24

Tak Tě zase zdravim, moc se omlouvám, snad mi nebudeš moc nadávat.......změnil se, tedy snížil se běh procesů na 51 (z myslím 63), PC je určitě pružnější, ale vypínání a tentokrát i náběh byl zoufalý......opravdu dlouhý. Tak bez Tvého svolení jsem použil MWAV co je tu v topicu a udělal scan, který trval 4:11:34 a výsledek mě šokoval....to trochu přeháním, ale že bych byl v klidu, to nejsem.

Virus log information:
Object "NULLBYTE Spyware/Adware" found in File System! Action Taken: Entries Removed.
Object "Spyware.NetScreenWatch Spyware/Adware" found in File System! Action Taken: File Deleted.
Object "Cydoor.TOPicks.a Spyware/Adware" found in File System! Action Taken: File Deleted.
Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.
Object "RegSort Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
Object "Winvestigator Commercial KeyLogger" found in File System! Action Taken: Entries Removed.
Object "Conficker.C Worm" found in File System! Action Taken: Entries Removed.
Entry "HKCR\Access.AccDictionary.1" refers to invalid object "{6460C4D3-7B41-20C0-988C-4652A0E6F836}". Action Taken: Entries Removed.
Entry "HKCR\AcroIEHelperShim.AcroIEHelperShimObj" refers to invalid object "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}". Action Taken: Entries Removed.
Entry "HKCR\JavaPlugin.FamilyVersionSupport" refers to invalid object "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}". Action Taken: Entries Removed.
Entry "HKCR\RPShellExtension.QTExtractImage" refers to invalid object "{9BAF2374-771E-437b-A752-2B584A5B9200}". Action Taken: Entries Removed.
Entry "HKCR\RPShellExtension.RPExtractImage" refers to invalid object "{F2DE7395-2AE7-4b40-A159-F7EF3C266D9C}". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\Program Files\Creative\Shared Files\Software Update\CTPID.ocx". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\CTPID.ocx". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\CTSUEngn.ocx". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.8\CTSUEngn.ocx". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\gp.ocx". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\MVSGif.ocx". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\sysreqlab3.dll". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\system32\qdiagh.ocx". Action Taken: Entries Removed.
Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "". Action Taken: Entries Removed.
File C:\WINDOWS\NIRCMD.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.
File C:\Documents and Settings\Alan\Dokumenty\DVDFab\Temp\Update\Update.exe tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMCoreA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMCoreB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMCoreC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMCoreD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMCoreE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMDataServicesA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMDataServicesB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMDataServicesC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMDataServicesD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMDataServicesE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreF.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreG.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreH.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreI.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreJ.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMSearchA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMSearchB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMSearchC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMSearchD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\Common Files\Nero\Lib\NMSearchE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\Program Files\TC UP\PLUGINS\Media\FreeDownloadManager\Firefox\extension\components\component.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063094.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063099.pif infected by "Malware.Win32 (ES)" Virus! Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063101.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063142.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063261.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063266.pif infected by "Malware.Win32 (ES)" Virus! Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063268.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063312.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063314.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063315.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063316.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063317.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063318.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063319.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063320.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063321.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063322.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063323.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063324.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063325.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063326.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063327.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063328.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063329.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063330.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063331.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063332.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063333.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063334.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063335.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063336.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063337.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063338.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.
File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063339.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

A tady je MWAV Log:

24 V 2010 13:51:26 - **********************************************************

24 V 2010 13:51:26 - eScan Anti Virus & Spyware Toolkit Utility.

24 V 2010 13:51:26 - Copyright © MicroWorld Technologies

24 V 2010 13:51:26 - **********************************************************

24 V 2010 13:51:26 - Source: C:\DOCUME~1\Alan\Plocha\mwav.exe

24 V 2010 13:51:26 - Version 12.0.19 (C:\DOCUMENTS AND SETTINGS\ALAN\LOCAL SETTINGS\TEMP\MEXETMP.EX~)

24 V 2010 13:51:26 - Log File: C:\Documents and Settings\Alan\Local Settings\temp\MWAV.LOG

24 V 2010 13:51:26 - MWAV Registered: TRUE

24 V 2010 13:51:26 - User Account: Alan (Administrator Mode)

24 V 2010 13:51:26 - OS Type: Windows Workstation

24 V 2010 13:51:26 - OS: Windows XP [OS Install Date: 05 Sep 2008 22:46:15]

24 V 2010 13:51:26 - Ver: Service Pack 3 (Build 2600)

24 V 2010 13:51:26 - System Up Time: 36 Minutes, 5 Seconds

24 V 2010 13:51:26 - Windows Root Folder: C:\WINDOWS

24 V 2010 13:51:26 - Windows Sys32 Folder: C:\WINDOWS\system32

24 V 2010 13:51:26 - DHCP NameServer: 10.0.0.138

24 V 2010 13:51:26 - Interface0 DHCPNameServer: 10.0.0.138

24 V 2010 13:51:26 - Local Fixed Drives: c:\,d:\,e:\,f:\,g:\,j:\

24 V 2010 13:51:26 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)

24 V 2010 13:51:26 - [CREATED ZIP FILE: C:\Documents and Settings\Alan\Local Settings\temp\pinfect.zip]

24 V 2010 13:51:26 - ****** Files/Folders created/modified during last fortnight in Windows and ROOT Folder ******

24 V 2010 13:51:27 - C:\WINDOWS\MBR.exe (77312), 23-May-2010 [Added C:\WINDOWS\MBR.exe to ZIP FILE]

24 V 2010 13:51:27 - C:\WINDOWS\NIRCMD.exe (31232), 23-May-2010, NirSoft, NirCmd

24 V 2010 13:51:27 - C:\WINDOWS\R.COM (147968), 24-May-2010, Microsoft Corporation, Microsoft® Windows® Operating System

24 V 2010 13:51:27 - C:\WINDOWS\SWREG.exe (161792), 23-May-2010, SteelWerX, SteelWerX Registry Editor

24 V 2010 13:51:27 - C:\WINDOWS\SWSC.exe (136704), 23-May-2010, SteelWerX, SteelWerX Service Controller

24 V 2010 13:51:27 - C:\WINDOWS\SWXCACLS.exe (212480), 23-May-2010, SteelWerX, SteelWerX Extended Configurator ACLists

24 V 2010 13:51:28 - C:\WINDOWS\system32\ac3filter.acm (421888), 20-May-2010 [Added C:\WINDOWS\system32\ac3filter.acm to ZIP FILE]

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DCompiler_36.dll (1374232), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DCompiler_37.dll (1420824), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DCompiler_38.dll (1491992), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DCompiler_39.dll (1493528), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DCompiler_40.dll (2036576), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DCompiler_41.dll (1846632), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DCompiler_42.dll (1974616), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dcsx_42.dll (5501792), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx10_36.dll (444776), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx10_37.dll (462864), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx10_38.dll (467984), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx10_39.dll (467984), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx10_40.dll (452440), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx10_41.dll (453456), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx10_42.dll (453456), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx11_42.dll (235344), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\d3dx9_36.dll (3734536), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DX9_37.dll (3786760), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DX9_38.dll (3850760), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DX9_39.dll (3851784), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DX9_40.dll (4379984), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DX9_41.dll (4178264), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\D3DX9_42.dll (1892184), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\deployJava1.dll (411368), 20-May-2010, Sun Microsystems, Inc., Java(TM) Platform SE 6 U20

24 V 2010 13:51:28 - C:\WINDOWS\system32\eEmpty.exe (34048), 24-May-2010, MicroWorld Technologies Inc., eScan For Windows

24 V 2010 13:51:28 - C:\WINDOWS\system32\javacpl.cpl (73728), 20-May-2010, Sun Microsystems, Inc., Java(TM) Platform SE 6 U20

24 V 2010 13:51:28 - C:\WINDOWS\system32\OpenAL32.dll (109144), 18-May-2010, Portions (C) Creative Labs Inc. and NVIDIA Corp., Standard OpenAL(TM) Library

24 V 2010 13:51:28 - C:\WINDOWS\system32\T.COM (137216), 24-May-2010, Microsoft Corporation, Microsoft(R) Windows (R) 2000 Operating System

24 V 2010 13:51:28 - C:\WINDOWS\system32\TASKMGR.COM (137216), 24-May-2010, Microsoft Corporation, Microsoft(R) Windows (R) 2000 Operating System

24 V 2010 13:51:28 - C:\WINDOWS\system32\wrap_oal.dll (445016), 18-May-2010, Creative Labs, Creative Labs OpenAL32

24 V 2010 13:51:28 - C:\WINDOWS\system32\X3DAudio1_3.dll (25608), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\X3DAudio1_4.dll (25608), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\X3DAudio1_5.dll (23376), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\X3DAudio1_6.dll (22360), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\X3DAudio1_7.dll (22360), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine2_10.dll (267272), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine3_0.dll (238088), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine3_1.dll (238088), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine3_2.dll (238088), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine3_3.dll (235856), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine3_4.dll (235352), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine3_5.dll (238936), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\xactengine3_6.dll (238936), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\XAPOFX1_0.dll (65032), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\XAPOFX1_1.dll (68616), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:28 - C:\WINDOWS\system32\XAPOFX1_2.dll (70992), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAPOFX1_3.dll (69464), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAPOFX1_4.dll (74072), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAudio2_0.dll (479752), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAudio2_1.dll (507400), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAudio2_2.dll (509448), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAudio2_3.dll (514384), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAudio2_4.dll (517448), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAudio2_5.dll (515416), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\WINDOWS\system32\XAudio2_6.dll (528216), 17-May-2010, Microsoft Corporation, Microsoft® DirectX for Windows®

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\BACKUP.11671991.mexe.com (2353736), 24-May-2010, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\bdc.exe (91904), 24-May-2010, MicroWorld Tech, eScan

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\bdfltlib2k.dll (231944), 24-May-2010, MicroWorld Technologies Inc., eScan for Windows

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\clean.bat (11), 24-May-2010 [Added C:\DOCUME~1\Alan\LOCALS~1\Temp\clean.bat to ZIP FILE]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\DEVCON.EXE (61184), 24-May-2010, Microsoft Corporation, Microsoft® Windows® Operating System

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\download.exe (934920), 24-May-2010, MicroWorld Technologies Inc., eScan

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\eEmpty.exe (34048), 24-May-2010, MicroWorld Technologies Inc., eScan For Windows

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\encdec.dll (120328), 24-May-2010, MicroWorld Technologies Inc., eScan/MailScan/eConceal

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\erootdrv.sys (13832), 24-May-2010, MicroWorld Technologies Inc., eScan/MWAV

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\mexe.com (2386504), 24-May-2010, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\msvclnt.dll (236040), 24-May-2010, MicroWorld Technologies Inc., MailScan

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\MWAVSCAN.COM (2353736), 24-May-2010, MicroWorld Technologies Inc., MicroWorld AntiVirus Toolkit Utility (MWAV)

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\plugins.htm (3498), 24-May-2010 [Added C:\DOCUME~1\Alan\LOCALS~1\Temp\plugins.htm to ZIP FILE]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\red32.dll (10248), 24-May-2010, Microsoft Corporation, Microsoft® Windows® Operating System

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\reload.exe (154632), 24-May-2010, MicroWorld Technologies Inc., eScan for Windows

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\setpriv.exe (64008), 24-May-2010, MicroWorld Technologies Inc, eScan AntiVirus Toolkit Utility

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\unregx.exe (61960), 24-May-2010, MicroWorld Technologies Inc, MicroWorld AntiVirus Toolkit Utility

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\UPDLL10.DLL (747528), 12-May-2010, MicroWorld Technologies Inc., eScan/MailScan/MWAV

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\viewtcp.exe (573960), 24-May-2010, MicroWorld Technologies Inc., ViewTCP

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\0CA96315C2.sys (8), 03-Feb-2010 [HSR] [Added C:\Documents and Settings\All Users\Data aplikací\0CA96315C2.sys to ZIP FILE]

24 V 2010 13:51:29 - C:\WINDOWS\$hf_mig$, 20-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\CSC, 18-Mar-2007 [HS] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\ERDNT, 23-May-2010 [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\Fonts, 20-Apr-2006 [SR] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\ftpcache, 01-Nov-2008 [HS] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\ie7, 05-Jan-2008 [H] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\ie8, 22-May-2009 [H] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\inf, 20-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\logo_1.exe, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\Logs, 17-May-2010 [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\PIF, 18-Dec-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\RUNDL132.EXE, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\ShellNew, 28-May-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\VDLL.DLL, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\WINDOWS\system32\runouce.exe, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\cmdcons, 20-Nov-2008 [HSR] [Folder]

24 V 2010 13:51:29 - C:\ComboFix, 23-May-2010 [Folder]

24 V 2010 13:51:29 - C:\MoTemp, 17-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Qoobox, 23-May-2010 [Folder]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\AVCBack, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\FtpTemp, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\FtpTempF, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\Log, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\plugins, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\DOCUME~1\Alan\LOCALS~1\Temp\tmp0000584c, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\GetRightToGo, 19-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\GTek, 17-Dec-2008 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\Microsoft, 19-Apr-2006 [S] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\Data aplikací, 19-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\Dokumenty, 19-Apr-2006 [S] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\IECompatCache, 22-May-2009 [HS] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\IETldCache, 22-May-2009 [HS] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\Local Settings, 19-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\Okolní síť, 19-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\Okolní tiskárny, 19-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\PrivacIE, 22-May-2009 [HS] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\Recent, 24-May-2010 [HS] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\SendTo, 19-Apr-2006 [HR] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\UserData, 19-Apr-2006 [HS] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\Alan\Data aplikací\..\Šablony, 19-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\Apple, 19-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\ArcSoft, 05-Jan-2009 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\GTek, 17-Dec-2008 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\IObit, 17-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\Microsoft, 20-Apr-2006 [S] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\MicroWorld, 24-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters, 19-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc, 19-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\{5E80195C-322F-4958-B480-817CAC450BC4}, 04-Oct-2009 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\..\Data aplikací, 20-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\..\DRM, 19-Apr-2006 [HS] [Folder]

24 V 2010 13:51:29 - C:\Documents and Settings\All Users\Data aplikací\..\Šablony, 20-Apr-2006 [H] [Folder]

24 V 2010 13:51:29 - C:\Program Files\Alcohol Soft, 13-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\AnalogX, 18-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\CanonBJ, 12-Jun-2007 [H] [Folder]

24 V 2010 13:51:29 - C:\Program Files\Creative Installation Information, 09-Dec-2009 [H] [Folder]

24 V 2010 13:51:29 - C:\Program Files\jv16 PowerTools 2009, 18-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\PC Drivers HeadQuarters, 19-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\QuickTime, 19-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\Sony Setup, 20-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\XP Codec Pack, 20-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\Common Files\Apple, 19-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\Common Files\Creative Labs Shared, 18-May-2010 [Folder]

24 V 2010 13:51:29 - C:\Program Files\Common Files\MicroWorld, 24-May-2010 [Folder]

24 V 2010 13:51:29 - *********************************************************************************************

24 V 2010 13:51:29 - Command Line Options Given: /xsign

24 V 2010 13:51:41 - Latest Date of files inside MWAV: Mon May 24 13:09:49 2010.

24 V 2010 13:51:41 - Plugins FileCount: 681 Sign Version: 7.31809

24 V 2010 13:51:42 - Loading/Creating FileScan Database C:\Documents and Settings\All Users\Data aplikací\MicroWorld\MWAV\ESCANDBX.MDB [Log: C:\Documents and Settings\Alan\Local Settings\temp\ESCANDB.LOG]

24 V 2010 13:51:42 - Loaded/Created FileScan Database...

24 V 2010 13:51:42 - Loading AV Library [DB]...

24 V 2010 13:51:44 - AV Library Loaded [DB-DIRECT].

24 V 2010 13:51:44 - MWAV doing self scanning...

24 V 2010 13:51:45 - MWAV files are clean.
24 V 2010 13:51:53 - Virus Database Date: 24 May 2010
24 V 2010 13:51:53 - Virus Database Count: 6064267

24 V 2010 13:52:17 - **********************************************************
24 V 2010 13:52:17 - eScan Anti Virus & Spyware Toolkit Utility.
24 V 2010 13:52:17 - Copyright © MicroWorld Technologies
24 V 2010 13:52:17 -
24 V 2010 13:52:17 - Support: support@escanav.com
24 V 2010 13:52:17 - Web: http://www.escanav.com
24 V 2010 13:52:17 - **********************************************************
24 V 2010 13:52:17 - Version 12.0.19[DB] (C:\DOCUMENTS AND SETTINGS\ALAN\LOCAL SETTINGS\TEMP\MEXETMP.EX~)
24 V 2010 13:52:17 - Log File: C:\Documents and Settings\Alan\Local Settings\temp\MWAV.LOG
24 V 2010 13:52:17 - User Account: Alan (Administrator Mode)
24 V 2010 13:52:17 - Windows Root Folder: C:\WINDOWS
24 V 2010 13:52:17 - Windows Sys32 Folder: C:\WINDOWS\system32
24 V 2010 13:52:17 - OS: Windows XP [OS Install Date: 05 Sep 2008 22:46:15]
24 V 2010 13:52:17 - Ver: Service Pack 3 (Build 2600)
24 V 2010 13:52:17 - Latest Date of files inside MWAV: Mon May 24 13:09:49 2010.
24 V 2010 13:52:17 - Plugins FileCount: 681 Sign Version: 7.31809

24 V 2010 13:52:17 - Options Selected by User:
24 V 2010 13:52:17 - Memory Check: Enabled
24 V 2010 13:52:17 - Registry Check: Enabled
24 V 2010 13:52:17 - StartUp Folder Check: Enabled
24 V 2010 13:52:17 - System Folder Check: Enabled
24 V 2010 13:52:17 - Services Check: Enabled
24 V 2010 13:52:17 - Scan Spyware: Enabled
24 V 2010 13:52:17 - Drive Check: Enabled
24 V 2010 13:52:17 - All Drive Check

isabled
24 V 2010 13:52:17 - Drive Selected = C:\
24 V 2010 13:52:17 - Folder Check: Disabled
24 V 2010 13:52:17 - SCAN: All_Files
24 V 2010 13:52:17 - MWAV Mode: Scan and Clean files (for viruses, adware and spyware)

24 V 2010 13:52:17 - ***** Scanning Memory Files *****

24 V 2010 13:52:47 - ***** Scanning Registry Files *****
24 V 2010 13:52:59 - ERROR(3)!!! Invalid Entry vidc.LEAD = LCODCCMP.DLL (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.
24 V 2010 13:52:59 - ERROR(3)!!! Invalid Entry vidc.CDV5 = cdv5codc.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.
24 V 2010 13:52:59 - ERROR(3)!!! Invalid Entry vidc.CLLC = cllccodc.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.
24 V 2010 13:52:59 - ERROR(3)!!! Invalid Entry vidc.CUVC = cuvccodc.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.
24 V 2010 13:52:59 - ERROR(3)!!! Invalid Entry vidc.CDVH = cdvhcodc.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.
24 V 2010 13:52:59 - ERROR(3)!!! Invalid Entry vidc.CMIC = cmiccodc.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

24 V 2010 13:53:00 - ***** Scanning StartUp Folders *****

24 V 2010 13:53:11 - ***** Scanning Service Files *****
24 V 2010 13:53:11 - ERROR(2)!!! Invalid Entry system32\drivers\ALCXSENS.SYS. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\ALCXSENS.
24 V 2010 13:53:13 - ERROR(2)!!! Invalid Entry \??\C:\WINDOWS\system32\drivers\ASUSHWIO.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\ASUSHWIO.
24 V 2010 13:53:14 - ERROR(2)!!! Invalid Entry \??\C:\DOCUME~1\Alan\LOCALS~1\Temp\catchme.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\catchme.
24 V 2010 13:53:14 - ERROR(2)!!! Invalid Entry \??\C:\DOCUME~1\Alan\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\cpuz132.
24 V 2010 13:53:15 - ERROR(2)!!! Invalid Entry system32\drivers\cx88vid.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\CX23880.
24 V 2010 13:53:15 - ERROR(2)!!! Invalid Entry system32\drivers\cxavxbar.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\CXAVXBAR.
24 V 2010 13:53:15 - ERROR(2)!!! Invalid Entry system32\drivers\CX88TUNE.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\CXTUNE.
24 V 2010 13:53:17 - ERROR(2)!!! Invalid Entry \??\H:\INSTALL\GMSIPCI.SYS. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\GMSIPCI.
24 V 2010 13:53:20 - ERROR(2)!!! Invalid Entry system32\DRIVERS\nvcap.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\nvcap.
24 V 2010 13:53:23 - C:\WINDOWS\system32\Drivers\sptd.sys not Scanned. Possibly password protected...
24 V 2010 13:53:25 - ERROR(2)!!! Invalid Entry system32\DRIVERS\SymIM.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\SymIM.
24 V 2010 13:53:25 - ERROR(2)!!! Invalid Entry system32\DRIVERS\SymIM.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\SymIMMP.

24 V 2010 13:53:27 - ***** Scanning Registry and File system for Adware/Spyware *****
24 V 2010 13:53:29 - Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\Alan\LOCALS~1\temp\spydb.avs, Size: 942705]...
24 V 2010 13:53:29 - Indexed Spyware Databases Successfully Created...

24 V 2010 13:55:48 - Key found with NULL Character: HKLM\Software\Microsoft\Windows\CurrentVersion\System !!!
24 V 2010 13:55:48 - Deleting Registry Key: HKLM\Software\Microsoft\Windows\CurrentVersion\System
24 V 2010 13:55:48 - Object "NULLBYTE Spyware/Adware" found in File System! Action Taken: Entries Removed.

24 V 2010 13:55:50 - Offending file found: C:\WINDOWS\iun6002.exe
24 V 2010 13:55:50 - System found infected with Spyware.NetScreenWatch Spyware/Adware (iun6002.exe)! Action taken: File Deleted.
24 V 2010 13:55:50 - Object "Spyware.NetScreenWatch Spyware/Adware" found in File System! Action Taken: File Deleted.

24 V 2010 13:56:12 - Offending file found: C:\Documents and Settings\Alan\Dokumenty\My FlashThemes\DEFAULT.SWF
24 V 2010 13:56:12 - System found infected with Cydoor.TOPicks.a Spyware/Adware (DEFAULT.SWF)! Action taken: File Deleted.
24 V 2010 13:56:12 - Object "Cydoor.TOPicks.a Spyware/Adware" found in File System! Action Taken: File Deleted.

24 V 2010 13:56:41 - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
24 V 2010 13:56:41 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.
24 V 2010 13:56:41 - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.

24 V 2010 13:56:41 - Offending Registry Entry found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AlwaysUnloadDLL
24 V 2010 13:56:41 - System found infected with RegSort Corrupted Adware/Spyware (HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AlwaysUnloadDLL)! Action taken: Entries Removed.
24 V 2010 13:56:41 - Object "RegSort Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.

24 V 2010 13:56:42 - Offending file found: C:\WINDOWS\Downloaded Program Files\setup.inf
24 V 2010 13:56:42 - System found infected with combo Spyware/Adware (C:\WINDOWS\Downloaded Program Files\setup.inf)! Action taken: File Deleted.
24 V 2010 13:56:43 - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
24 V 2010 13:56:43 - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.
24 V 2010 13:56:43 - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.

24 V 2010 13:56:43 - Offending Registry Entry found: HKCR\wvfile
24 V 2010 13:56:43 - System found infected with Winvestigator Commercial KeyLogger (HKCR\wvfile)! Action taken: Entries Removed.
24 V 2010 13:56:43 - Object "Winvestigator Commercial KeyLogger" found in File System! Action Taken: Entries Removed.

24 V 2010 13:56:43 - Offending Registry Entry found: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters/TcpNumConnections
24 V 2010 13:56:43 - System found infected with Conficker.C Worm (HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters/TcpNumConnections)! Action taken: Entries Removed.
24 V 2010 13:56:43 - Object "Conficker.C Worm" found in File System! Action Taken: Entries Removed.

24 V 2010 13:56:43 - Scanning MountPoints2 RegKey...
24 V 2010 13:56:43 - Scanning CLSID RegKey...
24 V 2010 13:56:43 - Entry "HKCR\Access.AccDictionary.1" refers to invalid object "{6460C4D3-7B41-20C0-988C-4652A0E6F836}". Action Taken: Entries Removed.

24 V 2010 13:56:43 - Entry "HKCR\AcroIEHelperShim.AcroIEHelperShimObj" refers to invalid object "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}". Action Taken: Entries Removed.

24 V 2010 13:56:43 - Entry "HKCR\JavaPlugin.FamilyVersionSupport" refers to invalid object "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}". Action Taken: Entries Removed.

24 V 2010 13:56:44 - Entry "HKCR\RPShellExtension.QTExtractImage" refers to invalid object "{9BAF2374-771E-437b-A752-2B584A5B9200}". Action Taken: Entries Removed.

24 V 2010 13:56:44 - Entry "HKCR\RPShellExtension.RPExtractImage" refers to invalid object "{F2DE7395-2AE7-4b40-A159-F7EF3C266D9C}". Action Taken: Entries Removed.

24 V 2010 13:56:44 - Scanning ModuleUsage RegKey...
24 V 2010 13:56:44 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\Program Files\Creative\Shared Files\Software Update\CTPID.ocx". Action Taken: Entries Removed.

24 V 2010 13:56:44 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\CTPID.ocx". Action Taken: Entries Removed.

24 V 2010 13:56:44 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.2\CTSUEngn.ocx". Action Taken: Entries Removed.

24 V 2010 13:56:44 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\CONFLICT.8\CTSUEngn.ocx". Action Taken: Entries Removed.

24 V 2010 13:56:45 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\gp.ocx". Action Taken: Entries Removed.

24 V 2010 13:56:45 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\MVSGif.ocx". Action Taken: Entries Removed.

24 V 2010 13:56:45 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\sysreqlab3.dll". Action Taken: Entries Removed.

24 V 2010 13:56:45 - Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\system32\qdiagh.ocx". Action Taken: Entries Removed.

24 V 2010 13:56:45 - Scanning ExternalApp RegKey...
24 V 2010 13:56:45 - Entry "HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications" refers to invalid object "". Action Taken: Entries Removed.

24 V 2010 13:56:45 - Scanning SharedDLL RegKey...
24 V 2010 13:56:56 - Scanning Installer RegKey...
24 V 2010 13:57:05 - Scanning FileExtension RegKey...
24 V 2010 13:57:06 - Scanning ARPCache RegKey...

24 V 2010 13:57:06 - ***** Scanning Registry Files *****
24 V 2010 13:57:07 - Clearing Temporary sub-folders as Spyware/Adware found in system...
24 V 2010 13:57:07 - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
24 V 2010 13:57:07 - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://mystart.incredimail.com/
24 V 2010 13:57:07 - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome

24 V 2010 13:57:07 - ***** Scanning System32 Folders *****
24 V 2010 13:57:11 - Scanning File C:\WINDOWS\NIRCMD.exe (????)
24 V 2010 13:57:13 - File C:\WINDOWS\NIRCMD.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.

24 V 2010 13:57:28 - ScanFile took 8.44 Secs [C:\WINDOWS\system32\AppSetup.exe]...

24 V 2010 14:00:36 - ***** Scanning Drive C:\ *****
24 V 2010 14:09:32 - Scanning File C:\Documents and Settings\Alan\Dokumenty\DVDFab\Temp\Update\Update.exe
24 V 2010 14:09:33 - File C:\Documents and Settings\Alan\Dokumenty\DVDFab\Temp\Update\Update.exe tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 14:16:02 - C:\Documents and Settings\Alan\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG not Scanned. Possibly password protected...
24 V 2010 14:16:44 - C:\Documents and Settings\Alan\ntuser.dat.LOG not Scanned. Possibly password protected...
24 V 2010 14:16:56 - INVALID ATTRIBUTES FOR FOLDER [C:\Documents and Settings\Alan\Oblíbené položky\RapidShare\Hudba...]. IGNORING.
24 V 2010 14:17:02 - INVALID ATTRIBUTES FOR FOLDER [C:\Documents and Settings\Alan\Oblíbené položky\Zvuky..]. IGNORING.
24 V 2010 14:26:46 - INVALID ATTRIBUTES FOR FOLDER [C:\Documents and Settings\All Users\Data aplikac?ncrediMail]. IGNORING.
24 V 2010 14:31:20 - C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG not Scanned. Possibly password protected...
24 V 2010 14:31:21 - C:\Documents and Settings\LocalService\ntuser.dat.LOG not Scanned. Possibly password protected...
24 V 2010 14:31:21 - C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft\Windows\UsrClass.dat.LOG not Scanned. Possibly password protected...
24 V 2010 14:31:22 - C:\Documents and Settings\NetworkService\ntuser.dat.LOG not Scanned. Possibly password protected...
24 V 2010 14:56:21 - ScanFile took 6.00 Secs [C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.api]...

Reklama

Alan-K · Příspěvekod **Alan-K** » 24 kvě 2010 18:25

24 V 2010 16:11:46 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMCoreA.dll
24 V 2010 16:11:47 - File C:\Program Files\Common Files\Nero\Lib\NMCoreA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:48 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMCoreB.dll
24 V 2010 16:11:48 - File C:\Program Files\Common Files\Nero\Lib\NMCoreB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:48 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMCoreC.dll
24 V 2010 16:11:48 - File C:\Program Files\Common Files\Nero\Lib\NMCoreC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:48 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMCoreD.dll
24 V 2010 16:11:48 - File C:\Program Files\Common Files\Nero\Lib\NMCoreD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:48 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMCoreE.dll
24 V 2010 16:11:48 - File C:\Program Files\Common Files\Nero\Lib\NMCoreE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:48 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMDataServicesA.dll
24 V 2010 16:11:48 - File C:\Program Files\Common Files\Nero\Lib\NMDataServicesA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:48 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMDataServicesB.dll
24 V 2010 16:11:49 - File C:\Program Files\Common Files\Nero\Lib\NMDataServicesB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:49 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMDataServicesC.dll
24 V 2010 16:11:49 - File C:\Program Files\Common Files\Nero\Lib\NMDataServicesC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:49 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMDataServicesD.dll
24 V 2010 16:11:49 - File C:\Program Files\Common Files\Nero\Lib\NMDataServicesD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:49 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMDataServicesE.dll
24 V 2010 16:11:49 - File C:\Program Files\Common Files\Nero\Lib\NMDataServicesE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:50 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreA.dll
24 V 2010 16:11:50 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:50 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreB.dll
24 V 2010 16:11:50 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:50 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreC.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:51 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreD.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:51 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreE.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:51 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreF.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreF.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:51 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreG.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreG.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:51 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreH.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreH.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:51 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreI.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreI.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:51 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreJ.dll
24 V 2010 16:11:51 - File C:\Program Files\Common Files\Nero\Lib\NMIndexStoreJ.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:53 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMSearchA.dll
24 V 2010 16:11:53 - File C:\Program Files\Common Files\Nero\Lib\NMSearchA.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:53 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMSearchB.dll
24 V 2010 16:11:53 - File C:\Program Files\Common Files\Nero\Lib\NMSearchB.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:53 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMSearchC.dll
24 V 2010 16:11:53 - File C:\Program Files\Common Files\Nero\Lib\NMSearchC.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:53 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMSearchD.dll
24 V 2010 16:11:54 - File C:\Program Files\Common Files\Nero\Lib\NMSearchD.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:11:54 - Scanning File C:\Program Files\Common Files\Nero\Lib\NMSearchE.dll
24 V 2010 16:11:54 - File C:\Program Files\Common Files\Nero\Lib\NMSearchE.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 16:18:44 - ScanFile took 7.70 Secs [C:\Program Files\Creative\SBAudigy2ZS\Program\wdm\common\i386\AppSetup.exe]...

24 V 2010 17:17:27 - Scanning File C:\Program Files\TC UP\PLUGINS\Media\FreeDownloadManager\Firefox\extension\components\component.dll
24 V 2010 17:17:27 - File C:\Program Files\TC UP\PLUGINS\Media\FreeDownloadManager\Firefox\extension\components\component.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:33:59 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063094.exe (????)
24 V 2010 17:34:01 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063094.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.

24 V 2010 17:34:02 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063099.pif (????)
24 V 2010 17:34:02 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063099.pif infected by "Malware.Win32 (ES)" Virus! Action Taken: File Deleted.

24 V 2010 17:34:02 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063101.exe (????)
24 V 2010 17:34:03 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063101.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.

24 V 2010 17:34:07 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063142.exe (????)
24 V 2010 17:34:08 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063142.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.

24 V 2010 17:34:16 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063261.exe (????)
24 V 2010 17:34:16 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063261.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.

24 V 2010 17:34:17 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063266.pif (????)
24 V 2010 17:34:17 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063266.pif infected by "Malware.Win32 (ES)" Virus! Action Taken: File Deleted.

24 V 2010 17:34:17 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063268.exe (????)
24 V 2010 17:34:18 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063268.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.

24 V 2010 17:34:21 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063312.exe (????)
24 V 2010 17:34:22 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063312.exe infected by "Malware.Win32 (ES)" Virus! Action Taken: File Renamed.

24 V 2010 17:34:22 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063314.dll
24 V 2010 17:34:22 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063314.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:22 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063315.dll
24 V 2010 17:34:22 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063315.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:22 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063316.dll
24 V 2010 17:34:22 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063316.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:22 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063317.dll
24 V 2010 17:34:22 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063317.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:22 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063318.dll
24 V 2010 17:34:22 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063318.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:22 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063319.dll
24 V 2010 17:34:22 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063319.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:22 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063320.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063320.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063321.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063321.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063322.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063322.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063323.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063323.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063324.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063324.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063325.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063325.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063326.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063326.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063327.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063327.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063328.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063328.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063329.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063329.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063330.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063330.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063331.dll
24 V 2010 17:34:23 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063331.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:23 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063332.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063332.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:24 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063333.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063333.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:24 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063334.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063334.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:24 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063335.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063335.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:24 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063336.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063336.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:24 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063337.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063337.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:24 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063338.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063338.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:34:24 - Scanning File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063339.dll
24 V 2010 17:34:24 - File C:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP171\A0063339.dll tagged as "NULL.Corrupted". Action Taken: File Deleted.

24 V 2010 17:54:36 - C:\WINDOWS\system32\CatRoot2\edb.log not Scanned. Possibly password protected...
24 V 2010 17:54:36 - C:\WINDOWS\system32\CatRoot2\tmp.edb not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\default not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\default.LOG not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\SAM not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\SAM.LOG not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\SECURITY not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\SECURITY.LOG not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\software not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\software.LOG not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\system not Scanned. Possibly password protected...
24 V 2010 17:54:37 - C:\WINDOWS\system32\config\system.LOG not Scanned. Possibly password protected...
24 V 2010 18:02:08 - ScanFile took 7.36 Secs [C:\WINDOWS\system32\ReinstallBackups\0040\DriverFiles\Common\i386\AppSetup.exe]...

24 V 2010 18:03:51 - ***** Checking for specific ITW Viruses *****

24 V 2010 18:03:52 - ***** Scanning complete. *****

24 V 2010 18:03:52 - Total Objects Scanned: 342818
24 V 2010 18:03:52 - Total Critical Objects: 17
24 V 2010 18:03:52 - Total Disinfected Objects: 0
24 V 2010 18:03:52 - Total Objects Renamed: 7
24 V 2010 18:03:52 - Total Deleted Objects: 76
24 V 2010 18:03:52 - Total Errors: 31
24 V 2010 18:03:52 - Time Elapsed: 04:11:34
24 V 2010 18:03:52 - Virus Database Date: 24 May 2010
24 V 2010 18:03:52 - Virus Database Count: 6064267

24 V 2010 18:03:52 - Scan Completed.

JAK MÁM POKRAČOVAT, ZATÍM JSEM NIC NEUDĚLAL???

Příspěvekod **jaro3** » 24 kvě 2010 20:08

Ten MWAV jsem Ti nedoporučoval já. Určitě se nemusíš znepokojovat , některé klíče a soubory byly smazány , drtivý zbytek jsou jen pozůstatky po vyléčených nákazách a složky a soubory po Combofixu...

Toto bys mohl smazat:
C:\Documents and Settings\All Users\Data aplikací\0CA96315C2.sys

Pokud se Ti něco nezdá , tak ještě udělej toto:

Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).

Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.

Alan-K · Příspěvekod **Alan-K** » 24 kvě 2010 21:39

C:\Documents and Settings\All Users\Data aplikací\0CA96315C2.sys
....se mi nepodařilo najít. (mám zapnuté zobrazování skkrýtých soub.a složek)

OTL logfile created on: 24.5.2010 21:24:18 - Run 2
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Alan\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 5,82 Gb Free Space | 11,93% Space Free | Partition Type: NTFS
Drive D: | 230,63 Gb Total Space | 25,98 Gb Free Space | 11,26% Space Free | Partition Type: NTFS
Drive E: | 279,46 Gb Total Space | 57,61 Gb Free Space | 20,61% Space Free | Partition Type: NTFS
Drive F: | 279,46 Gb Total Space | 64,12 Gb Free Space | 22,94% Space Free | Partition Type: NTFS
Drive G: | 279,46 Gb Total Space | 6,43 Gb Free Space | 2,30% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 465,76 Gb Total Space | 57,74 Gb Free Space | 12,40% Space Free | Partition Type: NTFS
Drive L: | 186,31 Gb Total Space | 18,02 Gb Free Space | 9,67% Space Free | Partition Type: NTFS

Computer Name: PC-DOMA
Current User Name: Alan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Alan\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Alan\Plocha\OTH.scr (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Alan\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll (Adobe Systems, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll (Microsoft Corporation)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll (Microsoft Corporation)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
MOD - C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll (Nero AG)
MOD - C:\Program Files\Microsoft Office\Office12\GrooveNew.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll (Corel Corporation)
MOD - c:\Program Files\Common Files\Corel\Shared\Shell Extension\FileInfoProvider.dll (Corel Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (bgsvcgen) -- C:\WINDOWS\System32\bgsvcgen.exe (SOURCENEXT)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (astcc) -- C:\WINDOWS\system32\ASTSRV.EXE (Nalpeiron Ltd.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (btwdins) -- C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (SCDEmu) -- C:\WINDOWS\system32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTERFXFX.SYS) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV - (CTERFXFX) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys (Creative Technology Ltd)
DRV - (CTSBLFX.SYS) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV - (CTSBLFX) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV - (CTAUDFX.SYS) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV - (CTAUDFX) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV - (COMMONFX.SYS) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV - (COMMONFX) -- C:\WINDOWS\system32\drivers\COMMONFX.sys (Creative Technology Ltd)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (Revoflt) -- C:\WINDOWS\system32\drivers\revoflt.sys (VS Revo Group)
DRV - (cdrbsdrv) -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (adfs) -- C:\WINDOWS\system32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (SI3112r) -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys (Silicon Image, Inc)
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (cdrblock) -- C:\WINDOWS\system32\drivers\cdrblock.sys (Canopus Co,. Ltd.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM) -- C:\WINDOWS\system32\drivers\se45unic.sys (MCCI)
DRV - (se45obex) -- C:\WINDOWS\system32\drivers\se45obex.sys (MCCI)
DRV - (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\se45mgmt.sys (MCCI)
DRV - (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS) -- C:\WINDOWS\system32\drivers\se45nd5.sys (MCCI)
DRV - (se45mdm) -- C:\WINDOWS\system32\drivers\se45mdm.sys (MCCI)
DRV - (se45mdfl) -- C:\WINDOWS\system32\drivers\se45mdfl.sys (MCCI)
DRV - (se45bus) Sony Ericsson Device 069 driver (WDM) -- C:\WINDOWS\system32\drivers\se45bus.sys (MCCI)
DRV - (fixustor) -- C:\WINDOWS\system32\drivers\fixustor.sys (Genesys Logic)
DRV - (VD_FileDisk) -- C:\WINDOWS\system32\drivers\vd_filedisk.sys (Flint Incorporation)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (cdrport) -- C:\WINDOWS\system32\drivers\cdrport.sys (Canopus Co,. Ltd.)
DRV - (ULCDRHlp) -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys (Ulead Systems, Inc.)
DRV - (fasttx2k) -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (viafilter) -- C:\WINDOWS\System32\Drivers\viausb1.sys (VIA Technologies, Inc.)
DRV - (PenClass) -- C:\WINDOWS\system32\Drivers\penclass.sys (Wacom Technology Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.cz"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {152455DE-7B40-4bcf-B5B4-C68A1BE85A91}:2.6.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {2c088200-b973-11db-8314-0800200c9a66}:1.7.1
FF - prefs.js..keyword.URL: "http://mystart.incredimail.com/?loc=ff_address_bar_PMM_std_alone&search="
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.19 16:46:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.20 16:59:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.10.30 19:11:22 | 000,000,000 | ---D | M]

[2009.06.08 11:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Extensions
[2009.06.08 11:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2010.05.24 18:26:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions
[2009.06.03 14:41:38 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(2)
[2009.12.11 21:30:56 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(3)
[2010.03.18 03:05:03 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(4)
[2010.04.06 22:39:23 | 000,000,000 | ---D | M] (Domain Details) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{152455DE-7B40-4bcf-B5B4-C68A1BE85A91}
[2010.04.29 01:50:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.30 15:42:10 | 000,000,000 | ---D | M] (Harley Davidson) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{2c088200-b973-11db-8314-0800200c9a66}
[2009.06.03 14:41:38 | 000,000,000 | ---D | M] (MidnightFox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}(2)
[2010.04.15 16:49:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.03.23 11:05:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2010.04.14 16:50:58 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2008.09.23 09:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.05.22 14:27:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.20 16:59:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.20 16:58:48 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.23 16:50:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Ptipbmf] C:\WINDOWS\System32\ptipbmf.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Alan\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe (SanDisk)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe (Wacom Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Alan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.07 17:46:56 | 000,000,000 | R--D | M] - E:\Auto FX Software -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.09.05 22:41:43 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 90 Days ==========

[2010.05.24 21:07:46 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Alan\Plocha\OTL.exe
[2010.05.24 21:07:05 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Alan\Plocha\OTH.scr
[2010.05.24 13:53:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.05.24 13:53:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.05.24 13:50:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.05.24 13:50:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.05.24 13:50:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.05.24 13:50:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.05.24 13:39:13 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.05.24 13:39:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.05.24 13:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.05.24 13:36:41 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Alan\Recent
[2010.05.24 13:34:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.05.23 16:33:51 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.05.23 15:30:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe.mwt
[2010.05.23 15:29:59 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.05.23 15:29:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.05.23 15:29:57 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.05.23 15:29:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.23 15:22:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.05.21 16:09:29 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Alan\Plocha\HijackThis.exe
[2010.05.21 16:03:49 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Alan\Plocha\StartUpLite.exe
[2010.05.20 17:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010.05.20 11:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
[2010.05.20 00:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Sony ACID Pro 6.0 projekty
[2010.05.19 16:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.05.19 16:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.05.19 16:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple
[2010.05.19 16:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\Apple Computer
[2010.05.19 15:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\PC_Drivers_Headquarters
[2010.05.19 15:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2010.05.19 14:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc
[2010.05.19 12:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Data aplikací\GetRightToGo
[2010.05.19 12:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Downloads
[2010.05.19 12:42:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2010.05.18 20:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\AnalogX
[2010.05.18 20:29:08 | 000,217,088 | ---- | C] (Audio Mechanic & Sound Breeder) -- C:\Documents and Settings\Alan\Plocha\VB_plugman.exe
[2010.05.18 19:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2009
[2010.05.18 11:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2010.05.18 01:49:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\PCHealth
[2010.05.18 01:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\My Videos
[2010.05.18 01:09:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.05.17 23:28:18 | 000,000,000 | ---D | C] -- C:\MoTemp
[2010.05.17 22:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.05.13 23:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Alcohol 120%
[2010.05.13 23:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2010.05.06 19:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ZoomBrowser
[2010.05.05 19:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\ProShow MediaSource - Wedding Essentials
[2010.05.04 13:57:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Stažené soubory
[2010.04.28 20:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\InstantCDDVD
[2010.04.28 20:23:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Pinnacle
[2010.04.28 15:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Pinnacle Studio
[2010.04.28 15:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Data aplikací\proDAD
[2010.04.28 15:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\proDAD
[2010.04.28 15:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\LooksBuilderSE
[2010.04.28 15:02:02 | 000,049,152 | ---- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CvoAPI.dll
[2010.04.28 14:49:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.04.28 14:42:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\My Projects
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Studio 12
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Pinnacle
[2010.04.23 18:31:01 | 000,106,432 | ---- | C] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys
[2010.04.16 14:02:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Daniel
[2010.04.12 10:44:34 | 000,059,388 | ---- | C] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys
[2010.03.26 15:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\DoctorWeb
[2010.03.24 12:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010.03.23 11:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Data aplikací\nView_Wallpaper
[2010.03.22 21:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Checker
[2010.03.22 19:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010.03.19 15:31:57 | 000,089,256 | ---- | C] (Elaborate Bytes AG) -- C:\WINDOWS\System32\ElbyCDIO.dll
[2010.03.18 19:19:42 | 000,011,776 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\System32\inres.dll
[2010.03.18 19:19:42 | 000,011,776 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\INRES.DLL
[2010.03.18 19:18:32 | 000,010,752 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2010.03.18 19:17:56 | 000,038,400 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\System32\readreg.exe
[2010.03.18 18:59:50 | 000,010,240 | ---- | C] ( ) -- C:\WINDOWS\System32\killapps.exe
[2010.03.10 01:03:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.03.10 01:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.03.05 17:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2010.03.05 17:52:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 90 Days ==========

[2010.05.24 21:08:20 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alan\Plocha\OTL.exe
[2010.05.24 21:07:24 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alan\Plocha\OTH.scr
[2010.05.24 18:59:59 | 000,000,091 | ---- | M] () -- C:\Documents and Settings\Alan\Data aplikací\default.pls
[2010.05.24 18:59:11 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.24 13:55:40 | 013,181,060 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2010.05.24 13:51:53 | 000,000,053 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.05.24 13:39:12 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.05.24 13:36:47 | 019,136,512 | ---- | M] () -- C:\Documents and Settings\Alan\ntuser.dat
[2010.05.24 13:33:58 | 000,210,944 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\T-Cleaner.exe
[2010.05.24 13:20:27 | 000,545,352 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.24 13:20:27 | 000,540,584 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.24 13:20:27 | 000,131,128 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.24 13:20:27 | 000,116,888 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.24 13:20:26 | 001,355,520 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.24 13:16:59 | 004,931,715 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000009-00001102-00000004-20011102}.CDF
[2010.05.24 13:16:28 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job
[2010.05.24 13:16:26 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.24 13:16:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.24 13:16:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.23 18:04:47 | 000,031,104 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.23 18:04:47 | 000,031,104 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.23 18:04:47 | 000,030,168 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.23 18:04:47 | 000,030,168 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.23 18:04:47 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.23 18:04:39 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Alan\ntuser.ini
[2010.05.23 18:02:26 | 011,379,780 | -H-- | M] () -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\IconCache.db
[2010.05.23 16:50:14 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.23 16:50:04 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.23 16:29:08 | 086,349,632 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\mwav.exe
[2010.05.23 15:14:57 | 003,693,870 | R--- | M] () -- C:\Documents and Settings\Alan\Plocha\ComboFix.exe
[2010.05.21 16:01:43 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Alan\Plocha\StartUpLite.exe
[2010.05.21 14:35:32 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Alan\Plocha\HijackThis.exe
[2010.05.21 12:33:23 | 000,178,070 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.05.20 17:47:02 | 000,002,428 | ---- | M] () -- C:\Documents and Settings\Alan\Dokumenty\Register Vegas.htm
[2010.05.20 17:41:50 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vegas 7.0.lnk
[2010.05.20 15:34:49 | 000,000,228 | ---- | M] () -- C:\WINDOWS\System32\bcdadac7.xml
[2010.05.20 12:36:32 | 000,003,764 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2010.05.20 11:26:24 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.05.20 10:15:22 | 000,000,139 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2010.05.20 00:09:50 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\SONY ACID pro.lnk
[2010.05.19 23:02:45 | 000,000,028 | ---- | M] () -- C:\WINDOWS\MotionDVSTUDIO.INI
[2010.05.19 16:45:46 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2010.05.19 12:42:25 | 000,658,296 | ---- | M] () -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.05.19 12:30:51 | 003,547,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.19 01:34:50 | 000,000,028 | ---- | M] () -- C:\Documents and Settings\Alan\Adobe Encore DVD_VUI.pref
[2010.05.18 20:30:40 | 000,001,644 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\DXMan.lnk
[2010.05.18 19:49:37 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\jv16 PowerTools 2009.lnk
[2010.05.18 13:04:06 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010.05.18 13:04:06 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010.05.18 11:48:41 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.05.18 11:48:41 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.05.17 23:28:11 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mokey V4.1.1.lnk
[2010.05.17 14:03:29 | 000,000,281 | ---- | M] () -- C:\Documents and Settings\Alan\Dokumenty\ax_files.xml
[2010.05.15 15:57:35 | 000,001,189 | ---- | M] () -- C:\Documents and Settings\Alan\Data aplikací\vso_ts_preview.xml
[2010.05.14 00:30:47 | 040,165,200 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\dr.WEB.exe
[2010.05.14 00:11:43 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PowerISO.lnk
[2010.05.13 23:13:42 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.05.13 23:04:57 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.05.13 19:04:16 | 000,001,529 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\FLAC Frontend.lnk
[2010.05.10 14:00:34 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\CorelDRAW X4.lnk
[2010.05.06 19:46:44 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2010.05.05 22:04:07 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AnyDVD.lnk
[2010.05.05 19:48:55 | 000,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Revo Uninstaller Pro.lnk
[2010.05.05 19:40:59 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\ProShow Producer.lnk
[2010.05.04 14:13:56 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\ConvertXtoDVD 4.lnk
[2010.05.03 17:25:44 | 000,002,161 | ---- | M] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.28 14:55:10 | 000,001,894 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Instant DVD Recorder.lnk
[2010.04.28 14:46:44 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Studio 12.lnk
[2010.04.27 23:56:28 | 000,001,552 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\CCleaner.lnk
[2010.04.26 16:31:15 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\Microsoft Office Word 2007.lnk
[2010.04.26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010.04.24 14:38:57 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Smart Defrag.lnk
[2010.04.23 18:31:01 | 000,106,432 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\System32\drivers\AnyDVD.sys
[2010.04.14 14:22:47 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\RapgetRS.lnk
[2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\System32\drivers\scdemu.sys
[2010.03.24 12:50:51 | 000,001,516 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\Speccy.lnk
[2010.03.24 12:50:32 | 000,001,516 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\Recuva.lnk
[2010.03.24 12:50:10 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\Defraggler.lnk
[2010.03.19 15:31:57 | 000,089,256 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\System32\ElbyCDIO.dll
[2010.03.18 19:59:54 | 000,050,439 | ---- | M] () -- C:\WINDOWS\System32\instwdm.ini
[2010.03.18 19:59:50 | 000,000,054 | ---- | M] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010.03.18 19:19:58 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CTBurst.dll
[2010.03.18 19:19:42 | 000,011,776 | ---- | M] (Creative Technology Limited) -- C:\WINDOWS\System32\inres.dll
[2010.03.18 19:19:42 | 000,011,776 | ---- | M] (Creative Technology Limited) -- C:\WINDOWS\INRES.DLL
[2010.03.18 19:19:38 | 000,182,272 | ---- | M] (Creative Technology Limited) -- C:\WINDOWS\System32\ctdvinst.dll
[2010.03.18 19:19:36 | 000,086,528 | ---- | M] (Creative Technology Limited) -- C:\WINDOWS\System32\ctcoinst.dll
[2010.03.18 19:18:32 | 000,010,752 | ---- | M] ( ) -- C:\WINDOWS\System32\a3d.dll
[2010.03.18 19:17:56 | 000,038,400 | ---- | M] (Creative Technology Limited) -- C:\WINDOWS\System32\readreg.exe
[2010.03.18 19:17:50 | 000,037,888 | ---- | M] () -- C:\WINDOWS\System32\psconv.exe
[2010.03.18 19:07:54 | 000,386,852 | ---- | M] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2010.03.18 19:07:54 | 000,051,787 | ---- | M] () -- C:\WINDOWS\System32\ctdlang.dat
[2010.03.18 19:03:12 | 000,013,312 | ---- | M] () -- C:\WINDOWS\System32\regplib.exe
[2010.03.18 19:02:14 | 000,149,838 | ---- | M] () -- C:\WINDOWS\System32\ctbas2w.dat
[2010.03.18 19:00:42 | 000,274,587 | ---- | M] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2010.03.18 19:00:28 | 000,241,084 | ---- | M] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2010.03.18 19:00:28 | 000,115,166 | ---- | M] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2010.03.18 18:59:56 | 000,313,207 | ---- | M] () -- C:\WINDOWS\System32\ctstatic.dat
[2010.03.18 18:59:56 | 000,053,932 | ---- | M] () -- C:\WINDOWS\System32\ctdaught.dat
[2010.03.18 18:59:54 | 000,005,120 | ---- | M] () -- C:\WINDOWS\System32\enlocstr.exe
[2010.03.18 18:59:50 | 000,010,240 | ---- | M] ( ) -- C:\WINDOWS\System32\killapps.exe
[2010.03.04 16:23:30 | 000,000,191 | ---- | M] () -- C:\WINDOWS\SBWIN.INI
[2010.03.04 12:30:40 | 000,000,801 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Digital Photo Professional.lnk
[2010.03.04 12:28:28 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\EOS Utility.lnk
[2010.02.26 17:38:45 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010.02.03 14:12:09 | 000,025,760 | ---- | M] () -- C:\ASLog.txt
[2009.10.04 20:45:22 | 000,000,053 | ---- | M] () -- C:\biosinfo
[2008.11.02 13:34:22 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2009.12.08 16:27:25 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2008.04.14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004.08.04 00:00:04 | 000,261,312 | ---- | M] () -- C:\cmldr
[2010.05.23 16:52:20 | 000,027,140 | ---- | M] () -- C:\ComboFix.txt
[2006.04.20 01:19:52 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009.05.13 20:06:57 | 000,001,024 | ---- | M] () -- C:\EPSONCD.Pal
[2006.04.20 01:19:52 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006.04.20 01:19:52 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008.04.14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008.04.14 14:00:00 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2010.05.24 13:15:54 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010.01.26 14:33:20 | 000,001,259 | ---- | M] () -- C:\TCleaner.txt
[2007.06.14 08:00:39 | 000,872,300 | -H-- | M] () -- C:\treeinfo.wc

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.09.05 23:32:34 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.09.05 20:48:47 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2008.09.05 23:32:34 | 054,263,808 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.09.05 23:32:35 | 013,369,344 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010.04.23 18:31:01 | 000,106,432 | ---- | M] (SlySoft, Inc.) -- C:\WINDOWS\system32\drivers\AnyDVD.sys
[2010.03.18 20:39:10 | 000,099,416 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\COMMONFX.sys
[2010.03.18 20:40:22 | 001,366,488 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CT0531FL.SYS
[2010.03.18 20:40:32 | 000,511,064 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctac32k.sys
[2010.03.18 20:40:40 | 000,528,472 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctaud2k.sys
[2010.03.18 20:39:18 | 000,555,096 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys
[2010.03.18 20:40:48 | 000,347,144 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys
[2010.03.18 20:39:36 | 000,100,952 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys
[2010.03.18 20:40:56 | 000,018,904 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTGAME.SYS
[2010.03.18 20:41:08 | 001,372,888 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\CTMMFILT.SYS
[2010.03.18 20:45:12 | 000,127,576 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys
[2010.03.18 20:45:20 | 000,014,424 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys
[2010.03.18 20:39:28 | 000,566,360 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys
[2010.03.18 20:45:28 | 000,157,272 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys
[2010.03.18 20:45:42 | 000,092,760 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\emupia2k.sys
[2010.03.18 20:49:56 | 000,798,808 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys
[2010.03.18 20:50:04 | 000,162,904 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\haP16v2k.sys
[2010.03.18 20:50:12 | 000,189,528 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\haP17v2k.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010.02.24 15:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2010.03.18 20:50:20 | 000,015,960 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\pfmodnt.sys
[2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) -- C:\WINDOWS\system32\drivers\scdemu.sys
[2010.05.13 23:04:57 | 000,691,696 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys

========== Files - Unicode (All) ==========
[2009.12.26 15:40:18 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\Data aplikac?ncrediMail) -- C:\Documents and Settings\All Users\Data aplikac웉ncrediMail
(C:\Documents and Settings\All Users\Data aplikac?ncrediMail) -- C:\Documents and Settings\All Users\Data aplikac웉ncrediMail

========== Alternate Data Streams ==========

@Alternate Data Stream - 264 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:C30C1005E0DD9B29
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:888AFB86
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8
< End of report >

Alan-K · Příspěvekod **Alan-K** » 24 kvě 2010 21:40

========== Files Created - No Company Name ==========

[2010.05.24 13:53:29 | 013,181,060 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2010.05.24 13:40:13 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.05.24 13:39:14 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.05.24 13:33:56 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\T-Cleaner.exe
[2010.05.23 16:21:10 | 086,349,632 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\mwav.exe
[2010.05.23 15:30:03 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.05.23 15:30:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.05.23 15:29:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.05.23 15:29:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.05.23 15:29:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.05.23 15:12:40 | 003,693,870 | R--- | C] () -- C:\Documents and Settings\Alan\Plocha\ComboFix.exe
[2010.05.20 17:47:02 | 000,002,428 | ---- | C] () -- C:\Documents and Settings\Alan\Dokumenty\Register Vegas.htm
[2010.05.20 17:41:50 | 000,001,633 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vegas 7.0.lnk
[2010.05.20 11:42:00 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm
[2010.05.20 00:09:50 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\SONY ACID pro.lnk
[2010.05.19 20:02:20 | 019,136,512 | ---- | C] () -- C:\Documents and Settings\Alan\ntuser.dat
[2010.05.19 16:45:46 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2010.05.19 15:56:09 | 000,186,407 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2010.05.19 15:56:07 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010.05.18 20:30:40 | 000,001,644 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\DXMan.lnk
[2010.05.18 19:28:40 | 000,000,228 | ---- | C] () -- C:\WINDOWS\System32\bcdadac7.xml
[2010.05.18 19:28:27 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\jv16 PowerTools 2009.lnk
[2010.05.18 13:04:06 | 000,001,080 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010.05.18 13:04:06 | 000,001,080 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm
[2010.05.18 11:51:33 | 000,030,168 | ---- | C] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.18 11:51:33 | 000,030,168 | ---- | C] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.18 11:51:33 | 000,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.18 11:50:02 | 004,931,715 | ---- | C] () -- C:\WINDOWS\{00000002-00000000-00000009-00001102-00000004-20011102}.CDF
[2010.05.14 00:31:22 | 040,165,200 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\dr.WEB.exe
[2010.05.13 23:30:48 | 000,000,281 | ---- | C] () -- C:\Documents and Settings\Alan\Dokumenty\ax_files.xml
[2010.05.13 23:13:42 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.05.13 23:04:56 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.05.13 19:04:16 | 000,001,529 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\FLAC Frontend.lnk
[2010.05.06 19:46:44 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2010.05.05 19:40:59 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\ProShow Producer.lnk
[2010.04.28 15:02:03 | 000,002,161 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2010.04.28 14:57:04 | 000,001,772 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\__wdump.txt
[2010.04.28 14:55:10 | 000,001,894 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Instant DVD Recorder.lnk
[2010.04.28 14:46:44 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Studio 12.lnk
[2010.04.28 14:37:52 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.04.24 14:38:57 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Smart Defrag.lnk
[2010.03.24 12:50:32 | 000,001,516 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\Recuva.lnk
[2010.03.23 11:09:11 | 000,178,070 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010.03.22 19:59:07 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip
[2010.03.22 19:59:07 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml
[2010.03.22 19:59:07 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml
[2010.03.22 19:59:07 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip
[2010.03.18 19:59:54 | 000,050,439 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2010.03.18 19:59:50 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010.03.18 19:19:58 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2010.03.18 19:17:50 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\psconv.exe
[2010.03.18 19:07:54 | 000,386,852 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2010.03.18 19:07:54 | 000,051,787 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2010.03.18 19:03:12 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2010.03.18 19:02:14 | 000,149,838 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2010.03.18 19:00:42 | 000,274,587 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2010.03.18 19:00:28 | 000,241,084 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2010.03.18 19:00:28 | 000,115,166 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2010.03.18 18:59:56 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2010.03.18 18:59:56 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2010.03.18 18:59:54 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2010.03.04 12:30:40 | 000,000,801 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Digital Photo Professional.lnk
[2010.03.04 12:28:28 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\EOS Utility.lnk
[2010.01.15 12:10:19 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.01.14 21:29:24 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2009.12.10 22:45:50 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009.11.29 22:35:20 | 000,002,001 | ---- | C] () -- C:\WINDOWS\BorisRED4.3.ini
[2009.10.04 16:59:35 | 000,890,953 | ---- | C] () -- C:\WINDOWS\HSC_mfr2.ini
[2009.07.08 15:10:56 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2009.06.21 11:49:24 | 000,000,101 | ---- | C] () -- C:\WINDOWS\MsgAgt.INI
[2009.06.16 12:30:14 | 000,005,553 | ---- | C] () -- C:\WINDOWS\System32\iconcfg.ini
[2009.06.16 08:44:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lucispro.INI
[2009.06.06 19:01:10 | 009,838,080 | ---- | C] () -- C:\WINDOWS\System32\tlidenoise30.dll
[2009.04.03 14:10:04 | 007,262,208 | ---- | C] () -- C:\WINDOWS\System32\tliadjust32.dll
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.12 11:47:40 | 003,520,000 | ---- | C] () -- C:\WINDOWS\System32\tlisimplify10.dll
[2008.12.11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.12.09 15:36:00 | 001,150,976 | ---- | C] () -- C:\WINDOWS\System32\tlisimplify10_dll.dll
[2008.11.30 23:13:29 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\pavedius4db.dll
[2008.11.30 23:13:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\pavedius.dll
[2008.11.19 20:05:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008.11.07 03:35:31 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008.11.06 02:55:50 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008.11.06 02:55:50 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2008.11.06 02:55:50 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008.11.06 02:55:50 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008.11.06 02:29:25 | 000,000,123 | ---- | C] () -- C:\WINDOWS\rootkitno.ini
[2008.11.02 21:59:38 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2008.11.01 23:22:05 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.05.29 11:47:32 | 002,023,424 | ---- | C] () -- C:\WINDOWS\System32\QtCore4.dll
[2008.05.03 06:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.05.03 06:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.05.03 06:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.05.03 06:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.05.03 06:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.04.24 00:49:52 | 007,315,456 | ---- | C] () -- C:\WINDOWS\System32\QtGui4.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.04.14 14:00:00 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.04.14 14:00:00 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\iakuxgs.dll
[2008.03.07 02:30:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.02.08 17:13:44 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\LS3Renderer.dll
[2008.01.12 12:41:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.01.07 10:49:29 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2007.12.28 21:09:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COMPANIONAPP.INI
[2007.12.26 16:54:28 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007.12.26 16:54:27 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007.12.01 17:45:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2007.11.01 17:53:34 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.11.01 17:43:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.10.02 19:37:22 | 000,000,133 | ---- | C] () -- C:\WINDOWS\VobEdit.INI
[2007.10.01 16:30:25 | 000,001,585 | ---- | C] () -- C:\WINDOWS\Graffiti4.0.ini
[2007.09.07 23:05:18 | 000,890,953 | ---- | C] () -- C:\WINDOWS\Txtis.ini
[2007.08.13 20:45:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2007.07.28 18:41:55 | 000,001,633 | ---- | C] () -- C:\WINDOWS\BorisFX8.0.ini
[2007.07.28 18:31:03 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2007.07.03 02:31:22 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2007.06.14 07:46:22 | 000,000,323 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.06.12 08:13:06 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007.06.12 08:12:29 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007.06.02 17:34:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\settings.ini
[2007.03.27 17:16:05 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007.03.22 00:25:40 | 000,000,286 | ---- | C] () -- C:\WINDOWS\hpqgrcpy.INI
[2007.02.21 02:03:16 | 000,000,397 | ---- | C] () -- C:\WINDOWS\barcode.ini
[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006.12.26 19:26:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2006.12.17 21:18:51 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\mlcrs0ft.dll
[2006.12.13 00:48:40 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006.11.01 17:18:34 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2006.09.08 18:25:39 | 000,000,071 | ---- | C] () -- C:\WINDOWS\EPSONCD.INI
[2006.08.22 20:58:47 | 000,000,299 | ---- | C] () -- C:\WINDOWS\PRELUDE.INI
[2006.07.10 23:46:35 | 000,000,066 | ---- | C] () -- C:\WINDOWS\#1 Video Converter.INI
[2006.06.25 22:01:02 | 000,000,134 | ---- | C] () -- C:\WINDOWS\Title.INI
[2006.06.18 23:58:11 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Hmplayer.INI
[2006.06.18 23:06:19 | 000,000,028 | ---- | C] () -- C:\WINDOWS\MotionDVSTUDIO.INI
[2006.05.05 11:11:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.05.01 12:49:23 | 000,000,011 | ---- | C] () -- C:\WINDOWS\3DShadow.INI
[2006.04.21 23:41:21 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006.04.21 18:30:21 | 000,000,042 | ---- | C] () -- C:\WINDOWS\MixBUda.INI
[2006.04.20 20:49:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER300Euro.ini
[2006.04.20 20:11:57 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\TaskKeyHook.dll
[2006.04.20 19:58:08 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.04.20 19:58:08 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.04.20 19:58:08 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.04.20 19:58:08 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.04.20 19:58:08 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.04.20 19:58:08 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.04.20 11:24:42 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2006.04.20 10:21:34 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.04.20 10:14:56 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006.04.20 02:46:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2006.04.20 02:18:06 | 000,000,191 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2006.04.20 02:03:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\memtest.dll
[2006.04.20 02:03:47 | 000,039,044 | ---- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2006.04.20 01:51:56 | 000,004,008 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.07.15 20:35:56 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2005.02.03 02:30:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2005.01.24 11:12:08 | 004,915,200 | ---- | C] () -- C:\WINDOWS\System32\qt-mt333.dll
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004.09.11 20:36:40 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2004.02.27 20:58:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\msasgas.dll
[2003.04.16 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\lvntd78.dll
[2003.04.16 14:00:00 | 000,000,336 | ---- | C] () -- C:\WINDOWS\System32\x4p3xac.dll
[2003.04.16 14:00:00 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\ec58t9r.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1999.05.07 09:12:06 | 000,015,744 | ---- | C] () -- C:\WINDOWS\System32\Wintab.dll

========== LOP Check ==========

[2008.11.14 16:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Acoustica
[2007.08.28 03:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\AKVIS LLC
[2006.04.23 19:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Alien Skin
[2008.11.20 01:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\AltrixSoft
[2009.05.19 13:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Any DVD Converter Professional
[2008.04.25 16:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Bitstream
[2009.03.07 19:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\BSplayer PRO
[2008.10.11 15:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Canon
[2009.10.19 17:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\com.adobe.ExMan
[2008.09.27 01:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\CoreCodec
[2008.06.19 21:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Datel
[2007.11.07 23:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Digital Film Tools
[2007.03.17 19:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Dr. DivX 2.0 OSS
[2006.04.22 11:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Elaborate Bytes
[2010.03.10 13:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\esmska
[2007.09.04 19:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Expression Media
[2008.05.23 23:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\FDRLab
[2010.02.19 01:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\FTWeak
[2010.05.19 14:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\GetRightToGo
[2008.10.30 15:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\HDRsoft
[2008.12.01 19:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\HEXelon
[2009.01.05 03:30:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Imagenomic
[2010.04.24 14:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\IObit
[2010.01.15 17:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Lasersoft Imaging
[2009.11.29 00:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\LEAPS
[2009.10.04 14:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Lucis
[2007.11.08 01:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mask Pro 4.0
[2009.02.03 15:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mobipocket
[2009.01.09 19:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\mojosoft
[2008.04.16 12:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Morpheus Software
[2009.11.10 23:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\MoveFab
[2006.04.24 10:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\NetMedia Providers
[2007.04.22 12:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Netscape
[2007.10.13 13:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\NewSoft
[2008.09.06 01:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Nik Software
[2009.12.24 00:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Nuance
[2010.04.14 16:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\nView_Wallpaper
[2009.10.04 14:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\onOne Software
[2009.11.29 23:13:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Pegasys Inc
[2010.05.04 14:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Photodex
[2009.10.16 17:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\PhotoFiltre Studio X
[2006.04.21 00:34:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\PhotoFrameShow
[2010.04.28 15:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\proDAD
[2006.04.24 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Publish Providers
[2007.06.25 21:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\SafeIT Security
[2009.12.24 00:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\ScanSoft
[2007.11.19 15:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Shinycore
[2008.11.19 19:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Simply Super Software
[2007.03.14 18:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\SlySoft
[2010.05.20 00:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Sony
[2006.04.20 22:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Steinberg
[2007.10.14 11:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Teleca
[2006.04.24 11:04:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Ulead Systems
[2010.05.19 19:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\uTorrent
[2008.11.11 21:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\VitySoft
[2009.12.28 23:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\VS Revo Group
[2010.05.15 15:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Vso
[2008.09.12 13:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Windows Search
[2007.08.10 03:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\XemiComputers
[2009.12.24 00:26:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Zeon
[2009.10.29 12:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Zoner
[2007.07.28 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConeXware
[2009.10.04 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Digital Film Tools
[2006.12.15 03:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Elaborate Bytes
[2008.05.23 22:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2009.10.30 19:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2008.11.13 14:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grass Valley
[2009.04.02 23:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IM
[2009.12.26 15:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IncrediMail
[2010.05.17 22:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2008.11.30 21:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.05.24 13:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2006.04.22 19:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OLYMPUS
[2009.10.04 14:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\onOne Software
[2008.01.13 20:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Panasonic
[2010.05.19 12:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2010.05.19 14:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc
[2009.06.04 00:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Phase One
[2010.05.04 14:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Photodex
[2009.12.26 15:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PhotoMail
[2010.04.28 14:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.04.28 14:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.04.28 14:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.01.28 18:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2010.01.15 12:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2007.02.17 02:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2010.05.20 14:40:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.04.28 14:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Studio 12
[2007.10.14 11:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.05.19 16:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.11.23 16:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2006.04.24 11:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2008.05.23 22:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2009.03.11 18:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VertusTech
[2008.12.01 20:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vso
[2009.05.19 12:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2007.08.10 03:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\XemiComputers
[2009.10.04 16:06:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{5E80195C-322F-4958-B480-817CAC450BC4}
[2010.05.24 13:16:28 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\AWC AutoSweep.job

========== Purity Check ==========

Příspěvekod **jaro3** » 24 kvě 2010 23:26

Neodinstaloval si Combofix , viz první strana:
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
//////////////////////////////////////////////
Drive C: | 48,83 Gb Total Space | 5,82 Gb Free Space | 11,93% Space Free | Partition Type: NTFS
Drive D: | 230,63 Gb Total Space | 25,98 Gb Free Space | 11,26% Space Free | Partition Type: NTFS
Drive E: | 279,46 Gb Total Space | 57,61 Gb Free Space | 20,61% Space Free | Partition Type: NTFS
Drive F: | 279,46 Gb Total Space | 64,12 Gb Free Space | 22,94% Space Free | Partition Type: NTFS
Drive G: | 279,46 Gb Total Space | 6,43 Gb Free Space | 2,30% Space Free | Partition Type: NTFS

Na OS (C) by mělo zbývat nejméně 15% volného místa..

/////////////////////////////////////////////////////////////////////////////////////////////

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[2010.05.20 15:34:49 | 000,000,228 | ---- | M] () -- C:\WINDOWS\System32\bcdadac7.xml
[2010.02.26 17:38:45 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
@Alternate Data Stream - 264 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:C30C1005E0DD9B29
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:888AFB86
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\WINDOWS\VDLL.DLL
C:\WINDOWS\System32\runouce.exe
C:\ComboFix
C:\WINDOWS\NIRCMD.exe.mwt
C:\WINDOWS\SWREG.exe
C:\WINDOWS\SWXCACLS.exe
C:\WINDOWS\SWSC.exe
C:\Qoobox
C:\WINDOWS\REGBK00.ZIP
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\System32\bcdadac7.xml
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
C:\WINDOWS\System32\settingsbkup.sfm
C:\WINDOWS\System32\settings.sfm
C:\WINDOWS\Graffiti5.2Pin.ini
C:\WINDOWS\PEV.exe
C:\Documents and Settings\Alan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\zip.exe
C:\WINDOWS\sed.exe
C:\WINDOWS\grep.exe
C:\Documents and Settings\Alan\Plocha\ComboFix.exe
C:\WINDOWS\UDB.zip
C:\WINDOWS\IDB.zip
C:\WINDOWS\System32\Smab.dll
C:\WINDOWS\System32\mlcrs0ft.dll
C:\WINDOWS\Ascd_tmp.ini

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\RegSDImport.xml
C:\WINDOWS\RegISSImport.xml
C:\WINDOWS\hpqgrcpy.INI
C:\WINDOWS\System32\msasgas.dll
C:\WINDOWS\System32\lvntd78.dll
C:\WINDOWS\System32\x4p3xac.dll
C:\WINDOWS\System32\ec58t9r.dll
C:\WINDOWS\System32\lcppn21.dll
C:\WINDOWS\System32\Wintab.dll

Pokud už byl soubor testován-klikni na otestovat znovu.
Až skončí test všech antivirů, vlož sem pak odkazy na stránky s výsledky.

Alan-K · Příspěvekod **Alan-K** » 25 kvě 2010 01:41

...omlouvám se, ten ComboFix jsem odinstaloval až po tom OTL scanu...

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {233C1507-6A77-46A4-9443-F871F945D258}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
C:\WINDOWS\system32\bcdadac7.xml moved successfully.
C:\Documents and Settings\Alan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\WINDOWS:C30C1005E0DD9B29 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:888AFB86 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AWC AutoSweep.job moved successfully.
File\Folder C:\WINDOWS\VDLL.DLL not found.
File\Folder C:\WINDOWS\System32\runouce.exe not found.
File\Folder C:\ComboFix not found.
C:\WINDOWS\NIRCMD.exe.mwt moved successfully.
File\Folder C:\WINDOWS\SWREG.exe not found.
File\Folder C:\WINDOWS\SWXCACLS.exe not found.
File\Folder C:\WINDOWS\SWSC.exe not found.
File\Folder C:\Qoobox not found.
C:\WINDOWS\REGBK00.ZIP moved successfully.
C:\WINDOWS\tasks\SA.DAT moved successfully.
File\Folder C:\WINDOWS\System32\bcdadac7.xml not found.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\WINDOWS\System32\settingsbkup.sfm moved successfully.
C:\WINDOWS\System32\settings.sfm moved successfully.
C:\WINDOWS\Graffiti5.2Pin.ini moved successfully.
File\Folder C:\WINDOWS\PEV.exe not found.
File\Folder C:\Documents and Settings\Alan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini not found.
File\Folder C:\WINDOWS\zip.exe not found.
File\Folder C:\WINDOWS\sed.exe not found.
File\Folder C:\WINDOWS\grep.exe not found.
File\Folder C:\Documents and Settings\Alan\Plocha\ComboFix.exe not found.
C:\WINDOWS\UDB.zip moved successfully.
C:\WINDOWS\IDB.zip moved successfully.
C:\WINDOWS\System32\Smab.dll moved successfully.
C:\WINDOWS\System32\mlcrs0ft.dll moved successfully.
C:\WINDOWS\Ascd_tmp.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Alan
->Temp folder emptied: 484935 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 98267803 bytes
->Flash cache emptied: 434 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 94,00 mb

OTL by OldTimer - Version 3.2.5.0 log created on 05252010_005851

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Alan-K · Příspěvekod **Alan-K** » 25 kvě 2010 01:47

A tady je VirusTotal.

http://www.virustotal.com/cs/analisis/8 ... 1274742788
http://www.virustotal.com/cs/analisis/9 ... 1274742859
http://www.virustotal.com/cs/analisis/0 ... 1274743008
--------------------------------!!!
msasgas.dll - 2 ze 40
http://www.virustotal.com/cs/analisis/0 ... 1274743185
--------------------------------!!!
lvntd78.dll je tam i jako lvntd78.rar takže jsem kontroloval oba
http://www.virustotal.com/cs/analisis/a ... 1274743460
http://www.virustotal.com/cs/analisis/4 ... 1274743699
--------------------------------
x4p3xac.dll je tam i jako x4p3xac.rar takže jsem kontroloval oba
http://www.virustotal.com/cs/analisis/3 ... 1274744010
http://www.virustotal.com/cs/analisis/8 ... 1274744110
--------------------------------
http://www.virustotal.com/cs/analisis/1 ... 1274744248
http://www.virustotal.com/cs/analisis/6 ... 1274744460
http://www.virustotal.com/cs/analisis/3 ... 1274744775

Příspěvekod **jaro3** » 25 kvě 2010 11:27

Ještě script v OTL, stejný postup:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

:Files
C:\WINDOWS\System32\msasgas.dll

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Pak log z OTL.

+
Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

Alan-K · Příspěvekod **Alan-K** » 25 kvě 2010 12:21

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
========== FILES ==========
C:\WINDOWS\System32\msasgas.dll moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Alan
->Temp folder emptied: 234183 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 38075291 bytes
->Flash cache emptied: 434 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 22597858 bytes

Total Files Cleaned = 58,00 mb

OTL by OldTimer - Version 3.2.5.0 log created on 05252010_121253

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Alan-K · Příspěvekod **Alan-K** » 25 kvě 2010 12:47

OTL logfile created on: 25.5.2010 12:23:15 - Run 3
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Alan\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 9,74 Gb Free Space | 19,94% Space Free | Partition Type: NTFS
Drive D: | 230,63 Gb Total Space | 12,19 Gb Free Space | 5,29% Space Free | Partition Type: NTFS
Drive E: | 279,46 Gb Total Space | 57,61 Gb Free Space | 20,61% Space Free | Partition Type: NTFS
Drive F: | 279,46 Gb Total Space | 64,12 Gb Free Space | 22,94% Space Free | Partition Type: NTFS
Drive G: | 279,46 Gb Total Space | 1,85 Gb Free Space | 0,66% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 465,76 Gb Total Space | 57,74 Gb Free Space | 12,40% Space Free | Partition Type: NTFS
Drive L: | 186,31 Gb Total Space | 18,21 Gb Free Space | 9,78% Space Free | Partition Type: NTFS

Computer Name: PC-DOMA
Current User Name: Alan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Alan\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\WINDOWS\system32\bgsvcgen.exe (SOURCENEXT)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\system32\ASTSRV.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe (SanDisk)
PRC - C:\Program Files\Creative\Entertainment Center\EAXLoadr.exe (Creative Technology Ltd)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
PRC - C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe (Creative Technology Ltd)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Alan\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)

========== Win32 Services (SafeList) ==========

SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (bgsvcgen) -- C:\WINDOWS\System32\bgsvcgen.exe (SOURCENEXT)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (astcc) -- C:\WINDOWS\system32\ASTSRV.EXE (Nalpeiron Ltd.)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (btwdins) -- C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (SCDEmu) -- C:\WINDOWS\system32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTERFXFX.SYS) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS (Creative Technology Ltd)
DRV - (CTERFXFX) -- C:\WINDOWS\system32\drivers\CTERFXFX.sys (Creative Technology Ltd)
DRV - (CTSBLFX.SYS) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS (Creative Technology Ltd)
DRV - (CTSBLFX) -- C:\WINDOWS\system32\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV - (CTAUDFX.SYS) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS (Creative Technology Ltd)
DRV - (CTAUDFX) -- C:\WINDOWS\system32\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV - (COMMONFX.SYS) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS (Creative Technology Ltd)
DRV - (COMMONFX) -- C:\WINDOWS\system32\drivers\COMMONFX.sys (Creative Technology Ltd)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (Revoflt) -- C:\WINDOWS\system32\drivers\revoflt.sys (VS Revo Group)
DRV - (cdrbsdrv) -- C:\WINDOWS\system32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (adfs) -- C:\WINDOWS\system32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (SI3112r) -- C:\WINDOWS\system32\DRIVERS\SI3112r.sys (Silicon Image, Inc)
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (cdrblock) -- C:\WINDOWS\system32\drivers\cdrblock.sys (Canopus Co,. Ltd.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (se45unic) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM) -- C:\WINDOWS\system32\drivers\se45unic.sys (MCCI)
DRV - (se45obex) -- C:\WINDOWS\system32\drivers\se45obex.sys (MCCI)
DRV - (se45mgmt) Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\se45mgmt.sys (MCCI)
DRV - (se45nd5) Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS) -- C:\WINDOWS\system32\drivers\se45nd5.sys (MCCI)
DRV - (se45mdm) -- C:\WINDOWS\system32\drivers\se45mdm.sys (MCCI)
DRV - (se45mdfl) -- C:\WINDOWS\system32\drivers\se45mdfl.sys (MCCI)
DRV - (se45bus) Sony Ericsson Device 069 driver (WDM) -- C:\WINDOWS\system32\drivers\se45bus.sys (MCCI)
DRV - (fixustor) -- C:\WINDOWS\system32\drivers\fixustor.sys (Genesys Logic)
DRV - (VD_FileDisk) -- C:\WINDOWS\system32\drivers\vd_filedisk.sys (Flint Incorporation)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (cdrport) -- C:\WINDOWS\system32\drivers\cdrport.sys (Canopus Co,. Ltd.)
DRV - (ULCDRHlp) -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys (Ulead Systems, Inc.)
DRV - (fasttx2k) -- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (viafilter) -- C:\WINDOWS\System32\Drivers\viausb1.sys (VIA Technologies, Inc.)
DRV - (PenClass) -- C:\WINDOWS\system32\Drivers\penclass.sys (Wacom Technology Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.cz"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {152455DE-7B40-4bcf-B5B4-C68A1BE85A91}:2.6.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {2c088200-b973-11db-8314-0800200c9a66}:1.7.1
FF - prefs.js..keyword.URL: "http://mystart.incredimail.com/?loc=ff_address_bar_PMM_std_alone&search="
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.19 16:46:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.20 16:59:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.10.30 19:11:22 | 000,000,000 | ---D | M]

[2009.06.08 11:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Extensions
[2009.06.08 11:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2010.05.24 23:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions
[2009.06.03 14:41:38 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(2)
[2009.12.11 21:30:56 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(3)
[2010.03.18 03:05:03 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(4)
[2010.04.06 22:39:23 | 000,000,000 | ---D | M] (Domain Details) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{152455DE-7B40-4bcf-B5B4-C68A1BE85A91}
[2010.04.29 01:50:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.30 15:42:10 | 000,000,000 | ---D | M] (Harley Davidson) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{2c088200-b973-11db-8314-0800200c9a66}
[2009.06.03 14:41:38 | 000,000,000 | ---D | M] (MidnightFox) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}(2)
[2010.04.15 16:49:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.03.23 11:05:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2010.04.14 16:50:58 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2008.09.23 09:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.05.24 23:03:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.20 16:59:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.20 16:58:48 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.23 16:50:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Ptipbmf] C:\WINDOWS\System32\ptipbmf.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Alan\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe (SanDisk)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe (Wacom Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Alan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alan\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.07 17:46:56 | 000,000,000 | R--D | M] - E:\Auto FX Software -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.09.05 22:41:43 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.25 02:17:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Alan\Recent
[2010.05.25 02:17:26 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Alan\Plocha\ATF-Cleaner.exe
[2010.05.25 00:58:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.05.25 00:44:51 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Alan\Plocha\OTL.exe
[2010.05.24 13:34:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.05.21 16:09:29 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Alan\Plocha\HijackThis.exe
[2010.05.21 16:03:49 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\Alan\Plocha\StartUpLite.exe
[2010.05.20 16:59:03 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.20 16:59:03 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.20 16:59:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.20 16:59:03 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.20 16:59:03 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.20 11:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
[2010.05.20 00:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Sony ACID Pro 6.0 projekty
[2010.05.19 16:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.05.19 16:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.05.19 16:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple
[2010.05.19 16:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\Apple Computer
[2010.05.19 15:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\PC_Drivers_Headquarters
[2010.05.19 15:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2010.05.19 14:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc
[2010.05.19 12:55:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Data aplikací\GetRightToGo
[2010.05.19 12:42:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Downloads
[2010.05.19 12:42:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2010.05.18 20:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\AnalogX
[2010.05.18 20:29:08 | 000,217,088 | ---- | C] (Audio Mechanic & Sound Breeder) -- C:\Documents and Settings\Alan\Plocha\VB_plugman.exe
[2010.05.18 19:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2009
[2010.05.18 11:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2010.05.18 01:49:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\PCHealth
[2010.05.18 01:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\My Videos
[2010.05.18 01:17:08 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.05.18 01:17:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.05.18 01:17:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.05.18 01:16:51 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.05.18 01:16:42 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.05.18 01:16:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.05.18 01:16:25 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.05.18 01:16:16 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.05.18 01:16:08 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.05.18 01:15:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010.05.18 01:15:51 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.05.18 01:15:43 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010.05.18 01:15:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010.05.18 01:15:35 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010.05.18 01:15:26 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010.05.18 01:15:26 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010.05.18 01:15:18 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010.05.18 01:15:11 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010.05.18 01:15:03 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010.05.18 01:15:03 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010.05.18 01:14:55 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010.05.18 01:14:46 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010.05.18 01:14:46 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010.05.18 01:14:38 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010.05.18 01:14:31 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010.05.18 01:14:23 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010.05.18 01:14:23 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010.05.18 01:14:14 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010.05.18 01:13:54 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010.05.18 01:13:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010.05.18 01:13:34 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010.05.18 01:13:24 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010.05.18 01:13:24 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010.05.18 01:13:15 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010.05.18 01:13:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010.05.18 01:12:57 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010.05.18 01:12:57 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010.05.18 01:12:48 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010.05.18 01:12:40 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010.05.18 01:12:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010.05.18 01:12:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010.05.18 01:12:14 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010.05.18 01:12:14 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010.05.18 01:12:05 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010.05.18 01:11:57 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010.05.18 01:11:41 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010.05.18 01:11:41 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010.05.18 01:11:32 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010.05.18 01:09:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.05.17 23:28:18 | 000,000,000 | ---D | C] -- C:\MoTemp
[2010.05.17 22:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.05.13 23:26:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Alcohol 120%
[2010.05.13 23:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2010.05.06 19:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ZoomBrowser
[2010.05.05 19:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\ProShow MediaSource - Wedding Essentials
[2010.05.04 13:57:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Stažené soubory
[2010.04.28 20:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\InstantCDDVD
[2010.04.28 20:23:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Pinnacle
[2010.04.28 15:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Dokumenty\Pinnacle Studio
[2010.04.28 15:04:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alan\Data aplikací\proDAD
[2010.04.28 15:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\proDAD
[2010.04.28 15:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\LooksBuilderSE
[2010.04.28 15:02:02 | 000,049,152 | ---- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CvoAPI.dll
[2010.04.28 14:49:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.04.28 14:42:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\My Projects
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Studio 12
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010.04.28 14:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Pinnacle
[2010.04.28 14:11:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msdv.sys
[2010.04.28 14:11:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010.04.28 14:11:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\avc.sys
[2010.04.28 14:11:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010.04.28 14:11:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\61883.sys
[2010.04.28 14:11:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010.03.18 19:18:32 | 000,010,752 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

========== Files - Modified Within 30 Days ==========

[2010.05.25 12:19:35 | 000,545,352 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.25 12:19:35 | 000,540,584 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.25 12:19:35 | 000,131,128 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.25 12:19:35 | 000,116,888 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.25 12:19:34 | 001,355,520 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.25 12:16:08 | 004,931,715 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000009-00001102-00000004-20011102}.CDF
[2010.05.25 12:15:35 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.25 12:15:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.25 12:15:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.25 12:13:53 | 019,136,512 | ---- | M] () -- C:\Documents and Settings\Alan\ntuser.dat
[2010.05.25 12:13:53 | 000,031,104 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.25 12:13:53 | 000,031,104 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.25 12:13:53 | 000,030,168 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.25 12:13:53 | 000,030,168 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.25 12:13:53 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.25 12:13:45 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Alan\ntuser.ini
[2010.05.25 11:48:22 | 000,000,091 | ---- | M] () -- C:\Documents and Settings\Alan\Data aplikací\default.pls
[2010.05.25 11:48:22 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.25 04:00:22 | 011,916,842 | -H-- | M] () -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\IconCache.db
[2010.05.25 02:38:13 | 000,002,536 | ---- | M] () -- C:\Documents and Settings\Alan\Dokumenty\Register Sound Forge.htm
[2010.05.25 02:28:06 | 000,000,139 | ---- | M] () -- C:\WINDOWS\msicpl.ini
[2010.05.25 02:17:27 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Alan\Plocha\ATF-Cleaner.exe
[2010.05.25 00:45:17 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alan\Plocha\OTL.exe
[2010.05.24 13:33:58 | 000,210,944 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\T-Cleaner.exe
[2010.05.23 16:50:14 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.23 16:50:04 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.23 16:29:08 | 086,349,632 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\mwav.exe
[2010.05.21 16:01:43 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\Alan\Plocha\StartUpLite.exe
[2010.05.21 14:35:32 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Alan\Plocha\HijackThis.exe
[2010.05.21 12:33:23 | 000,178,070 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.05.20 17:47:02 | 000,002,428 | ---- | M] () -- C:\Documents and Settings\Alan\Dokumenty\Register Vegas.htm
[2010.05.20 17:41:50 | 000,001,633 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vegas 7.0.lnk
[2010.05.20 16:58:45 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.20 16:58:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.20 16:58:44 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.20 16:58:44 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.20 16:58:43 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.20 11:26:24 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.05.20 00:09:50 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\SONY ACID pro.lnk
[2010.05.19 23:02:45 | 000,000,028 | ---- | M] () -- C:\WINDOWS\MotionDVSTUDIO.INI
[2010.05.19 16:45:46 | 000,001,608 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2010.05.19 12:42:25 | 000,658,296 | ---- | M] () -- C:\Documents and Settings\Alan\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.05.19 12:30:51 | 003,547,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.19 01:34:50 | 000,000,028 | ---- | M] () -- C:\Documents and Settings\Alan\Adobe Encore DVD_VUI.pref
[2010.05.18 20:30:40 | 000,001,644 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\DXMan.lnk
[2010.05.18 19:49:37 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\jv16 PowerTools 2009.lnk
[2010.05.18 11:48:41 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.05.18 11:48:41 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.05.17 23:28:11 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mokey V4.1.1.lnk
[2010.05.17 14:03:29 | 000,000,281 | ---- | M] () -- C:\Documents and Settings\Alan\Dokumenty\ax_files.xml
[2010.05.15 15:57:35 | 000,001,189 | ---- | M] () -- C:\Documents and Settings\Alan\Data aplikací\vso_ts_preview.xml
[2010.05.14 00:30:47 | 040,165,200 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\dr.WEB.exe
[2010.05.14 00:11:43 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PowerISO.lnk
[2010.05.13 23:13:42 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.05.13 23:04:57 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.05.10 14:00:34 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\CorelDRAW X4.lnk
[2010.05.06 19:46:44 | 000,000,927 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2010.05.05 22:04:07 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AnyDVD.lnk
[2010.05.05 19:48:55 | 000,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Revo Uninstaller Pro.lnk
[2010.05.05 19:40:59 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\ProShow Producer.lnk
[2010.05.04 14:13:56 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\ConvertXtoDVD 4.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.28 14:55:10 | 000,001,894 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Instant DVD Recorder.lnk
[2010.04.28 14:46:44 | 000,000,901 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Studio 12.lnk
[2010.04.27 23:56:28 | 000,001,552 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\CCleaner.lnk
[2010.04.26 16:31:15 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Alan\Plocha\Microsoft Office Word 2007.lnk

Alan-K · Příspěvekod **Alan-K** » 25 kvě 2010 12:48

========== Files Created - No Company Name ==========

[2010.05.25 02:34:30 | 000,002,536 | ---- | C] () -- C:\Documents and Settings\Alan\Dokumenty\Register Sound Forge.htm
[2010.05.24 13:39:14 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.05.24 13:33:56 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\T-Cleaner.exe
[2010.05.23 16:21:10 | 086,349,632 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\mwav.exe
[2010.05.20 17:47:02 | 000,002,428 | ---- | C] () -- C:\Documents and Settings\Alan\Dokumenty\Register Vegas.htm
[2010.05.20 17:41:50 | 000,001,633 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vegas 7.0.lnk
[2010.05.20 11:42:00 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm
[2010.05.20 00:09:50 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\SONY ACID pro.lnk
[2010.05.19 20:02:20 | 019,136,512 | ---- | C] () -- C:\Documents and Settings\Alan\ntuser.dat
[2010.05.19 16:45:46 | 000,001,608 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2010.05.19 15:56:09 | 000,186,407 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2010.05.19 15:56:07 | 000,018,070 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010.05.18 20:30:40 | 000,001,644 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\DXMan.lnk
[2010.05.18 19:28:27 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\jv16 PowerTools 2009.lnk
[2010.05.18 11:51:33 | 000,030,168 | ---- | C] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.18 11:51:33 | 000,030,168 | ---- | C] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.18 11:51:33 | 000,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
[2010.05.18 11:50:02 | 004,931,715 | ---- | C] () -- C:\WINDOWS\{00000002-00000000-00000009-00001102-00000004-20011102}.CDF
[2010.05.14 00:31:22 | 040,165,200 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\dr.WEB.exe
[2010.05.13 23:30:48 | 000,000,281 | ---- | C] () -- C:\Documents and Settings\Alan\Dokumenty\ax_files.xml
[2010.05.13 23:13:42 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.05.13 23:04:56 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.05.06 19:46:44 | 000,000,927 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ZoomBrowser EX.lnk
[2010.05.05 19:40:59 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\Alan\Plocha\ProShow Producer.lnk
[2010.04.28 14:57:04 | 000,001,772 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\__wdump.txt
[2010.04.28 14:55:10 | 000,001,894 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Instant DVD Recorder.lnk
[2010.04.28 14:46:44 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Pinnacle Studio 12.lnk
[2010.04.28 14:37:52 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.03.18 19:59:54 | 000,050,439 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2010.03.18 19:59:50 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010.03.18 19:19:58 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2010.01.15 12:10:19 | 000,000,419 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.01.14 21:29:24 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2009.12.10 22:45:50 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009.11.29 22:35:20 | 000,002,001 | ---- | C] () -- C:\WINDOWS\BorisRED4.3.ini
[2009.10.04 16:59:35 | 000,890,953 | ---- | C] () -- C:\WINDOWS\HSC_mfr2.ini
[2009.07.08 15:10:56 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2009.06.21 11:49:24 | 000,000,101 | ---- | C] () -- C:\WINDOWS\MsgAgt.INI
[2009.06.16 12:30:14 | 000,005,553 | ---- | C] () -- C:\WINDOWS\System32\iconcfg.ini
[2009.06.16 08:44:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lucispro.INI
[2009.06.06 19:01:10 | 009,838,080 | ---- | C] () -- C:\WINDOWS\System32\tlidenoise30.dll
[2009.04.03 14:10:04 | 007,262,208 | ---- | C] () -- C:\WINDOWS\System32\tliadjust32.dll
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.12 11:47:40 | 003,520,000 | ---- | C] () -- C:\WINDOWS\System32\tlisimplify10.dll
[2008.12.11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.12.09 15:36:00 | 001,150,976 | ---- | C] () -- C:\WINDOWS\System32\tlisimplify10_dll.dll
[2008.11.30 23:13:29 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\pavedius4db.dll
[2008.11.30 23:13:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\pavedius.dll
[2008.11.19 20:05:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008.11.07 03:35:31 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008.11.06 02:55:50 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008.11.06 02:55:50 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2008.11.06 02:55:50 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008.11.06 02:55:50 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008.11.06 02:29:25 | 000,000,123 | ---- | C] () -- C:\WINDOWS\rootkitno.ini
[2008.11.02 21:59:38 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2008.11.01 23:22:05 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.05.29 11:47:32 | 002,023,424 | ---- | C] () -- C:\WINDOWS\System32\QtCore4.dll
[2008.05.03 06:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.05.03 06:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.05.03 06:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.05.03 06:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.05.03 06:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.04.24 00:49:52 | 007,315,456 | ---- | C] () -- C:\WINDOWS\System32\QtGui4.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth2.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\grcauth1.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.04.14 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.04.14 14:00:00 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.04.14 14:00:00 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\iakuxgs.dll
[2008.03.07 02:30:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.02.08 17:13:44 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\LS3Renderer.dll
[2008.01.12 12:41:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.01.07 10:49:29 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2007.12.28 21:09:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\COMPANIONAPP.INI
[2007.12.26 16:54:27 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007.12.01 17:45:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2007.11.01 17:53:34 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.11.01 17:43:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.10.02 19:37:22 | 000,000,133 | ---- | C] () -- C:\WINDOWS\VobEdit.INI
[2007.10.01 16:30:25 | 000,001,585 | ---- | C] () -- C:\WINDOWS\Graffiti4.0.ini
[2007.09.07 23:05:18 | 000,890,953 | ---- | C] () -- C:\WINDOWS\Txtis.ini
[2007.08.13 20:45:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2007.07.28 18:41:55 | 000,001,633 | ---- | C] () -- C:\WINDOWS\BorisFX8.0.ini
[2007.07.28 18:31:03 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2007.07.03 02:31:22 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2007.06.14 07:46:22 | 000,000,323 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.06.12 08:13:06 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007.06.12 08:12:29 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007.06.02 17:34:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\settings.ini
[2007.03.27 17:16:05 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007.03.22 00:25:40 | 000,000,286 | ---- | C] () -- C:\WINDOWS\hpqgrcpy.INI
[2007.02.21 02:03:16 | 000,000,397 | ---- | C] () -- C:\WINDOWS\barcode.ini
[2007.01.26 02:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007.01.26 02:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006.12.26 19:26:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2006.12.13 00:48:40 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006.11.01 17:18:34 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys
[2006.09.08 18:25:39 | 000,000,071 | ---- | C] () -- C:\WINDOWS\EPSONCD.INI
[2006.08.22 20:58:47 | 000,000,299 | ---- | C] () -- C:\WINDOWS\PRELUDE.INI
[2006.07.10 23:46:35 | 000,000,066 | ---- | C] () -- C:\WINDOWS\#1 Video Converter.INI
[2006.06.25 22:01:02 | 000,000,134 | ---- | C] () -- C:\WINDOWS\Title.INI
[2006.06.18 23:58:11 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Hmplayer.INI
[2006.06.18 23:06:19 | 000,000,028 | ---- | C] () -- C:\WINDOWS\MotionDVSTUDIO.INI
[2006.05.05 11:11:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.05.01 12:49:23 | 000,000,011 | ---- | C] () -- C:\WINDOWS\3DShadow.INI
[2006.04.21 23:41:21 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006.04.21 18:30:21 | 000,000,042 | ---- | C] () -- C:\WINDOWS\MixBUda.INI
[2006.04.20 20:49:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDER300Euro.ini
[2006.04.20 20:11:57 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\TaskKeyHook.dll
[2006.04.20 19:58:08 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.04.20 19:58:08 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.04.20 19:58:08 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.04.20 19:58:08 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.04.20 19:58:08 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.04.20 19:58:08 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.04.20 11:24:42 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2006.04.20 10:21:34 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.04.20 10:14:56 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006.04.20 02:46:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2006.04.20 02:18:06 | 000,000,191 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2006.04.20 02:03:48 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\memtest.dll
[2006.04.20 02:03:47 | 000,039,044 | ---- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.07.15 20:35:56 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2005.02.03 02:30:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2005.01.24 11:12:08 | 004,915,200 | ---- | C] () -- C:\WINDOWS\System32\qt-mt333.dll
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004.09.11 20:36:40 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2003.04.16 14:00:00 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\lvntd78.dll
[2003.04.16 14:00:00 | 000,000,336 | ---- | C] () -- C:\WINDOWS\System32\x4p3xac.dll
[2003.04.16 14:00:00 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\ec58t9r.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1999.05.07 09:12:06 | 000,015,744 | ---- | C] () -- C:\WINDOWS\System32\Wintab.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\ReinstallBackups\0065\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0055\DriverFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0056\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Files - Unicode (All) ==========
[2009.12.26 15:40:18 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\Data aplikac?ncrediMail) -- C:\Documents and Settings\All Users\Data aplikac웉ncrediMail
(C:\Documents and Settings\All Users\Data aplikac?ncrediMail) -- C:\Documents and Settings\All Users\Data aplikac웉ncrediMail
< End of report >

prosím o kontrolu Logu Vyřešeno

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Kdo je online