OTL logfile created on: 16.5.2012 17:02:33 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\admin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,75 Gb Total Physical Memory | 1,16 Gb Available Physical Memory | 66,48% Memory free
3,60 Gb Paging File | 3,02 Gb Available in Paging File | 83,82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,51 Gb Total Space | 12,27 Gb Free Space | 16,46% Space Free | Partition Type: FAT32
Drive H: | 1,89 Gb Total Space | 1,85 Gb Free Space | 97,83% Space Free | Partition Type: FAT32
Computer Name: POLO | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\admin\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Opera\opera.exe (Opera Software)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\defs\12051600\algo.dll ()
MOD - C:\Program Files\Opera\gstreamer\gstreamer.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
========== Win32 Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (StarWindService) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (Rocket Division Software)
========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found
DRV - (RTL8023xp) -- system32\DRIVERS\Rtlnicxp.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (avmfnb5l) -- File not found
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- system32\drivers\ALCXWDM.SYS File not found
DRV - (ALCXSENS) -- system32\drivers\ALCXSENS.SYS File not found
DRV - (AgereSoftModem) -- system32\DRIVERS\AGRSM.sys File not found
DRV - (a1urrxtx) -- File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (m5287) -- C:\WINDOWS\system32\drivers\m5287.sys (ULi Electronics Inc.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (IPN2220) -- C:\WINDOWS\system32\drivers\i2220ntx.sys (Inprocomm, Inc.)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.3.4
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems:
searchpredict@speedbit.com:1.0.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems:
plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledItems:
wrc@avast.com:6.0.1407
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.01.01 18:51:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\2.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\searchpredict@speedbit.com: C:\Program Files\SearchPredict\PRFireFox [2006.12.08 00:37:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010.12.14 14:14:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.03.02 15:20:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.14 14:14:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.14 14:14:26 | 000,000,000 | ---D | M]
[2010.12.14 14:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Extensions
[2010.12.14 14:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.12.14 14:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\extensions
[2006.12.08 00:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2011.05.23 15:12:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.11.06 00:31:18 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.11 20:16:40 | 000,000,000 | ---D | M] (Yontoo) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\extensions\plugin@yontoo.com
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\searchplugins\icqplugin.xml
[2011.11.06 00:31:18 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\searchplugins\icqplugin.src
[2011.11.06 00:31:18 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nki7qhf7.default\searchplugins\icqplugin.gif
[2010.12.14 14:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.11 22:36:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.12.14 14:14:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.12.14 14:53:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.05.07 21:16:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\NKI7QHF7.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\NKI7QHF7.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\NKI7QHF7.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM
[2012.03.02 15:20:42 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010.12.14 14:14:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2006.12.08 00:37:50 | 000,000,000 | ---D | M] (SearchPredict) -- C:\PROGRAM FILES\SEARCHPREDICT\PRFIREFOX
[2011.07.01 17:55:52 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2011.07.01 17:55:54 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.01 17:55:54 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2011.06.07 12:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2007.04.30 16:29:22 | 000,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2006.12.08 21:56:52 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2006.12.08 21:56:52 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2006.12.08 21:56:52 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2006.12.08 21:56:52 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2006.12.08 21:56:52 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2006.12.08 21:56:52 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ========== CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url =
http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\gears.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\2.bin\NPMyWebS.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\
O1 HOSTS File: ([2012.05.15 21:09:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 7370651828 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE9CB4AC-23AB-40D1-BA00-D931122EF518}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2012.05.16 16:58:06 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
[2012.05.16 16:18:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Recent
[2012.05.16 16:12:44 | 000,000,000 | -HSD | C] -- C:\Recycled
[2012.05.15 21:08:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.05.14 16:08:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Data aplikací\Malwarebytes
[2012.05.14 16:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2012.05.14 16:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2012.05.14 16:08:24 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.05.14 16:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.14 15:50:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Plocha\backups
[2012.05.12 17:42:20 | 004,126,880 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.05.12 17:01:18 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.05.12 16:00:39 | 000,000,000 | ---D | C] -- C:\i386
[2012.05.11 18:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\.fontconfig
[2012.05.10 19:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Plocha\vše co se týká mafie
[2012.05.02 11:38:16 | 000,000,000 | ---D | C] -- C:\Scenario
[2012.04.22 19:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Lavalys
[2012.04.22 19:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2012.04.20 19:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Plocha\sanko
[2012.04.17 18:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2012.04.16 17:22:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2012.04.16 17:22:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\AlawarWrapper
[2012.04.16 17:22:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2011.08.23 22:08:28 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\admin\Data aplikací\pcouffin.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012.05.16 16:58:08 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
[2012.05.16 16:56:16 | 000,001,411 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\Mapa znaků.lnk
[2012.05.16 16:42:16 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.16 16:24:46 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.05.16 16:21:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.16 16:21:40 | 1878,446,080 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.16 16:18:36 | 000,000,368 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120516_161832.reg
[2012.05.16 16:13:14 | 000,016,302 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120516_161311.reg
[2012.05.15 20:12:04 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8760895B-642B-4A0B-990D-E6C87E371125}.job
[2012.05.14 19:01:36 | 000,494,234 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.14 19:01:36 | 000,489,976 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.05.14 19:01:36 | 000,098,148 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.05.14 19:01:36 | 000,084,212 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.12 17:42:26 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.05.12 17:42:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.05.12 17:42:22 | 004,126,880 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.05.12 17:09:34 | 000,006,964 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120512_170930.reg
[2012.05.12 17:02:20 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.05.12 16:57:34 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.11 18:30:26 | 000,004,114 | ---- | M] () -- C:\Documents and Settings\admin\.recently-used.xbel
[2012.05.11 17:19:38 | 000,001,524 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120511_171933.reg
[2012.05.10 15:01:00 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.08 13:38:46 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012.04.29 19:25:52 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012.04.25 17:41:08 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\admin\default.pls
[2012.04.25 17:40:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.22 20:00:30 | 000,001,418 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\Ovládání hlasitosti.lnk
[2012.04.22 19:28:42 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\EVEREST Ultimate Edition.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2012.05.16 16:56:04 | 000,001,411 | ---- | C] () -- C:\Documents and Settings\admin\Plocha\Mapa znaků.lnk
[2012.05.16 16:18:33 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120516_161832.reg
[2012.05.16 16:13:12 | 000,016,302 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120516_161311.reg
[2012.05.15 21:09:18 | 1878,446,080 | -HS- | C] () -- C:\hiberfil.sys
[2012.05.12 17:09:32 | 000,006,964 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120512_170930.reg
[2012.05.12 17:01:19 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.11 18:30:25 | 000,004,114 | ---- | C] () -- C:\Documents and Settings\admin\.recently-used.xbel
[2012.05.11 17:19:36 | 000,001,524 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20120511_171933.reg
[2012.04.29 19:25:51 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012.04.29 19:25:51 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012.04.22 19:28:41 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\admin\Plocha\EVEREST Ultimate Edition.lnk
[2012.03.30 16:23:39 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2012.03.11 22:46:27 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\srkey.exe
[2012.03.11 00:52:12 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012.03.11 00:52:12 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012.03.11 00:52:12 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012.03.07 00:15:26 | 000,000,090 | ---- | C] () -- C:\WINDOWS\WA.INI
[2012.03.02 17:22:43 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012.02.24 14:48:23 | 000,000,030 | ---- | C] () -- C:\WINDOWS\level.ini
[2012.02.11 20:08:06 | 000,000,019 | ---- | C] () -- C:\WINDOWS\KNP.INI
[2012.02.11 20:04:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2012.01.12 22:35:46 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2011.10.02 16:58:01 | 000,010,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hmonitor45.sys
[2011.09.03 18:06:03 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011.08.23 22:08:41 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2011.08.23 22:08:28 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\admin\Data aplikací\inst.exe
[2011.08.23 22:08:28 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\admin\Data aplikací\pcouffin.cat
[2011.08.23 22:08:28 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\admin\Data aplikací\pcouffin.inf
[2011.08.23 20:27:23 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2011.08.17 16:26:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2011.05.07 21:42:49 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2011.04.06 19:17:01 | 000,000,616 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.01.23 14:21:48 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.09 17:31:59 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin
[2011.01.08 13:16:18 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.16 18:08:25 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.12.14 14:13:26 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.12.14 14:13:25 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.12.14 14:13:24 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.12.14 14:13:24 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.12.14 14:13:23 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.06.24 11:05:48 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.06.24 11:05:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.06.24 08:53:45 | 000,087,540 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.06.24 08:49:14 | 000,001,295 | ---- | C] () -- C:\WINDOWS\wincmd.ini
========== LOP Check ========== [2010.12.14 14:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.12.19 17:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.12.30 18:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.12.31 01:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2006.12.08 00:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
[2006.12.08 00:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.08.17 00:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tunngle
[2012.02.11 20:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[2012.04.16 17:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2012.04.16 17:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2010.12.14 14:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\OpenOffice.org
[2010.12.19 17:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\DAEMON Tools Lite
[2011.01.03 18:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\InterTrust
[2011.01.08 16:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\BitTorrent
[2011.01.08 17:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\PriceGong
[2011.01.10 15:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\GetRightToGo
[2006.12.08 00:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Opera
[2006.12.08 00:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Toolbar4
[2006.12.08 00:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\TS3Client
[2006.12.16 00:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\My Battle for Middle-earth(tm) II Files
[2011.08.14 21:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\FOG Downloader
[2011.08.17 00:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Tunngle
[2011.08.23 22:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Vso
[2011.09.05 19:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Pokemon Online
[2011.09.22 16:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\PhotoFiltre Studio X
[2011.11.13 16:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\gtk-2.0
[2011.12.12 18:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\09541
[2012.04.14 20:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\.minecraft
[2012.04.15 21:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Sacculus The Wargame
[2012.05.15 20:12:04 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8760895B-642B-4A0B-990D-E6C87E371125}.job
========== Purity Check ========== < End of report >
