Problém s podvodným spyware - neustále vyskakující upozornění o nákaze. Prosím o kontrolu. Díky
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2010-01-28 11:43:19
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 37 GB (49%) free of 76 GB
Total RAM: 767 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:50, on 28.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CNAB3RPK.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\smss32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\InternetSecurity2010\IS2010.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Temp\anti-vir\RSIT.exe
C:\Program Files\trend micro\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://tw.msi.com.tw/autobios/VerChk/XS ... n=LMonitor
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe aqlb.hjo lhoweid
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon32.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MpsOnn] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe
O4 - HKLM\..\RunServices: [DataboxFFServer] C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DataboxFFServer] C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Epass - update.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NBService - Nero AG - C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9707 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Norton Security Scan for Owner.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-29 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-15 57344]
"MpsOnn"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe [2001-11-19 22528]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-11 2043160]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"smss32.exe"=C:\WINDOWS\system32\smss32.exe [2010-01-27 33792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-04 68856]
"DataboxFFServer"=C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe [2005-08-31 303616]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"Internet Security 2010"=C:\Program Files\InternetSecurity2010\IS2010.exe [2010-01-27 1285632]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Epass - update.exe.lnk - Z:\update.exe
C:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-04-21 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-10-02 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ntprvwms.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=
"NoActiveDesktop"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\CNAB3RPK.EXE"="C:\WINDOWS\system32\CNAB3RPK.EXE:*:Enabled:Canon LBP3000 RPC Server Process"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Nero\Nero Sipps\Phone.exe"="C:\Program Files\Nero\Nero Sipps\Phone.exe:*:Enabled:Phone"
"C:\Program Files\Databox\Contact 4.0\FindServ.exe"="C:\Program Files\Databox\Contact 4.0\FindServ.exe:*:Enabled:FindServ"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{def1f9ac-7821-11de-b7db-000c7660f731}]
shell\AutoRun\command - E:\setup.exe
======List of files/folders created in the last 1 months======
2010-01-28 11:43:21 ----D---- C:\Program Files\trend micro
2010-01-28 11:43:19 ----D---- C:\rsit
2010-01-28 08:32:21 ----HD---- C:\$AVG8.VAULT$
2010-01-28 07:11:10 ----A---- C:\WINDOWS\system32\9894.exe
2010-01-28 07:11:00 ----D---- C:\Program Files\InternetSecurity2010
2010-01-28 06:51:07 ----A---- C:\WINDOWS\system32\17035.exe
2010-01-28 06:31:07 ----A---- C:\WINDOWS\system32\26299.exe
2010-01-28 06:11:07 ----A---- C:\WINDOWS\system32\25667.exe
2010-01-28 05:51:07 ----A---- C:\WINDOWS\system32\19912.exe
2010-01-28 05:31:07 ----A---- C:\WINDOWS\system32\1869.exe
2010-01-28 05:11:06 ----A---- C:\WINDOWS\system32\11538.exe
2010-01-28 04:51:06 ----A---- C:\WINDOWS\system32\14771.exe
2010-01-28 04:31:06 ----A---- C:\WINDOWS\system32\21726.exe
2010-01-28 04:11:06 ----A---- C:\WINDOWS\system32\5447.exe
2010-01-28 03:51:06 ----A---- C:\WINDOWS\system32\19895.exe
2010-01-28 03:31:06 ----A---- C:\WINDOWS\system32\19718.exe
2010-01-28 03:11:06 ----A---- C:\WINDOWS\system32\18716.exe
2010-01-28 02:51:06 ----A---- C:\WINDOWS\system32\17421.exe
2010-01-28 02:31:05 ----A---- C:\WINDOWS\system32\12382.exe
2010-01-28 02:11:05 ----A---- C:\WINDOWS\system32\292.exe
2010-01-28 01:51:05 ----A---- C:\WINDOWS\system32\153.exe
2010-01-28 01:31:05 ----A---- C:\WINDOWS\system32\3902.exe
2010-01-28 01:11:05 ----A---- C:\WINDOWS\system32\14604.exe
2010-01-28 00:51:05 ----A---- C:\WINDOWS\system32\32391.exe
2010-01-28 00:31:04 ----A---- C:\WINDOWS\system32\5436.exe
2010-01-28 00:11:03 ----A---- C:\WINDOWS\system32\4827.exe
2010-01-27 23:51:03 ----A---- C:\WINDOWS\system32\11942.exe
2010-01-27 23:31:03 ----A---- C:\WINDOWS\system32\2995.exe
2010-01-27 23:11:02 ----A---- C:\WINDOWS\system32\491.exe
2010-01-27 22:51:02 ----A---- C:\WINDOWS\system32\9961.exe
2010-01-27 22:31:02 ----A---- C:\WINDOWS\system32\16827.exe
2010-01-27 22:11:02 ----A---- C:\WINDOWS\system32\23281.exe
2010-01-27 21:51:02 ----A---- C:\WINDOWS\system32\28145.exe
2010-01-27 21:30:59 ----A---- C:\WINDOWS\system32\5705.exe
2010-01-27 21:10:59 ----A---- C:\WINDOWS\system32\24464.exe
2010-01-27 20:50:58 ----A---- C:\WINDOWS\system32\26962.exe
2010-01-27 20:30:58 ----A---- C:\WINDOWS\system32\29358.exe
2010-01-27 20:10:58 ----A---- C:\WINDOWS\system32\11478.exe
2010-01-27 19:50:58 ----A---- C:\WINDOWS\system32\15724.exe
2010-01-27 19:30:58 ----A---- C:\WINDOWS\system32\19169.exe
2010-01-27 19:10:58 ----A---- C:\WINDOWS\system32\26500.exe
2010-01-27 18:50:57 ----A---- C:\WINDOWS\system32\6334.exe
2010-01-27 18:30:57 ----A---- C:\WINDOWS\system32\18467.exe
2010-01-27 18:10:57 ----A---- C:\WINDOWS\system32\41.exe
2010-01-27 18:10:42 ----A---- C:\WINDOWS\system32\helper32.dll
2010-01-27 18:10:18 ----A---- C:\WINDOWS\system32\winlogon32.exe
2010-01-27 18:10:18 ----A---- C:\WINDOWS\system32\smss32.exe
2010-01-26 15:36:16 ----SHD---- C:\Config.Msi
2010-01-21 08:29:26 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2010-01-21 08:28:50 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-01-21 08:28:44 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2010-01-20 11:31:08 ----D---- C:\WINDOWS\Globalization
2010-01-20 11:30:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-01-13 03:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 03:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-01-28 11:43:43 ----D---- C:\WINDOWS\Temp
2010-01-28 11:43:38 ----D---- C:\WINDOWS\Prefetch
2010-01-28 11:43:21 ----RD---- C:\Program Files
2010-01-28 11:40:51 ----D---- C:\Temp
2010-01-28 11:40:04 ----D---- C:\Program Files\Mozilla Firefox
2010-01-28 11:28:36 ----D---- C:\Documents and Settings\Owner\Data aplikací\OpenOffice.org2
2010-01-28 11:28:23 ----D---- C:\WINDOWS\system32
2010-01-28 11:22:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-01-28 11:21:20 ----D---- C:\WINDOWS
2010-01-28 11:20:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-28 07:14:41 ----D---- C:\Program Files\LogMeIn
2010-01-26 15:37:50 ----SHD---- C:\WINDOWS\Installer
2010-01-26 15:37:15 ----D---- C:\Program Files\Common Files\Adobe
2010-01-26 15:37:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-01-26 15:36:45 ----D---- C:\Program Files\Adobe
2010-01-25 12:20:11 ----HD---- C:\WINDOWS\inf
2010-01-25 12:20:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-22 16:00:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 16:00:51 ----D---- C:\WINDOWS\system32\cs-cz
2010-01-22 16:00:50 ----D---- C:\Program Files\Internet Explorer
2010-01-22 12:27:21 ----A---- C:\WINDOWS\win.ini
2010-01-22 08:13:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-21 16:43:36 ----D---- C:\WINDOWS\WinSxS
2010-01-21 08:29:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-21 08:29:43 ----D---- C:\WINDOWS\system32\drivers
2010-01-21 08:29:38 ----A---- C:\WINDOWS\imsins.BAK
2010-01-21 08:29:15 ----D---- C:\Documents and Settings\Owner\Data aplikací\PC Suite
2010-01-21 08:29:08 ----D---- C:\Documents and Settings\Owner\Data aplikací\Nokia
2010-01-21 08:29:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-01-21 08:13:07 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-20 12:06:03 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-20 12:04:52 ----RSD---- C:\WINDOWS\assembly
2010-01-20 12:04:47 ----RSD---- C:\WINDOWS\Fonts
2010-01-20 12:04:47 ----D---- C:\Program Files\Nokia
2010-01-20 12:04:47 ----D---- C:\Program Files\Common Files\Nokia
2010-01-20 11:31:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-19 14:54:04 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-14 09:50:30 ----A---- C:\psfparse.txt
2010-01-13 03:21:58 ----D---- C:\WINDOWS\AppPatch
2010-01-05 15:27:26 ----D---- C:\GABINA.NET
2010-01-05 10:58:03 ----N---- C:\WINDOWS\system32\occache.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\wininet.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\url.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-01-05 10:58:02 ----N---- C:\WINDOWS\system32\mstime.dll
2010-01-05 10:58:02 ----N---- C:\WINDOWS\system32\msrating.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-01-05 10:58:01 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-01-05 10:58:01 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-01-05 10:58:00 ----N---- C:\WINDOWS\system32\jsproxy.dll
2010-01-05 10:58:00 ----N---- C:\WINDOWS\system32\iernonce.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-01-05 10:57:59 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2010-01-05 10:57:59 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\ieaksie.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\ieakeng.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\corpol.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\icardie.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\advpack.dll
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-04 11:02:44 ----D---- C:\Program Files\Epass
2010-01-04 10:57:24 ----D---- C:\Program Files\Java
2009-12-31 16:32:19 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-12-31 16:32:19 ----A---- C:\WINDOWS\system32\ieudinit.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-27 108552]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 cis1284;cis1284; \??\C:\WINDOWS\system32\drivers\cis1284.sys []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-21 462940]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-04-21 729088]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-04-21 397312]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-10-02 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-04-21 516096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-07 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Internet security 2010 - falešný spyware?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Internet security 2010 - falešný spyware?
Tady to je. Díky
OTL logfile created on: 28.1.2010 12:59:28 - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 175,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 36,42 Gb Free Space | 48,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive S: | 74,55 Gb Total Space | 36,42 Gb Free Space | 48,85% Space Free | Partition Type: NTFS
Computer Name: GABINA
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
PRC - [2010.01.28 11:29:21 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.27 18:10:47 | 01,285,632 | ---- | M] (Internet Security) -- C:\Program Files\InternetSecurity2010\IS2010.exe
PRC - [2010.01.27 18:10:16 | 00,033,792 | ---- | M] (EFaw) -- C:\WINDOWS\system32\smss32.exe
PRC - [2009.12.11 09:29:38 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.10.27 18:36:16 | 01,499,136 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.27 09:15:44 | 00,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.10.27 09:15:02 | 00,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.10.11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009.10.02 07:52:33 | 00,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009.07.31 08:51:19 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009.07.31 08:50:54 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009.07.31 08:50:46 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
PRC - [2008.07.24 18:46:10 | 00,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.11 16:51:14 | 02,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007.09.11 16:51:14 | 02,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.10.11 11:45:12 | 00,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.) -- C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe
PRC - [2004.11.28 16:00:00 | 00,057,344 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB3RPK.EXE
PRC - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2003.08.15 08:34:50 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
MOD - [2006.10.04 21:07:12 | 00,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008.12.09 17:40:16 | 00,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008.07.29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007.02.07 12:47:27 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006.10.09 22:11:08 | 00,724,992 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004.04.21 21:10:00 | 00,516,096 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2003.07.28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2009.10.06 11:52:50 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 11:52:34 | 00,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 11:52:34 | 00,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 11:52:34 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.10.02 07:52:34 | 00,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009.07.31 08:51:18 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.07.31 08:51:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.04.27 07:26:55 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.04.27 07:26:49 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.11.20 20:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008.08.26 09:26:12 | 00,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 18:46:12 | 00,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.07.24 18:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008.04.13 20:45:36 | 00,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2008.04.13 19:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.11.13 11:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.03.26 07:25:50 | 00,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvprt.sys -- (Axtmvprt)
DRV - [2007.03.26 07:25:30 | 00,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.03.22 09:36:38 | 00,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvflt.sys -- (Axtmvflt)
DRV - [2004.08.17 15:45:18 | 00,606,556 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004.04.21 22:11:06 | 00,729,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.08.21 09:31:52 | 00,462,940 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003.08.14 16:16:38 | 00,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.04.16 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2003.03.04 05:56:26 | 00,145,408 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2002.01.21 12:03:36 | 00,048,472 | ---- | M] (Canon Information Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cis1284.sys -- (cis1284)
DRV - [2001.08.17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "WebHledani"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010.01.11 16:14:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.15 08:18:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
[2009.05.06 07:50:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Extensions
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions
[2009.09.21 08:15:24 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.09.21 14:53:29 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\searchplugins\ask.xml
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.28 11:29:27 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.28 11:29:27 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.28 11:29:27 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.28 11:29:27 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.28 11:29:27 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2003.04.16 13:00:00 | 00,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MpsOnn] C:\WINDOWS\system32\spool\drivers\w32x86\3\MPSONN.EXE (CANON INC.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (EFaw)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunServices: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Epass - update.exe.lnk = Z:\update.exe File not found
O4 - Startup: C:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: servis24.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} http://tw.msi.com.tw/autobios/client/iftwclix.cab (InstallFromTheWeb ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (rundll32.exe) - File not found
O20 - HKLM Winlogon: Shell - (aqlb.hjo) - File not found
O20 - HKLM Winlogon: Shell - (lhoweid) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (EFaw)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.09 14:49:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{def1f9ac-7821-11de-b7db-000c7660f731}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.01.09 14:49:20 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (53765057741324288)
========== Files/Folders - Created Within 7 Days ==========
[2010.01.28 12:56:37 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 11:43:21 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.01.28 11:43:19 | 00,000,000 | ---D | C] -- C:\rsit
[2010.01.28 08:32:21 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010.01.28 07:11:00 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010.01.27 18:10:18 | 00,033,792 | ---- | C] (EFaw) -- C:\WINDOWS\System32\winlogon32.exe
[2010.01.27 18:10:18 | 00,033,792 | ---- | C] (EFaw) -- C:\WINDOWS\System32\smss32.exe
[2010.01.26 15:36:16 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010.01.21 08:29:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.09.21 14:59:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.09.09 07:13:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ICS
[2009.07.24 08:24:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ServiceTest
[2009.07.22 02:00:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2007.05.17 09:46:37 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2007.02.08 12:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Ahead
[2007.01.22 11:40:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 12:48:57 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010.01.28 12:29:32 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Word 2003.lnk
[2010.01.28 12:28:57 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010.01.28 12:25:37 | 54,749,051 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.01.28 12:08:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010.01.28 11:48:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010.01.28 11:28:34 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010.01.28 11:28:23 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010.01.28 11:27:26 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.28 11:21:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.28 11:21:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.28 11:20:43 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010.01.28 11:07:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010.01.28 10:47:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010.01.28 10:27:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010.01.28 10:07:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010.01.28 07:14:36 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010.01.28 07:11:12 | 00,000,756 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Internet Security 2010.lnk
[2010.01.28 07:11:10 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9894.exe
[2010.01.28 06:51:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17035.exe
[2010.01.28 06:31:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26299.exe
[2010.01.28 06:11:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\25667.exe
[2010.01.28 05:51:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19912.exe
[2010.01.28 05:31:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\1869.exe
[2010.01.28 05:11:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11538.exe
[2010.01.28 04:51:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14771.exe
[2010.01.28 04:31:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\21726.exe
[2010.01.28 04:11:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5447.exe
[2010.01.28 03:51:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19895.exe
[2010.01.28 03:31:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19718.exe
[2010.01.28 03:11:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18716.exe
[2010.01.28 02:51:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17421.exe
[2010.01.28 02:31:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\12382.exe
[2010.01.28 02:11:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\292.exe
[2010.01.28 01:51:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\153.exe
[2010.01.28 01:31:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\3902.exe
[2010.01.28 01:11:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14604.exe
[2010.01.28 00:51:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\32391.exe
[2010.01.28 00:31:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5436.exe
[2010.01.28 00:11:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\4827.exe
[2010.01.27 23:51:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11942.exe
[2010.01.27 23:31:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\2995.exe
[2010.01.27 23:11:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\491.exe
[2010.01.27 22:51:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9961.exe
[2010.01.27 22:31:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\16827.exe
[2010.01.27 22:11:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\23281.exe
[2010.01.27 21:51:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010.01.27 21:30:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010.01.27 21:10:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010.01.27 18:10:43 | 00,025,600 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010.01.27 18:10:16 | 00,033,792 | ---- | M] (EFaw) -- C:\WINDOWS\System32\winlogon32.exe
[2010.01.27 18:10:16 | 00,033,792 | ---- | M] (EFaw) -- C:\WINDOWS\System32\smss32.exe
[2010.01.27 14:53:08 | 00,000,558 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2010.01.27 10:55:39 | 00,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\cedulky na materiál.doc
[2010.01.27 08:40:48 | 00,006,919 | ---- | M] () -- C:\Documents and Settings\Owner\intlname.ols
[2010.01.27 08:13:44 | 00,002,529 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Outlook 2003.lnk
[2010.01.26 15:37:20 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:26 | 02,157,638 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.22 12:27:21 | 00,000,753 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.22 11:19:06 | 00,001,601 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\EPASS.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.01.28 07:11:11 | 00,000,756 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\Internet Security 2010.lnk
[2010.01.28 07:11:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe
[2010.01.28 06:51:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe
[2010.01.28 06:31:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe
[2010.01.28 06:11:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe
[2010.01.28 05:51:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe
[2010.01.28 05:31:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe
[2010.01.28 05:11:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe
[2010.01.28 04:51:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe
[2010.01.28 04:31:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe
[2010.01.28 04:11:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe
[2010.01.28 03:51:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2010.01.28 03:31:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2010.01.28 03:11:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2010.01.28 02:51:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2010.01.28 02:31:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2010.01.28 02:11:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2010.01.28 01:51:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2010.01.28 01:31:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2010.01.28 01:11:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2010.01.28 00:51:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2010.01.28 00:31:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2010.01.28 00:11:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010.01.27 23:51:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010.01.27 23:31:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010.01.27 23:11:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010.01.27 22:51:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010.01.27 22:31:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010.01.27 22:11:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010.01.27 21:51:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010.01.27 21:30:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010.01.27 21:10:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010.01.27 20:50:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010.01.27 20:30:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010.01.27 20:10:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010.01.27 19:50:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010.01.27 19:30:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010.01.27 19:10:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010.01.27 18:50:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010.01.27 18:30:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010.01.27 18:10:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010.01.27 18:10:42 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010.01.27 18:10:21 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010.01.26 15:37:20 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:25 | 02,157,638 | ---- | C] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.20 16:09:38 | 00,445,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.07.24 08:23:59 | 00,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009.05.04 07:17:49 | 00,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.10.17 13:43:24 | 00,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008.10.16 15:36:14 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008.10.16 15:35:54 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008.10.16 15:34:49 | 00,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008.09.17 07:58:20 | 00,005,368 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\froggy_scorebox
[2008.09.17 07:58:20 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\pl_accounts.pl_acc
[2008.09.17 07:58:20 | 00,000,556 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Troll.options
[2007.10.16 06:46:13 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.09.25 11:06:43 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SW_Win2000X32.DLL
[2007.09.24 09:25:48 | 00,003,132 | ---- | C] () -- C:\WINDOWS\CX_SearchHistory.INI
[2007.09.24 09:25:27 | 00,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2007.09.24 09:25:26 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2007.09.24 09:25:26 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2007.08.06 12:07:30 | 00,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007.05.10 07:46:30 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.03.01 12:40:25 | 00,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2007.02.08 12:33:30 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.31 15:51:15 | 00,000,028 | ---- | C] () -- C:\Program Files\32cardswcc.ini
[2007.01.31 15:49:17 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.10 09:10:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA2.INI
[2007.01.09 17:02:29 | 00,000,518 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.09 16:10:16 | 00,000,208 | ---- | C] () -- C:\WINDOWS\MPASS.INI
[2007.01.09 15:34:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007.01.09 15:32:19 | 00,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007.01.09 14:01:25 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003.04.09 15:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.02.14 08:49:38 | 00,082,944 | ---- | C] () -- C:\WINDOWS\System32\qrpdflib.dll
========== LOP Check ==========
[2009.06.11 12:44:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2009.12.15 08:15:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.12.15 08:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.01.19 13:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.01.20 11:30:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.10.16 15:34:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.09.21 08:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TonkyPonky
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2009.11.05 09:04:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Alpen 3D Online
[2007.04.20 12:05:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Autodesk
[2009.04.27 12:13:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\AVGTOOLBAR
[2008.10.16 15:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2008.04.28 11:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Cestak
[2007.02.14 09:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\DataLayer
[2009.07.27 07:31:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Memeo
[2009.08.19 11:35:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\NewSoft
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2007.02.14 09:13:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia Multimedia Player
[2010.01.21 08:29:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2008.10.16 15:34:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ScanSoft
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 00,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 01,695,232 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.)
"DataboxFFServer" = C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe -- [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia)
"Internet Security 2010" = C:\Program Files\InternetSecurity2010\IS2010.exe -- [2010.01.27 18:10:47 | 01,285,632 | ---- | M] (Internet Security)
< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 01,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 00,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 00,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 00,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 00,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 00,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 00,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 00,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< End of report >
OTL logfile created on: 28.1.2010 12:59:28 - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 175,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 36,42 Gb Free Space | 48,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive S: | 74,55 Gb Total Space | 36,42 Gb Free Space | 48,85% Space Free | Partition Type: NTFS
Computer Name: GABINA
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
PRC - [2010.01.28 11:29:21 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.27 18:10:47 | 01,285,632 | ---- | M] (Internet Security) -- C:\Program Files\InternetSecurity2010\IS2010.exe
PRC - [2010.01.27 18:10:16 | 00,033,792 | ---- | M] (EFaw) -- C:\WINDOWS\system32\smss32.exe
PRC - [2009.12.11 09:29:38 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.10.27 18:36:16 | 01,499,136 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.27 09:15:44 | 00,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.10.27 09:15:02 | 00,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.10.11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009.10.02 07:52:33 | 00,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009.07.31 08:51:19 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009.07.31 08:50:54 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009.07.31 08:50:46 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
PRC - [2008.07.24 18:46:10 | 00,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.11 16:51:14 | 02,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007.09.11 16:51:14 | 02,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.10.11 11:45:12 | 00,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.) -- C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe
PRC - [2004.11.28 16:00:00 | 00,057,344 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB3RPK.EXE
PRC - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2003.08.15 08:34:50 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
MOD - [2006.10.04 21:07:12 | 00,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008.12.09 17:40:16 | 00,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008.07.29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007.02.07 12:47:27 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006.10.09 22:11:08 | 00,724,992 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004.04.21 21:10:00 | 00,516,096 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2003.07.28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2009.10.06 11:52:50 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 11:52:34 | 00,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 11:52:34 | 00,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 11:52:34 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.10.02 07:52:34 | 00,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009.07.31 08:51:18 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.07.31 08:51:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.04.27 07:26:55 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.04.27 07:26:49 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.11.20 20:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008.08.26 09:26:12 | 00,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 18:46:12 | 00,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.07.24 18:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008.04.13 20:45:36 | 00,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2008.04.13 19:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.11.13 11:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.03.26 07:25:50 | 00,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvprt.sys -- (Axtmvprt)
DRV - [2007.03.26 07:25:30 | 00,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.03.22 09:36:38 | 00,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvflt.sys -- (Axtmvflt)
DRV - [2004.08.17 15:45:18 | 00,606,556 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004.04.21 22:11:06 | 00,729,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.08.21 09:31:52 | 00,462,940 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003.08.14 16:16:38 | 00,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.04.16 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2003.03.04 05:56:26 | 00,145,408 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2002.01.21 12:03:36 | 00,048,472 | ---- | M] (Canon Information Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cis1284.sys -- (cis1284)
DRV - [2001.08.17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "WebHledani"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010.01.11 16:14:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.15 08:18:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
[2009.05.06 07:50:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Extensions
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions
[2009.09.21 08:15:24 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.09.21 14:53:29 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\searchplugins\ask.xml
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.28 11:29:27 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.28 11:29:27 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.28 11:29:27 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.28 11:29:27 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.28 11:29:27 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2003.04.16 13:00:00 | 00,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MpsOnn] C:\WINDOWS\system32\spool\drivers\w32x86\3\MPSONN.EXE (CANON INC.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe (EFaw)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (Internet Security)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunServices: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Epass - update.exe.lnk = Z:\update.exe File not found
O4 - Startup: C:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\helper32.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\helper32.dll ()
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: servis24.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} http://tw.msi.com.tw/autobios/client/iftwclix.cab (InstallFromTheWeb ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (rundll32.exe) - File not found
O20 - HKLM Winlogon: Shell - (aqlb.hjo) - File not found
O20 - HKLM Winlogon: Shell - (lhoweid) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\winlogon32.exe) - C:\WINDOWS\system32\winlogon32.exe (EFaw)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.09 14:49:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{def1f9ac-7821-11de-b7db-000c7660f731}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.01.09 14:49:20 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (53765057741324288)
========== Files/Folders - Created Within 7 Days ==========
[2010.01.28 12:56:37 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 11:43:21 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.01.28 11:43:19 | 00,000,000 | ---D | C] -- C:\rsit
[2010.01.28 08:32:21 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010.01.28 07:11:00 | 00,000,000 | ---D | C] -- C:\Program Files\InternetSecurity2010
[2010.01.27 18:10:18 | 00,033,792 | ---- | C] (EFaw) -- C:\WINDOWS\System32\winlogon32.exe
[2010.01.27 18:10:18 | 00,033,792 | ---- | C] (EFaw) -- C:\WINDOWS\System32\smss32.exe
[2010.01.26 15:36:16 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010.01.21 08:29:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.09.21 14:59:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.09.09 07:13:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ICS
[2009.07.24 08:24:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ServiceTest
[2009.07.22 02:00:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2007.05.17 09:46:37 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2007.02.08 12:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Ahead
[2007.01.22 11:40:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 12:48:57 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2010.01.28 12:29:32 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Word 2003.lnk
[2010.01.28 12:28:57 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2010.01.28 12:25:37 | 54,749,051 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.01.28 12:08:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2010.01.28 11:48:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2010.01.28 11:28:34 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2010.01.28 11:28:23 | 00,002,931 | ---- | M] () -- C:\WINDOWS\System32\warning.html
[2010.01.28 11:27:26 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.28 11:21:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.28 11:21:31 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.28 11:20:43 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010.01.28 11:07:54 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2010.01.28 10:47:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2010.01.28 10:27:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2010.01.28 10:07:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2010.01.28 07:14:36 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010.01.28 07:11:12 | 00,000,756 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Internet Security 2010.lnk
[2010.01.28 07:11:10 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9894.exe
[2010.01.28 06:51:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17035.exe
[2010.01.28 06:31:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26299.exe
[2010.01.28 06:11:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\25667.exe
[2010.01.28 05:51:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19912.exe
[2010.01.28 05:31:07 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\1869.exe
[2010.01.28 05:11:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11538.exe
[2010.01.28 04:51:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14771.exe
[2010.01.28 04:31:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\21726.exe
[2010.01.28 04:11:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5447.exe
[2010.01.28 03:51:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19895.exe
[2010.01.28 03:31:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19718.exe
[2010.01.28 03:11:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18716.exe
[2010.01.28 02:51:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\17421.exe
[2010.01.28 02:31:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\12382.exe
[2010.01.28 02:11:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\292.exe
[2010.01.28 01:51:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\153.exe
[2010.01.28 01:31:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\3902.exe
[2010.01.28 01:11:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\14604.exe
[2010.01.28 00:51:05 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\32391.exe
[2010.01.28 00:31:04 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5436.exe
[2010.01.28 00:11:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\4827.exe
[2010.01.27 23:51:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11942.exe
[2010.01.27 23:31:03 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\2995.exe
[2010.01.27 23:11:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\491.exe
[2010.01.27 22:51:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\9961.exe
[2010.01.27 22:31:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\16827.exe
[2010.01.27 22:11:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\23281.exe
[2010.01.27 21:51:02 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\28145.exe
[2010.01.27 21:30:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\5705.exe
[2010.01.27 21:10:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2010.01.27 18:10:43 | 00,025,600 | ---- | M] () -- C:\WINDOWS\System32\helper32.dll
[2010.01.27 18:10:16 | 00,033,792 | ---- | M] (EFaw) -- C:\WINDOWS\System32\winlogon32.exe
[2010.01.27 18:10:16 | 00,033,792 | ---- | M] (EFaw) -- C:\WINDOWS\System32\smss32.exe
[2010.01.27 14:53:08 | 00,000,558 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2010.01.27 10:55:39 | 00,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\cedulky na materiál.doc
[2010.01.27 08:40:48 | 00,006,919 | ---- | M] () -- C:\Documents and Settings\Owner\intlname.ols
[2010.01.27 08:13:44 | 00,002,529 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Outlook 2003.lnk
[2010.01.26 15:37:20 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:26 | 02,157,638 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.22 12:27:21 | 00,000,753 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.22 11:19:06 | 00,001,601 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\EPASS.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.01.28 07:11:11 | 00,000,756 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\Internet Security 2010.lnk
[2010.01.28 07:11:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9894.exe
[2010.01.28 06:51:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17035.exe
[2010.01.28 06:31:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26299.exe
[2010.01.28 06:11:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\25667.exe
[2010.01.28 05:51:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19912.exe
[2010.01.28 05:31:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\1869.exe
[2010.01.28 05:11:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11538.exe
[2010.01.28 04:51:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14771.exe
[2010.01.28 04:31:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\21726.exe
[2010.01.28 04:11:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5447.exe
[2010.01.28 03:51:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19895.exe
[2010.01.28 03:31:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19718.exe
[2010.01.28 03:11:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18716.exe
[2010.01.28 02:51:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\17421.exe
[2010.01.28 02:31:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\12382.exe
[2010.01.28 02:11:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\292.exe
[2010.01.28 01:51:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\153.exe
[2010.01.28 01:31:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\3902.exe
[2010.01.28 01:11:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\14604.exe
[2010.01.28 00:51:05 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\32391.exe
[2010.01.28 00:31:04 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5436.exe
[2010.01.28 00:11:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\4827.exe
[2010.01.27 23:51:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11942.exe
[2010.01.27 23:31:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\2995.exe
[2010.01.27 23:11:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\491.exe
[2010.01.27 22:51:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\9961.exe
[2010.01.27 22:31:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\16827.exe
[2010.01.27 22:11:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\23281.exe
[2010.01.27 21:51:02 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\28145.exe
[2010.01.27 21:30:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\5705.exe
[2010.01.27 21:10:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2010.01.27 20:50:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2010.01.27 20:30:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2010.01.27 20:10:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2010.01.27 19:50:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2010.01.27 19:30:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2010.01.27 19:10:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2010.01.27 18:50:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2010.01.27 18:30:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2010.01.27 18:10:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2010.01.27 18:10:42 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\helper32.dll
[2010.01.27 18:10:21 | 00,002,931 | ---- | C] () -- C:\WINDOWS\System32\warning.html
[2010.01.26 15:37:20 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:25 | 02,157,638 | ---- | C] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.20 16:09:38 | 00,445,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.07.24 08:23:59 | 00,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009.05.04 07:17:49 | 00,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.10.17 13:43:24 | 00,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008.10.16 15:36:14 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008.10.16 15:35:54 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008.10.16 15:34:49 | 00,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008.09.17 07:58:20 | 00,005,368 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\froggy_scorebox
[2008.09.17 07:58:20 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\pl_accounts.pl_acc
[2008.09.17 07:58:20 | 00,000,556 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Troll.options
[2007.10.16 06:46:13 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.09.25 11:06:43 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SW_Win2000X32.DLL
[2007.09.24 09:25:48 | 00,003,132 | ---- | C] () -- C:\WINDOWS\CX_SearchHistory.INI
[2007.09.24 09:25:27 | 00,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2007.09.24 09:25:26 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2007.09.24 09:25:26 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2007.08.06 12:07:30 | 00,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007.05.10 07:46:30 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.03.01 12:40:25 | 00,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2007.02.08 12:33:30 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.31 15:51:15 | 00,000,028 | ---- | C] () -- C:\Program Files\32cardswcc.ini
[2007.01.31 15:49:17 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.10 09:10:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA2.INI
[2007.01.09 17:02:29 | 00,000,518 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.09 16:10:16 | 00,000,208 | ---- | C] () -- C:\WINDOWS\MPASS.INI
[2007.01.09 15:34:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007.01.09 15:32:19 | 00,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007.01.09 14:01:25 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003.04.09 15:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.02.14 08:49:38 | 00,082,944 | ---- | C] () -- C:\WINDOWS\System32\qrpdflib.dll
========== LOP Check ==========
[2009.06.11 12:44:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2009.12.15 08:15:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.12.15 08:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.01.19 13:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.01.20 11:30:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.10.16 15:34:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.09.21 08:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TonkyPonky
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2009.11.05 09:04:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Alpen 3D Online
[2007.04.20 12:05:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Autodesk
[2009.04.27 12:13:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\AVGTOOLBAR
[2008.10.16 15:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2008.04.28 11:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Cestak
[2007.02.14 09:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\DataLayer
[2009.07.27 07:31:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Memeo
[2009.08.19 11:35:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\NewSoft
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2007.02.14 09:13:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia Multimedia Player
[2010.01.21 08:29:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2008.10.16 15:34:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ScanSoft
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 00,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 01,695,232 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.)
"DataboxFFServer" = C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe -- [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia)
"Internet Security 2010" = C:\Program Files\InternetSecurity2010\IS2010.exe -- [2010.01.27 18:10:47 | 01,285,632 | ---- | M] (Internet Security)
< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 01,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 00,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 00,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 00,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 00,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 00,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 00,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 00,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< End of report >
- Přílohy
-
- Extras.zip
- (6.25 KiB) Staženo 91 x
Re: Internet security 2010 - falešný spyware?
Na tom stroji se přes vyskakovací upozornění o nákaze nedá pracovat. Některé programy nejdou vůbec spustit (notepad, rar.....). Včera OK, dnes KO - je možné, že se to nakazilo dnes potvrzením nějakého okna (prý NĚCO odklepávala, ale netuší co) nebo to je už dlouhodobější. Myslel jsem si, že by to mělo AVG zachytit - když mají těch 100 000 000 celosvětových instalací 
))
Jinak moc dík za pomoc - rád bych to taky uměl!
))Jinak moc dík za pomoc - rád bych to taky uměl!
Re: Internet security 2010 - falešný spyware?
OTL sám restartoval PC, žádný texťák se neotevřel. Posílám tedy obsah log souboru. RSIT pošlu za chvilku.
Re: Internet security 2010 - falešný spyware?
Jsem nějak nevložil obsah toho logu - chceš ho vůbec?
Přikládám log RSIT.
PC se zdá být funkční - otvírá programy, které nešly, ten Internet security už taky nevyskakuje.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2010-01-28 18:43:31
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 42 GB (56%) free of 76 GB
Total RAM: 767 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:43:35, on 28.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\CNAB3RPK.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Temp\anti-vir\RSIT.exe
C:\Program Files\trend micro\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://tw.msi.com.tw/autobios/VerChk/XS ... n=LMonitor
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MpsOnn] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunServices: [DataboxFFServer] C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DataboxFFServer] C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Epass - update.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NBService - Nero AG - C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8954 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Norton Security Scan for Owner.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-29 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-15 57344]
"MpsOnn"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe [2001-11-19 22528]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-11 2043160]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-04 68856]
"DataboxFFServer"=C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe [2005-08-31 303616]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Epass - update.exe.lnk - Z:\update.exe
C:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-04-21 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-10-02 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ntprvwms.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=
"NoActiveDesktop"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\CNAB3RPK.EXE"="C:\WINDOWS\system32\CNAB3RPK.EXE:*:Enabled:Canon LBP3000 RPC Server Process"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Nero\Nero Sipps\Phone.exe"="C:\Program Files\Nero\Nero Sipps\Phone.exe:*:Enabled:Phone"
"C:\Program Files\Databox\Contact 4.0\FindServ.exe"="C:\Program Files\Databox\Contact 4.0\FindServ.exe:*:Enabled:FindServ"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{def1f9ac-7821-11de-b7db-000c7660f731}]
shell\AutoRun\command - E:\setup.exe
======List of files/folders created in the last 1 months======
2010-01-28 15:10:21 ----D---- C:\_OTL
2010-01-28 15:03:35 ----D---- C:\Program Files\ERUNT
2010-01-28 11:43:21 ----D---- C:\Program Files\trend micro
2010-01-28 11:43:19 ----D---- C:\rsit
2010-01-28 08:32:21 ----HD---- C:\$AVG8.VAULT$
2010-01-26 15:36:16 ----SHD---- C:\Config.Msi
2010-01-21 08:29:26 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2010-01-21 08:28:50 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-01-21 08:28:44 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2010-01-20 11:31:08 ----D---- C:\WINDOWS\Globalization
2010-01-20 11:30:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-01-13 03:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 03:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-01-28 18:43:36 ----D---- C:\WINDOWS\Prefetch
2010-01-28 18:42:15 ----D---- C:\WINDOWS\Temp
2010-01-28 15:38:47 ----D---- C:\Documents and Settings\Owner\Data aplikací\OpenOffice.org2
2010-01-28 15:34:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-28 15:26:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-28 15:11:46 ----D---- C:\WINDOWS\system32
2010-01-28 15:11:46 ----D---- C:\WINDOWS
2010-01-28 15:10:39 ----RD---- C:\Program Files
2010-01-28 15:10:36 ----D---- C:\Program Files\Google
2010-01-28 15:10:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-28 15:05:59 ----D---- C:\Temp
2010-01-28 15:02:56 ----D---- C:\Program Files\Mozilla Firefox
2010-01-28 14:56:28 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-28 14:54:40 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-28 11:22:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-01-28 07:14:41 ----D---- C:\Program Files\LogMeIn
2010-01-26 15:37:50 ----SHD---- C:\WINDOWS\Installer
2010-01-26 15:37:15 ----D---- C:\Program Files\Common Files\Adobe
2010-01-26 15:37:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-01-26 15:36:45 ----D---- C:\Program Files\Adobe
2010-01-25 12:20:11 ----HD---- C:\WINDOWS\inf
2010-01-22 16:00:51 ----D---- C:\WINDOWS\system32\cs-cz
2010-01-22 16:00:50 ----D---- C:\Program Files\Internet Explorer
2010-01-22 12:27:21 ----A---- C:\WINDOWS\win.ini
2010-01-22 08:13:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-21 16:43:36 ----D---- C:\WINDOWS\WinSxS
2010-01-21 08:29:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-21 08:29:43 ----D---- C:\WINDOWS\system32\drivers
2010-01-21 08:29:38 ----A---- C:\WINDOWS\imsins.BAK
2010-01-21 08:29:15 ----D---- C:\Documents and Settings\Owner\Data aplikací\PC Suite
2010-01-21 08:29:08 ----D---- C:\Documents and Settings\Owner\Data aplikací\Nokia
2010-01-21 08:29:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-01-21 08:13:07 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-20 12:06:03 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-20 12:04:52 ----RSD---- C:\WINDOWS\assembly
2010-01-20 12:04:47 ----RSD---- C:\WINDOWS\Fonts
2010-01-20 12:04:47 ----D---- C:\Program Files\Nokia
2010-01-20 12:04:47 ----D---- C:\Program Files\Common Files\Nokia
2010-01-14 09:50:30 ----A---- C:\psfparse.txt
2010-01-13 03:21:58 ----D---- C:\WINDOWS\AppPatch
2010-01-05 15:27:26 ----D---- C:\GABINA.NET
2010-01-05 10:58:03 ----N---- C:\WINDOWS\system32\occache.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\wininet.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\url.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-01-05 10:58:02 ----N---- C:\WINDOWS\system32\mstime.dll
2010-01-05 10:58:02 ----N---- C:\WINDOWS\system32\msrating.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-01-05 10:58:01 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-01-05 10:58:01 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-01-05 10:58:00 ----N---- C:\WINDOWS\system32\jsproxy.dll
2010-01-05 10:58:00 ----N---- C:\WINDOWS\system32\iernonce.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-01-05 10:57:59 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2010-01-05 10:57:59 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\ieaksie.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\ieakeng.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\corpol.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\icardie.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\advpack.dll
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-04 11:02:44 ----D---- C:\Program Files\Epass
2010-01-04 10:57:24 ----D---- C:\Program Files\Java
2009-12-31 16:32:19 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-12-31 16:32:19 ----A---- C:\WINDOWS\system32\ieudinit.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-27 108552]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 cis1284;cis1284; \??\C:\WINDOWS\system32\drivers\cis1284.sys []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-21 462940]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-04-21 729088]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-04-21 397312]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-10-02 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-04-21 516096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-07 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Přikládám log RSIT.
PC se zdá být funkční - otvírá programy, které nešly, ten Internet security už taky nevyskakuje.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2010-01-28 18:43:31
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 42 GB (56%) free of 76 GB
Total RAM: 767 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:43:35, on 28.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\CNAB3RPK.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Temp\anti-vir\RSIT.exe
C:\Program Files\trend micro\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://tw.msi.com.tw/autobios/VerChk/XS ... n=LMonitor
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MpsOnn] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunServices: [DataboxFFServer] C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DataboxFFServer] C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Epass - update.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NBService - Nero AG - C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8954 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Norton Security Scan for Owner.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-29 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-15 57344]
"MpsOnn"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe [2001-11-19 22528]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-11 2043160]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-04 68856]
"DataboxFFServer"=C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe [2005-08-31 303616]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Epass - update.exe.lnk - Z:\update.exe
C:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-04-21 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-10-02 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ntprvwms.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=
"NoActiveDesktop"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\CNAB3RPK.EXE"="C:\WINDOWS\system32\CNAB3RPK.EXE:*:Enabled:Canon LBP3000 RPC Server Process"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Nero\Nero Sipps\Phone.exe"="C:\Program Files\Nero\Nero Sipps\Phone.exe:*:Enabled:Phone"
"C:\Program Files\Databox\Contact 4.0\FindServ.exe"="C:\Program Files\Databox\Contact 4.0\FindServ.exe:*:Enabled:FindServ"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{def1f9ac-7821-11de-b7db-000c7660f731}]
shell\AutoRun\command - E:\setup.exe
======List of files/folders created in the last 1 months======
2010-01-28 15:10:21 ----D---- C:\_OTL
2010-01-28 15:03:35 ----D---- C:\Program Files\ERUNT
2010-01-28 11:43:21 ----D---- C:\Program Files\trend micro
2010-01-28 11:43:19 ----D---- C:\rsit
2010-01-28 08:32:21 ----HD---- C:\$AVG8.VAULT$
2010-01-26 15:36:16 ----SHD---- C:\Config.Msi
2010-01-21 08:29:26 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2010-01-21 08:28:50 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-01-21 08:28:44 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2010-01-20 11:31:08 ----D---- C:\WINDOWS\Globalization
2010-01-20 11:30:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-01-13 03:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 03:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-04 10:57:26 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-01-28 18:43:36 ----D---- C:\WINDOWS\Prefetch
2010-01-28 18:42:15 ----D---- C:\WINDOWS\Temp
2010-01-28 15:38:47 ----D---- C:\Documents and Settings\Owner\Data aplikací\OpenOffice.org2
2010-01-28 15:34:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-28 15:26:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-28 15:11:46 ----D---- C:\WINDOWS\system32
2010-01-28 15:11:46 ----D---- C:\WINDOWS
2010-01-28 15:10:39 ----RD---- C:\Program Files
2010-01-28 15:10:36 ----D---- C:\Program Files\Google
2010-01-28 15:10:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-28 15:05:59 ----D---- C:\Temp
2010-01-28 15:02:56 ----D---- C:\Program Files\Mozilla Firefox
2010-01-28 14:56:28 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-28 14:54:40 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-28 11:22:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-01-28 07:14:41 ----D---- C:\Program Files\LogMeIn
2010-01-26 15:37:50 ----SHD---- C:\WINDOWS\Installer
2010-01-26 15:37:15 ----D---- C:\Program Files\Common Files\Adobe
2010-01-26 15:37:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-01-26 15:36:45 ----D---- C:\Program Files\Adobe
2010-01-25 12:20:11 ----HD---- C:\WINDOWS\inf
2010-01-22 16:00:51 ----D---- C:\WINDOWS\system32\cs-cz
2010-01-22 16:00:50 ----D---- C:\Program Files\Internet Explorer
2010-01-22 12:27:21 ----A---- C:\WINDOWS\win.ini
2010-01-22 08:13:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-21 16:43:36 ----D---- C:\WINDOWS\WinSxS
2010-01-21 08:29:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-21 08:29:43 ----D---- C:\WINDOWS\system32\drivers
2010-01-21 08:29:38 ----A---- C:\WINDOWS\imsins.BAK
2010-01-21 08:29:15 ----D---- C:\Documents and Settings\Owner\Data aplikací\PC Suite
2010-01-21 08:29:08 ----D---- C:\Documents and Settings\Owner\Data aplikací\Nokia
2010-01-21 08:29:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-01-21 08:13:07 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-20 12:06:03 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-20 12:04:52 ----RSD---- C:\WINDOWS\assembly
2010-01-20 12:04:47 ----RSD---- C:\WINDOWS\Fonts
2010-01-20 12:04:47 ----D---- C:\Program Files\Nokia
2010-01-20 12:04:47 ----D---- C:\Program Files\Common Files\Nokia
2010-01-14 09:50:30 ----A---- C:\psfparse.txt
2010-01-13 03:21:58 ----D---- C:\WINDOWS\AppPatch
2010-01-05 15:27:26 ----D---- C:\GABINA.NET
2010-01-05 10:58:03 ----N---- C:\WINDOWS\system32\occache.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\wininet.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\url.dll
2010-01-05 10:58:03 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-01-05 10:58:02 ----N---- C:\WINDOWS\system32\mstime.dll
2010-01-05 10:58:02 ----N---- C:\WINDOWS\system32\msrating.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-01-05 10:58:01 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-01-05 10:58:01 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-01-05 10:58:00 ----N---- C:\WINDOWS\system32\jsproxy.dll
2010-01-05 10:58:00 ----N---- C:\WINDOWS\system32\iernonce.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-01-05 10:57:59 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2010-01-05 10:57:59 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\ieaksie.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\ieakeng.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\corpol.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\icardie.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\advpack.dll
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-04 11:02:44 ----D---- C:\Program Files\Epass
2010-01-04 10:57:24 ----D---- C:\Program Files\Java
2009-12-31 16:32:19 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-12-31 16:32:19 ----A---- C:\WINDOWS\system32\ieudinit.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-27 108552]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 cis1284;cis1284; \??\C:\WINDOWS\system32\drivers\cis1284.sys []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-21 462940]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-04-21 729088]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-04-21 397312]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-10-02 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-04-21 516096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-07 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Internet security 2010 - falešný spyware?
Tady je
All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
No active process named IS2010.exe was found!
No active process named smss32.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
c:\Program Files\Google\GoogleToolbar3.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File c:\Program Files\Google\GoogleToolbar3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File c:\Program Files\Google\GoogleToolbar3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe deleted successfully.
C:\WINDOWS\system32\smss32.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Security 2010 deleted successfully.
C:\Program Files\InternetSecurity2010\IS2010.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:rundll32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:aqlb.hjo deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:lhoweid deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\winlogon32.exe deleted successfully.
C:\WINDOWS\system32\winlogon32.exe moved successfully.
C:\Program Files\InternetSecurity2010 folder moved successfully.
File C:\WINDOWS\System32\winlogon32.exe not found.
File C:\WINDOWS\System32\smss32.exe not found.
C:\WINDOWS\system32\19169.exe moved successfully.
C:\WINDOWS\system32\26500.exe moved successfully.
C:\WINDOWS\system32\6334.exe moved successfully.
C:\WINDOWS\system32\18467.exe moved successfully.
C:\WINDOWS\system32\41.exe moved successfully.
C:\WINDOWS\system32\warning.html moved successfully.
C:\WINDOWS\system32\26962.exe moved successfully.
C:\WINDOWS\system32\29358.exe moved successfully.
C:\WINDOWS\system32\11478.exe moved successfully.
C:\WINDOWS\system32\15724.exe moved successfully.
C:\Documents and Settings\Owner\Plocha\Internet Security 2010.lnk moved successfully.
C:\WINDOWS\system32\9894.exe moved successfully.
C:\WINDOWS\system32\17035.exe moved successfully.
C:\WINDOWS\system32\26299.exe moved successfully.
C:\WINDOWS\system32\25667.exe moved successfully.
C:\WINDOWS\system32\19912.exe moved successfully.
C:\WINDOWS\system32\1869.exe moved successfully.
C:\WINDOWS\system32\11538.exe moved successfully.
C:\WINDOWS\system32\14771.exe moved successfully.
C:\WINDOWS\system32\21726.exe moved successfully.
C:\WINDOWS\system32\5447.exe moved successfully.
C:\WINDOWS\system32\19895.exe moved successfully.
C:\WINDOWS\system32\19718.exe moved successfully.
C:\WINDOWS\system32\18716.exe moved successfully.
C:\WINDOWS\system32\17421.exe moved successfully.
C:\WINDOWS\system32\12382.exe moved successfully.
C:\WINDOWS\system32\292.exe moved successfully.
C:\WINDOWS\system32\153.exe moved successfully.
C:\WINDOWS\system32\3902.exe moved successfully.
C:\WINDOWS\system32\14604.exe moved successfully.
C:\WINDOWS\system32\32391.exe moved successfully.
C:\WINDOWS\system32\5436.exe moved successfully.
C:\WINDOWS\system32\4827.exe moved successfully.
C:\WINDOWS\system32\11942.exe moved successfully.
C:\WINDOWS\system32\2995.exe moved successfully.
C:\WINDOWS\system32\491.exe moved successfully.
C:\WINDOWS\system32\9961.exe moved successfully.
C:\WINDOWS\system32\16827.exe moved successfully.
C:\WINDOWS\system32\23281.exe moved successfully.
File C:\WINDOWS\System32\28145.exe not found.
File C:\WINDOWS\System32\5705.exe not found.
File C:\WINDOWS\System32\24464.exe not found.
C:\WINDOWS\system32\helper32.dll moved successfully.
File C:\WINDOWS\System32\winlogon32.exe not found.
File C:\WINDOWS\System32\smss32.exe not found.
========== FILES ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
File C:\WINDOWS\System32\helper32.dll not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\ deleted successfully.
File C:\WINDOWS\System32\helper32.dll not found.
File\Folder C:\Program Files\InternetSecurity2010 not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Security 2010 not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temporary Internet Files folder emptied: 205106 bytes
User: Administrator.GABINA
->Temporary Internet Files folder emptied: 205106 bytes
User: Administrator.GABINA.000
->Temp folder emptied: 12881 bytes
->Temporary Internet Files folder emptied: 205106 bytes
User: Administrator.GABINA.001
->Temp folder emptied: 32273 bytes
->Temporary Internet Files folder emptied: 215887 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 16721687 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Owner
->Temp folder emptied: 852087624 bytes
->Temporary Internet Files folder emptied: 71756817 bytes
->Java cache emptied: 37178655 bytes
->FireFox cache emptied: 88811389 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1139202 bytes
%systemroot%\System32 .tmp files removed: 2675656 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 46350641 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23940586 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4289725497 bytes
Total Files Cleaned = 5 180,00 mb
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.
OTL by OldTimer - Version 3.1.27.0 log created on 01282010_151021
All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
No active process named IS2010.exe was found!
No active process named smss32.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
C:\Program Files\AskBarDis\bar\bin\askBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
c:\Program Files\Google\GoogleToolbar3.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File c:\Program Files\Google\GoogleToolbar3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File c:\Program Files\Google\GoogleToolbar3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe deleted successfully.
C:\WINDOWS\system32\smss32.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Security 2010 deleted successfully.
C:\Program Files\InternetSecurity2010\IS2010.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:rundll32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:aqlb.hjo deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:lhoweid deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\winlogon32.exe deleted successfully.
C:\WINDOWS\system32\winlogon32.exe moved successfully.
C:\Program Files\InternetSecurity2010 folder moved successfully.
File C:\WINDOWS\System32\winlogon32.exe not found.
File C:\WINDOWS\System32\smss32.exe not found.
C:\WINDOWS\system32\19169.exe moved successfully.
C:\WINDOWS\system32\26500.exe moved successfully.
C:\WINDOWS\system32\6334.exe moved successfully.
C:\WINDOWS\system32\18467.exe moved successfully.
C:\WINDOWS\system32\41.exe moved successfully.
C:\WINDOWS\system32\warning.html moved successfully.
C:\WINDOWS\system32\26962.exe moved successfully.
C:\WINDOWS\system32\29358.exe moved successfully.
C:\WINDOWS\system32\11478.exe moved successfully.
C:\WINDOWS\system32\15724.exe moved successfully.
C:\Documents and Settings\Owner\Plocha\Internet Security 2010.lnk moved successfully.
C:\WINDOWS\system32\9894.exe moved successfully.
C:\WINDOWS\system32\17035.exe moved successfully.
C:\WINDOWS\system32\26299.exe moved successfully.
C:\WINDOWS\system32\25667.exe moved successfully.
C:\WINDOWS\system32\19912.exe moved successfully.
C:\WINDOWS\system32\1869.exe moved successfully.
C:\WINDOWS\system32\11538.exe moved successfully.
C:\WINDOWS\system32\14771.exe moved successfully.
C:\WINDOWS\system32\21726.exe moved successfully.
C:\WINDOWS\system32\5447.exe moved successfully.
C:\WINDOWS\system32\19895.exe moved successfully.
C:\WINDOWS\system32\19718.exe moved successfully.
C:\WINDOWS\system32\18716.exe moved successfully.
C:\WINDOWS\system32\17421.exe moved successfully.
C:\WINDOWS\system32\12382.exe moved successfully.
C:\WINDOWS\system32\292.exe moved successfully.
C:\WINDOWS\system32\153.exe moved successfully.
C:\WINDOWS\system32\3902.exe moved successfully.
C:\WINDOWS\system32\14604.exe moved successfully.
C:\WINDOWS\system32\32391.exe moved successfully.
C:\WINDOWS\system32\5436.exe moved successfully.
C:\WINDOWS\system32\4827.exe moved successfully.
C:\WINDOWS\system32\11942.exe moved successfully.
C:\WINDOWS\system32\2995.exe moved successfully.
C:\WINDOWS\system32\491.exe moved successfully.
C:\WINDOWS\system32\9961.exe moved successfully.
C:\WINDOWS\system32\16827.exe moved successfully.
C:\WINDOWS\system32\23281.exe moved successfully.
File C:\WINDOWS\System32\28145.exe not found.
File C:\WINDOWS\System32\5705.exe not found.
File C:\WINDOWS\System32\24464.exe not found.
C:\WINDOWS\system32\helper32.dll moved successfully.
File C:\WINDOWS\System32\winlogon32.exe not found.
File C:\WINDOWS\System32\smss32.exe not found.
========== FILES ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
File C:\WINDOWS\System32\helper32.dll not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\ deleted successfully.
File C:\WINDOWS\System32\helper32.dll not found.
File\Folder C:\Program Files\InternetSecurity2010 not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Security 2010 not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temporary Internet Files folder emptied: 205106 bytes
User: Administrator.GABINA
->Temporary Internet Files folder emptied: 205106 bytes
User: Administrator.GABINA.000
->Temp folder emptied: 12881 bytes
->Temporary Internet Files folder emptied: 205106 bytes
User: Administrator.GABINA.001
->Temp folder emptied: 32273 bytes
->Temporary Internet Files folder emptied: 215887 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 16721687 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Owner
->Temp folder emptied: 852087624 bytes
->Temporary Internet Files folder emptied: 71756817 bytes
->Java cache emptied: 37178655 bytes
->FireFox cache emptied: 88811389 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1139202 bytes
%systemroot%\System32 .tmp files removed: 2675656 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 46350641 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23940586 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4289725497 bytes
Total Files Cleaned = 5 180,00 mb
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.
OTL by OldTimer - Version 3.1.27.0 log created on 01282010_151021
Re: Internet security 2010 - falešný spyware?
Předpokládám, že bez toho scriptu v bílém poli - je to tak?
Re: Internet security 2010 - falešný spyware?
Soubor Extras.txt se nevytvořil.
OTL logfile created on: 28.1.2010 19:06:21 - Run 2
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 331,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 41,40 Gb Free Space | 55,53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive S: | 74,55 Gb Total Space | 41,40 Gb Free Space | 55,53% Space Free | Partition Type: NTFS
Computer Name: GABINA
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
PRC - [2009.12.11 09:29:38 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.10.27 18:36:16 | 01,499,136 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.27 09:15:44 | 00,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.10.27 09:15:02 | 00,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.10.11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009.10.02 07:52:33 | 00,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009.07.31 08:51:19 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009.07.31 08:50:54 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009.07.31 08:50:46 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
PRC - [2008.07.24 18:46:10 | 00,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008.04.14 04:22:55 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.11 16:51:14 | 02,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007.09.11 16:51:14 | 02,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.10.11 11:45:12 | 00,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.) -- C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe
PRC - [2004.11.28 16:00:00 | 00,057,344 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB3RPK.EXE
PRC - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2003.08.15 08:34:50 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
MOD - [2006.10.04 21:07:12 | 00,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008.12.09 17:40:16 | 00,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008.07.29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007.02.07 12:47:27 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006.10.09 22:11:08 | 00,724,992 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004.04.21 21:10:00 | 00,516,096 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2003.07.28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2009.10.06 11:52:50 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 11:52:34 | 00,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 11:52:34 | 00,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 11:52:34 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.10.02 07:52:34 | 00,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009.07.31 08:51:18 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.07.31 08:51:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.04.27 07:26:55 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.04.27 07:26:49 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.11.20 20:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008.08.26 09:26:12 | 00,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 18:46:12 | 00,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.07.24 18:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008.04.13 20:45:36 | 00,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2008.04.13 19:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.11.13 11:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.03.26 07:25:50 | 00,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvprt.sys -- (Axtmvprt)
DRV - [2007.03.26 07:25:30 | 00,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.03.22 09:36:38 | 00,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvflt.sys -- (Axtmvflt)
DRV - [2004.08.17 15:45:18 | 00,606,556 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004.04.21 22:11:06 | 00,729,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.08.21 09:31:52 | 00,462,940 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003.08.14 16:16:38 | 00,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.04.16 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2003.03.04 05:56:26 | 00,145,408 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2002.01.21 12:03:36 | 00,048,472 | ---- | M] (Canon Information Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cis1284.sys -- (cis1284)
DRV - [2001.08.17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "WebHledani"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010.01.11 16:14:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.15 08:18:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
[2009.05.06 07:50:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Extensions
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions
[2009.09.21 08:15:24 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.09.21 14:53:29 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\searchplugins\ask.xml
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.28 11:29:27 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.28 11:29:27 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.28 11:29:27 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.28 11:29:27 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.28 11:29:27 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2003.04.16 13:00:00 | 00,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MpsOnn] C:\WINDOWS\system32\spool\drivers\w32x86\3\MPSONN.EXE (CANON INC.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunServices: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Epass - update.exe.lnk = Z:\update.exe File not found
O4 - Startup: C:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: servis24.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} http://tw.msi.com.tw/autobios/client/iftwclix.cab (InstallFromTheWeb ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.09 14:49:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{def1f9ac-7821-11de-b7db-000c7660f731}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.01.09 14:49:20 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (68120281553567744)
========== Files/Folders - Created Within 7 Days ==========
[2010.01.28 15:10:21 | 00,000,000 | ---D | C] -- C:\_OTL
[2010.01.28 15:03:35 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010.01.28 15:02:43 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Plocha\erunt_setup.exe
[2010.01.28 12:56:37 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 11:43:21 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.01.28 11:43:19 | 00,000,000 | ---D | C] -- C:\rsit
[2010.01.28 08:32:21 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010.01.26 15:36:16 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010.01.21 08:29:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.09.21 14:59:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.09.09 07:13:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ICS
[2009.07.24 08:24:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ServiceTest
[2009.07.22 02:00:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2007.05.17 09:46:37 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2007.02.08 12:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Ahead
[2007.01.22 11:40:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
========== Files - Modified Within 7 Days ==========
[2010.01.28 19:01:59 | 00,019,354 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\OTL old.rar
[2010.01.28 18:35:59 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010.01.28 15:36:39 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.28 15:36:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.28 15:36:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.28 15:26:38 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010.01.28 15:10:38 | 00,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.01.28 15:10:38 | 00,432,278 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.01.28 15:10:38 | 00,079,242 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.01.28 15:10:38 | 00,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.01.28 15:10:34 | 01,028,848 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.01.28 15:03:41 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\NTREGOPT.lnk
[2010.01.28 15:03:39 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\ERUNT.lnk
[2010.01.28 15:02:43 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Plocha\erunt_setup.exe
[2010.01.28 14:59:35 | 00,000,558 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2010.01.28 13:20:56 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Word 2003.lnk
[2010.01.28 13:14:57 | 00,006,396 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Extras.zip
[2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 12:25:37 | 54,749,051 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.01.28 07:14:36 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010.01.27 10:55:39 | 00,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\cedulky na materiál.doc
[2010.01.27 08:40:48 | 00,006,919 | ---- | M] () -- C:\Documents and Settings\Owner\intlname.ols
[2010.01.27 08:13:44 | 00,002,529 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Outlook 2003.lnk
[2010.01.26 15:37:20 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:26 | 02,157,638 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.22 12:27:21 | 00,000,753 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.22 11:19:06 | 00,001,601 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\EPASS.lnk
========== Files Created - No Company Name ==========
[2010.01.28 19:01:59 | 00,019,354 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\OTL old.rar
[2010.01.28 15:03:40 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\NTREGOPT.lnk
[2010.01.28 15:03:39 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\ERUNT.lnk
[2010.01.28 13:14:57 | 00,006,396 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\Extras.zip
[2010.01.26 15:37:20 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:25 | 02,157,638 | ---- | C] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.20 16:09:38 | 00,445,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.07.24 08:23:59 | 00,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009.05.04 07:17:49 | 00,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.10.17 13:43:24 | 00,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008.10.16 15:36:14 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008.10.16 15:35:54 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008.10.16 15:34:49 | 00,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008.09.17 07:58:20 | 00,005,368 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\froggy_scorebox
[2008.09.17 07:58:20 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\pl_accounts.pl_acc
[2008.09.17 07:58:20 | 00,000,556 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Troll.options
[2007.10.16 06:46:13 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.09.25 11:06:43 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SW_Win2000X32.DLL
[2007.09.24 09:25:48 | 00,003,132 | ---- | C] () -- C:\WINDOWS\CX_SearchHistory.INI
[2007.09.24 09:25:27 | 00,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2007.09.24 09:25:26 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2007.09.24 09:25:26 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2007.08.06 12:07:30 | 00,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007.05.10 07:46:30 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.03.01 12:40:25 | 00,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2007.02.08 12:33:30 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.31 15:51:15 | 00,000,028 | ---- | C] () -- C:\Program Files\32cardswcc.ini
[2007.01.31 15:49:17 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.10 09:10:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA2.INI
[2007.01.09 17:02:29 | 00,000,518 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.09 16:10:16 | 00,000,208 | ---- | C] () -- C:\WINDOWS\MPASS.INI
[2007.01.09 15:34:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007.01.09 15:32:19 | 00,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007.01.09 14:01:25 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003.04.09 15:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.02.14 08:49:38 | 00,082,944 | ---- | C] () -- C:\WINDOWS\System32\qrpdflib.dll
========== LOP Check ==========
[2009.06.11 12:44:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2009.12.15 08:15:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.12.15 08:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.01.19 13:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.01.20 11:30:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.10.16 15:34:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.09.21 08:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TonkyPonky
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2009.11.05 09:04:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Alpen 3D Online
[2007.04.20 12:05:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Autodesk
[2009.04.27 12:13:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\AVGTOOLBAR
[2008.10.16 15:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2008.04.28 11:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Cestak
[2007.02.14 09:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\DataLayer
[2009.07.27 07:31:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Memeo
[2009.08.19 11:35:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\NewSoft
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2007.02.14 09:13:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia Multimedia Player
[2010.01.21 08:29:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2008.10.16 15:34:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ScanSoft
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 00,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 01,695,232 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.)
"DataboxFFServer" = C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe -- [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia)
< c:\windows\*.* /U >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2010.01.28 15:26:38 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2010.01.28 15:26:38 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 01,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 00,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 00,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 00,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 00,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 00,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 00,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 00,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< End of report >
OTL logfile created on: 28.1.2010 19:06:21 - Run 2
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Owner\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 331,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 41,40 Gb Free Space | 55,53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive S: | 74,55 Gb Total Space | 41,40 Gb Free Space | 55,53% Space Free | Partition Type: NTFS
Computer Name: GABINA
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
PRC - [2009.12.11 09:29:38 | 02,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.10.27 18:36:16 | 01,499,136 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.27 09:15:44 | 00,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.10.27 09:15:02 | 00,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.10.11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2009.10.02 07:52:33 | 00,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009.07.31 08:51:19 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009.07.31 08:50:54 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009.07.31 08:50:46 | 00,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
PRC - [2008.07.24 18:46:10 | 00,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008.04.14 04:22:55 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.11 16:51:14 | 02,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007.09.11 16:51:14 | 02,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006.10.11 11:45:12 | 00,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.) -- C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe
PRC - [2004.11.28 16:00:00 | 00,057,344 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\CNAB3RPK.EXE
PRC - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2003.08.15 08:34:50 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
MOD - [2006.10.04 21:07:12 | 00,144,936 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
========== Win32 Services (SafeList) ==========
SRV - [2009.10.27 09:26:36 | 00,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.10.11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.10.02 07:52:51 | 00,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009.07.31 08:49:50 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008.12.09 17:40:16 | 00,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008.12.09 17:40:16 | 00,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008.07.29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.07.24 18:46:10 | 00,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007.02.07 12:47:27 | 00,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2006.10.09 22:11:08 | 00,724,992 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\AHEAD\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2004.04.21 21:56:04 | 00,397,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004.04.21 21:10:00 | 00,516,096 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2003.07.28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2009.10.06 11:52:50 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 11:52:34 | 00,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 11:52:34 | 00,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 11:52:34 | 00,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.10.02 07:52:34 | 00,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009.07.31 08:51:18 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009.07.31 08:51:17 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009.04.27 07:26:55 | 00,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.04.27 07:26:49 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008.11.20 20:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008.08.26 09:26:12 | 00,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 18:46:12 | 00,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 00,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.07.24 18:45:20 | 00,010,144 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmimirr.sys -- (lmimirr)
DRV - [2008.04.13 20:45:36 | 00,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2008.04.13 19:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.11.13 11:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007.03.26 07:25:50 | 00,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvprt.sys -- (Axtmvprt)
DRV - [2007.03.26 07:25:30 | 00,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.03.22 09:36:38 | 00,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvflt.sys -- (Axtmvflt)
DRV - [2004.08.17 15:45:18 | 00,606,556 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004.04.21 22:11:06 | 00,729,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.08.21 09:31:52 | 00,462,940 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003.08.14 16:16:38 | 00,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.04.16 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2003.03.04 05:56:26 | 00,145,408 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2002.01.21 12:03:36 | 00,048,472 | ---- | M] (Canon Information Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cis1284.sys -- (cis1284)
DRV - [2001.08.17 21:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1757981266-343818398-725345543-1003\S-1-5-21-1757981266-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "WebHledani"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010.01.11 16:14:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.15 08:18:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.28 11:29:34 | 00,000,000 | ---D | M]
[2009.05.06 07:50:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Extensions
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions
[2009.09.21 08:15:24 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2009.09.21 14:53:29 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\xngtzbx4.default\searchplugins\ask.xml
[2010.01.28 11:40:04 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.28 11:29:27 | 00,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.28 11:29:27 | 00,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.28 11:29:27 | 00,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.28 11:29:27 | 00,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.28 11:29:27 | 00,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2003.04.16 13:00:00 | 00,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MpsOnn] C:\WINDOWS\system32\spool\drivers\w32x86\3\MPSONN.EXE (CANON INC.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1757981266-343818398-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunServices: [DataboxFFServer] C:\Program Files\Databox\Contact 4.0\Server\FFSrv95.exe (DATABOX s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Epass - update.exe.lnk = Z:\update.exe File not found
O4 - Startup: C:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: servis24.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1757981266-343818398-725345543-1003\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} http://tw.msi.com.tw/autobios/client/iftwclix.cab (InstallFromTheWeb ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.09 14:49:40 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{def1f9ac-7821-11de-b7db-000c7660f731}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.01.09 14:49:20 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (68120281553567744)
========== Files/Folders - Created Within 7 Days ==========
[2010.01.28 15:10:21 | 00,000,000 | ---D | C] -- C:\_OTL
[2010.01.28 15:03:35 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010.01.28 15:02:43 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Plocha\erunt_setup.exe
[2010.01.28 12:56:37 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 11:43:21 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.01.28 11:43:19 | 00,000,000 | ---D | C] -- C:\rsit
[2010.01.28 08:32:21 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2010.01.26 15:36:16 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010.01.21 08:29:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.09.21 14:59:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.09.09 07:13:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ICS
[2009.07.24 08:24:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ServiceTest
[2009.07.22 02:00:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2007.05.17 09:46:37 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2007.02.08 12:41:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Ahead
[2007.01.22 11:40:46 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
========== Files - Modified Within 7 Days ==========
[2010.01.28 19:01:59 | 00,019,354 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\OTL old.rar
[2010.01.28 18:35:59 | 05,767,168 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010.01.28 15:36:39 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.28 15:36:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.28 15:36:01 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.28 15:26:38 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010.01.28 15:10:38 | 00,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.01.28 15:10:38 | 00,432,278 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.01.28 15:10:38 | 00,079,242 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.01.28 15:10:38 | 00,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.01.28 15:10:34 | 01,028,848 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.01.28 15:03:41 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\NTREGOPT.lnk
[2010.01.28 15:03:39 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\ERUNT.lnk
[2010.01.28 15:02:43 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Plocha\erunt_setup.exe
[2010.01.28 14:59:35 | 00,000,558 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2010.01.28 13:20:56 | 00,002,561 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Word 2003.lnk
[2010.01.28 13:14:57 | 00,006,396 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Extras.zip
[2010.01.28 12:56:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Plocha\OTL.exe
[2010.01.28 12:25:37 | 54,749,051 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.01.28 07:14:36 | 00,000,272 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010.01.27 10:55:39 | 00,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\cedulky na materiál.doc
[2010.01.27 08:40:48 | 00,006,919 | ---- | M] () -- C:\Documents and Settings\Owner\intlname.ols
[2010.01.27 08:13:44 | 00,002,529 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\Microsoft Office Outlook 2003.lnk
[2010.01.26 15:37:20 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:26 | 02,157,638 | ---- | M] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.22 12:27:21 | 00,000,753 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.22 11:19:06 | 00,001,601 | ---- | M] () -- C:\Documents and Settings\Owner\Plocha\EPASS.lnk
========== Files Created - No Company Name ==========
[2010.01.28 19:01:59 | 00,019,354 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\OTL old.rar
[2010.01.28 15:03:40 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\NTREGOPT.lnk
[2010.01.28 15:03:39 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\ERUNT.lnk
[2010.01.28 13:14:57 | 00,006,396 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\Extras.zip
[2010.01.26 15:37:20 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.01.26 11:06:25 | 02,157,638 | ---- | C] () -- C:\Documents and Settings\Owner\Dokumenty\Nový obrázek.bmp
[2010.01.26 09:53:29 | 00,288,731 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\pokladna.pdf
[2010.01.26 09:53:05 | 00,254,869 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\zasklení okna.pdf
[2010.01.26 09:52:55 | 00,269,756 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\příjmový doklad stravenky.pdf
[2010.01.25 14:32:28 | 01,522,936 | ---- | C] () -- C:\Documents and Settings\Owner\Plocha\faktura moniror Samsung1.PDF
[2010.01.20 16:09:38 | 00,445,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.07.24 08:23:59 | 00,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009.05.04 07:17:49 | 00,000,039 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.10.17 13:43:24 | 00,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008.10.16 15:36:14 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008.10.16 15:35:54 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008.10.16 15:34:49 | 00,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008.09.17 07:58:20 | 00,005,368 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\froggy_scorebox
[2008.09.17 07:58:20 | 00,000,679 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\pl_accounts.pl_acc
[2008.09.17 07:58:20 | 00,000,556 | ---- | C] () -- C:\Documents and Settings\Owner\Data aplikací\Troll.options
[2007.10.16 06:46:13 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.09.25 11:06:43 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SW_Win2000X32.DLL
[2007.09.24 09:25:48 | 00,003,132 | ---- | C] () -- C:\WINDOWS\CX_SearchHistory.INI
[2007.09.24 09:25:27 | 00,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx13_ic.ini
[2007.09.24 09:25:26 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\CSVSpecialProcessing.dll
[2007.09.24 09:25:26 | 00,102,400 | ---- | C] () -- C:\WINDOWS\System32\SARzilla.dll
[2007.08.06 12:07:30 | 00,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007.05.10 07:46:30 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.03.01 12:40:25 | 00,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2007.02.08 12:33:30 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.31 15:51:15 | 00,000,028 | ---- | C] () -- C:\Program Files\32cardswcc.ini
[2007.01.31 15:49:17 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.10 09:10:12 | 00,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA2.INI
[2007.01.09 17:02:29 | 00,000,518 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.09 16:10:16 | 00,000,208 | ---- | C] () -- C:\WINDOWS\MPASS.INI
[2007.01.09 15:34:58 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007.01.09 15:32:19 | 00,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2007.01.09 14:01:25 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2003.04.09 15:38:04 | 00,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.02.14 08:49:38 | 00,082,944 | ---- | C] () -- C:\WINDOWS\System32\qrpdflib.dll
========== LOP Check ==========
[2009.06.11 12:44:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2009.12.15 08:15:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.12.15 08:16:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.01.19 13:36:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2010.01.20 11:30:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.10.16 15:34:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.09.21 08:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TonkyPonky
[2009.06.11 08:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVGTOOLBAR
[2009.11.05 09:04:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Alpen 3D Online
[2007.04.20 12:05:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Autodesk
[2009.04.27 12:13:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\AVGTOOLBAR
[2008.10.16 15:40:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Canon
[2008.04.28 11:07:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Cestak
[2007.02.14 09:07:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\DataLayer
[2009.07.27 07:31:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Memeo
[2009.08.19 11:35:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\NewSoft
[2010.01.21 08:29:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia
[2007.02.14 09:13:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\Nokia Multimedia Player
[2010.01.21 08:29:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\PC Suite
[2008.10.16 15:34:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Data aplikací\ScanSoft
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 00,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 01,695,232 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2007.07.04 09:12:08 | 00,068,856 | ---- | M] (Google Inc.)
"DataboxFFServer" = C:\PROGRA~1\Databox\CONTAC~1.0\Server\FFSrv95.exe -- [2005.08.31 08:19:38 | 00,303,616 | ---- | M] (DATABOX s.r.o.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 10:57:36 | 01,451,520 | ---- | M] (Nokia)
< c:\windows\*.* /U >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004.08.03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2010.01.28 15:26:38 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2010.01.28 15:26:38 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 01,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 01,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2003.04.16 13:00:00 | 10,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 18,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.09.29 07:22:35 | 23,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 00,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 00,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 00,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 00,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 00,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 00,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 00,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 00,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 00,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 00,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 00,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 00,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 00,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 00,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 00,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 00,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< End of report >
Re: Internet security 2010 - falešný spyware?
Databázový Server verze 4.0. Tento program zabezpečuje nabídku dat pro CONTACT Professional 4.0 - databáze aktivních firem (crm.databox.cz).
Tu složku _OTL - nechceš to do emailu? Já momentálně žádné úložiště nepoužívám. Ale kdyžtak něco založím
Jdu pokračovat....
A já moc děkuju za pomoc!!!!
Tu složku _OTL - nechceš to do emailu? Já momentálně žádné úložiště nepoužívám. Ale kdyžtak něco založím
Jdu pokračovat....
A já moc děkuju za pomoc!!!!
Re: Internet security 2010 - falešný spyware?
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 19:47 on 28/01/2010 by Owner (Administrator - Elevation successful)
========== filefind ==========
Searching for "ntprvwms.dll"
No files found.
========== reg ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"auditbaseobjects"= 0000000000 (0)
"Authentication Packages"="msv1_0"
"Bounds"=00 30 00 00 00 20 00 00 (REG_BINARY)
"crashonauditfail"= 0000000000 (0)
"disabledomaincreds"= 0000000000 (0)
"everyoneincludesanonymous"= 0000000000 (0)
"fipsalgorithmpolicy"= 0000000000 (0)
"forceguest"= 0x0000000001 (1)
"fullprivilegeauditing"=00 (REG_BINARY)
"ImpersonatePrivilegeUpgradeToolHasRun"= 0x0000000001 (1)
"limitblankpassworduse"= 0x0000000001 (1)
"lmcompatibilitylevel"= 0000000000 (0)
"LsaPid"= 0x00000002b0 (688)
"nodefaultadminowner"= 0x0000000001 (1)
"nolmhash"= 0000000000 (0)
"Notification Packages"="scecli ntprvwms.dll"
"restrictanonymous"= 0000000000 (0)
"restrictanonymoussam"= 0x0000000001 (1)
"SecureBoot"= 0x0000000001 (1)
"Security Packages"="kerberos msv1_0 schannel wdigest"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders]
"ProviderOrder"="Windows NT Access Provider"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath"="%SystemRoot%\system32\ntmarta.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data]
"Pattern"=7e 65 2d 3c 74 62 66 e6 e1 19 1c a7 32 a2 fa bf 30 31 33 64 35 66 31 63 00 68 07 00 01 00 00 00 d8 00 00 00 dc 00 00 00 48 fa 06 00 d6 48 57 74 04 00 00 00 a0 fd 06 00 b8 fd 06 00 55 1b d8 f8 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG]
"GrafBlumGroup"=07 67 69 da 2b a8 2a 9d b7 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD]
"Lookup"=09 be 8f be d0 86 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0]
"ntlmminclientsec"= 0000000000 (0)
"ntlmminserversec"= 0000000000 (0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1]
"SkewMatrix"=c6 03 62 98 5c dc 98 c2 c0 63 d4 f7 6b 97 13 3b (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4]
"SSOURL"="http://www.passport.com"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache]
"Time"=60 af f4 bf 03 22 c9 01 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll]
"Capabilities"= 0x0000004050 (16464)
"Comment"="Digest SSPI Authentication Package"
"Name"="Digest"
"RpcId"= 0x000000ffff (65535)
"Time"=80 a3 fd a6 de 9d c8 01 (REG_BINARY)
"TokenSize"= 0x000000ffff (65535)
"Type"= 0x0000000031 (49)
"Version"= 0x0000000001 (1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll]
"Capabilities"= 0x0000000037 (55)
"Comment"="DPA Security Package"
"Name"="DPA"
"RpcId"= 0x0000000011 (17)
"Time"=80 57 c2 ab de 9d c8 01 (REG_BINARY)
"TokenSize"= 0x0000000300 (768)
"Type"= 0x0000000031 (49)
"Version"= 0x0000000001 (1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll]
"Capabilities"= 0x0000000037 (55)
"Comment"="MSN Security Package"
"Name"="MSN"
"RpcId"= 0x0000000012 (18)
"Time"=00 ee 5a ac de 9d c8 01 (REG_BINARY)
"TokenSize"= 0x0000000300 (768)
"Type"= 0x0000000031 (49)
"Version"= 0x0000000001 (1)
========== regfind ==========
Searching for "ntprvwms.dll"
No data found.
-=End Of File=-
Log created at 19:47 on 28/01/2010 by Owner (Administrator - Elevation successful)
========== filefind ==========
Searching for "ntprvwms.dll"
No files found.
========== reg ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"auditbaseobjects"= 0000000000 (0)
"Authentication Packages"="msv1_0"
"Bounds"=00 30 00 00 00 20 00 00 (REG_BINARY)
"crashonauditfail"= 0000000000 (0)
"disabledomaincreds"= 0000000000 (0)
"everyoneincludesanonymous"= 0000000000 (0)
"fipsalgorithmpolicy"= 0000000000 (0)
"forceguest"= 0x0000000001 (1)
"fullprivilegeauditing"=00 (REG_BINARY)
"ImpersonatePrivilegeUpgradeToolHasRun"= 0x0000000001 (1)
"limitblankpassworduse"= 0x0000000001 (1)
"lmcompatibilitylevel"= 0000000000 (0)
"LsaPid"= 0x00000002b0 (688)
"nodefaultadminowner"= 0x0000000001 (1)
"nolmhash"= 0000000000 (0)
"Notification Packages"="scecli ntprvwms.dll"
"restrictanonymous"= 0000000000 (0)
"restrictanonymoussam"= 0x0000000001 (1)
"SecureBoot"= 0x0000000001 (1)
"Security Packages"="kerberos msv1_0 schannel wdigest"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders]
"ProviderOrder"="Windows NT Access Provider"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath"="%SystemRoot%\system32\ntmarta.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data]
"Pattern"=7e 65 2d 3c 74 62 66 e6 e1 19 1c a7 32 a2 fa bf 30 31 33 64 35 66 31 63 00 68 07 00 01 00 00 00 d8 00 00 00 dc 00 00 00 48 fa 06 00 d6 48 57 74 04 00 00 00 a0 fd 06 00 b8 fd 06 00 55 1b d8 f8 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG]
"GrafBlumGroup"=07 67 69 da 2b a8 2a 9d b7 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD]
"Lookup"=09 be 8f be d0 86 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0]
"ntlmminclientsec"= 0000000000 (0)
"ntlmminserversec"= 0000000000 (0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1]
"SkewMatrix"=c6 03 62 98 5c dc 98 c2 c0 63 d4 f7 6b 97 13 3b (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO]
(No values found)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4]
"SSOURL"="http://www.passport.com"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache]
"Time"=60 af f4 bf 03 22 c9 01 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll]
"Capabilities"= 0x0000004050 (16464)
"Comment"="Digest SSPI Authentication Package"
"Name"="Digest"
"RpcId"= 0x000000ffff (65535)
"Time"=80 a3 fd a6 de 9d c8 01 (REG_BINARY)
"TokenSize"= 0x000000ffff (65535)
"Type"= 0x0000000031 (49)
"Version"= 0x0000000001 (1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll]
"Capabilities"= 0x0000000037 (55)
"Comment"="DPA Security Package"
"Name"="DPA"
"RpcId"= 0x0000000011 (17)
"Time"=80 57 c2 ab de 9d c8 01 (REG_BINARY)
"TokenSize"= 0x0000000300 (768)
"Type"= 0x0000000031 (49)
"Version"= 0x0000000001 (1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll]
"Capabilities"= 0x0000000037 (55)
"Comment"="MSN Security Package"
"Name"="MSN"
"RpcId"= 0x0000000012 (18)
"Time"=00 ee 5a ac de 9d c8 01 (REG_BINARY)
"TokenSize"= 0x0000000300 (768)
"Type"= 0x0000000031 (49)
"Version"= 0x0000000001 (1)
========== regfind ==========
Searching for "ntprvwms.dll"
No data found.
-=End Of File=-
Re: Internet security 2010 - falešný spyware?
http://www.edisk.cz/stahni/41991/_OTL.zip_2.34MB.html
Teď musím končit, budu asi za hodinu, dodělám pak.
Dík
Teď musím končit, budu asi za hodinu, dodělám pak.
Dík
Re: Internet security 2010 - falešný spyware?
Tak PC se zdá být bez vad. Moc děkuji
repaz
repaz
Přispějete na provoz fóra?