Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

vir Alureon.B nelze odstranit

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
swobi
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 17 bře 2010 17:05

Re: vir Alureon.B nelze odstranit

#31 Příspěvek od swobi »

OTL Extras logfile created on: 24.3.2010 15:10:06 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Jan Svoboda\Jakub\download
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 5,84 Gb Free Space | 1,25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JANSVOBODA-PC
Current User Name: Jan Svoboda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E8D632F-E03C-4121-B60C-3E960392831D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{25B48683-3E1A-4098-999E-F1066361AD6B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{352CBED9-59B2-49BD-8C86-C878248A14F4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{48890CE3-E7ED-4C13-9DB1-A69A72EE9E2D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B1CADB7C-06C5-49B0-9996-3907C957E11E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{C2932748-56A9-4516-9C23-343B9E9E6D81}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{C471C926-EF31-4844-8948-B39B5FCF397E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E241DBF7-3730-4085-A36E-343B33508FEF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F82B5429-BB27-4CEE-9F8E-14533E629793}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F87C894A-A3A3-45A1-B49B-7D0AB941F716}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FDA0A016-30D2-479F-9C28-9BF972F6C38F}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16A4E1C9-6D2D-46C3-BE5A-1C8BBE6EC35E}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{263304E6-DE1D-4E6C-BF6D-884A50414B1A}" = protocol=17 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{28350072-2B73-48C9-AB83-AB5ED6879BA1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{35B504AB-0DF1-4F22-BA49-E358B5D9E57A}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{3D401BB5-4154-4C65-9F85-4077B738ECF8}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{48ACC69C-52AB-423F-B914-F1DD75D3A13C}" = protocol=6 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"{4B51624C-996F-4A7F-904B-7A2A26058B50}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{4F6189E6-459B-4D9A-818D-CCC48A069943}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{57842011-5718-4700-BD85-5FDA4FCC1122}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{68D32D58-D1EE-471F-88B6-CFD17773170E}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{7674D364-27AF-4B1B-A625-2B4B2DF6786A}" = protocol=17 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"{76A3454D-8221-482B-9157-E57F4F171222}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{79A71DFD-A8E2-4BF1-BF43-A4F19F050E10}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{7DED7CA6-AFAF-4203-91F0-EB857CED56A9}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{85079D24-3B91-4819-9BF4-AD65279E4527}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{889E979D-A556-48F1-9F91-6920C6EFBFB9}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8AA41DC0-F2DD-43D6-AB00-EED7B5C7596D}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{8D60D8F5-9FE1-4960-90FB-F2807AF3FB90}" = protocol=17 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{A387D6F4-76AC-44AD-9D5A-2EF27A969F81}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{A4556F19-C6DB-45C2-B3BC-DFD88430AC37}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{A92893D0-A64B-474A-9469-1E3D7617D2E7}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{AAA5EA95-B7D1-474D-9FF3-3C84CA1ED3D7}" = protocol=6 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{AD2525CE-A00A-424F-842C-BF5B45A0A5FD}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B09F974A-BD15-469C-BDDB-B0DE05692854}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{B464AF35-05CE-4262-A98D-7E9F4E8B6045}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{B7193550-0F61-4016-93F2-4E86F445126F}" = protocol=6 | dir=out | app=system |
"{C6058340-34E6-48C2-9DDC-07FBF3753AC0}" = protocol=6 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{CF6B8C44-1F55-49F0-BD90-77CD6D265842}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{E81C86DA-3BDF-4432-A826-8A25ADB96886}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{ED9C89B5-5B83-4B63-A7C5-8F27C583AD44}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{F4F223B1-513F-4CE8-9876-2F1A75A280FC}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{F58B583A-1827-445F-AAC0-C203A86030F0}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{FC6FA608-C3D3-4838-AFF0-135E975F2080}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{FDA3487F-3016-4E18-B5D0-B0978311F4FD}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"TCP Query User{0159A847-B837-47DF-8B41-E6F57702EE1A}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{2410011A-6073-4FCC-81F5-B20E4FDBB6F2}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{3248C09F-918B-4993-BE5A-D858FF2C932D}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"TCP Query User{3E9F5774-C38F-4600-892D-0661692C647D}C:\users\jan svoboda\jakub\hry\cs\hl.exe" = protocol=6 | dir=in | app=c:\users\jan svoboda\jakub\hry\cs\hl.exe |
"TCP Query User{443B1A62-ABDC-4AE7-BAAA-9115F794471B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5F448349-C740-477B-82A7-7E1C94BAB6E1}J:\warcraft 3\war3.exe" = protocol=6 | dir=in | app=j:\warcraft 3\war3.exe |
"TCP Query User{6C4CE59E-4C90-439E-831A-430E9EE0A55A}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{8215BB48-3F41-4E6D-8C66-26F606B8FBF6}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{9B1D0324-D6CA-4CA3-A1B8-0565E8A2D711}C:\users\jan svoboda\jakub\flash\cs\hl.exe" = protocol=6 | dir=in | app=c:\users\jan svoboda\jakub\flash\cs\hl.exe |
"TCP Query User{ADB42A8B-5C92-469E-9484-D90A3C094484}J:\valve\hl.exe" = protocol=6 | dir=in | app=j:\valve\hl.exe |
"TCP Query User{B05E2495-950C-476C-B40B-1BEB235B30FC}C:\program files\zaklínač\system\witcher.exe" = protocol=6 | dir=in | app=c:\program files\zaklínač\system\witcher.exe |
"TCP Query User{C0C4B08C-4B90-417B-87BB-A6BAA6F99A11}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{DCB241AC-698E-496D-8662-9E197248CB5E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{E4BCAA0F-A702-4FB4-AA7C-B52CC232C00A}C:\users\jan svoboda\jakub\cs\hl.exe" = protocol=6 | dir=in | app=c:\users\jan svoboda\jakub\cs\hl.exe |
"TCP Query User{E91C71A8-3707-44C5-8FDF-3360906E0EBC}C:\program files\cs\hl.exe" = protocol=6 | dir=in | app=c:\program files\cs\hl.exe |
"TCP Query User{EA96F233-7B55-447B-A0FA-173DC65E1B91}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{11512595-253A-4435-ABEF-221553708006}C:\program files\cs\hl.exe" = protocol=17 | dir=in | app=c:\program files\cs\hl.exe |
"UDP Query User{1A058E53-D908-4AD2-AD82-9135C39716FC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{1C017129-6F60-446B-94F3-44F4DB970EE8}J:\valve\hl.exe" = protocol=17 | dir=in | app=j:\valve\hl.exe |
"UDP Query User{3ABC98A9-2AAA-44D7-BC0A-4E835334CDAE}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{5586E7F1-B6BB-489E-9301-36C495A4DC65}C:\program files\zaklínač\system\witcher.exe" = protocol=17 | dir=in | app=c:\program files\zaklínač\system\witcher.exe |
"UDP Query User{5F2F37B0-EC9D-439A-8AA6-9D17009EE87C}C:\program files\internet explorer\iexplore.exe" = dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{79599208-6760-4AFD-9A5C-E14A6D2CC760}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{90741694-5C51-4AE9-A47A-AFE3407F4B51}C:\users\jan svoboda\jakub\hry\cs\hl.exe" = protocol=17 | dir=in | app=c:\users\jan svoboda\jakub\hry\cs\hl.exe |
"UDP Query User{A0DBB070-DE3D-4CEC-81E3-2F9F1EE2F863}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{A25A8BD3-22D9-41E5-82F8-DBDECA28526B}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{A4BEFD67-DDF3-40AD-ADFF-9EEB58166C2F}C:\program files\java\jre6\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\frd.exe |
"UDP Query User{AD81FA95-D384-4463-99AA-4E400C358C36}J:\warcraft 3\war3.exe" = protocol=17 | dir=in | app=j:\warcraft 3\war3.exe |
"UDP Query User{D5AA2556-963C-424B-9EAF-47DE3B36390C}C:\users\jan svoboda\jakub\cs\hl.exe" = protocol=17 | dir=in | app=c:\users\jan svoboda\jakub\cs\hl.exe |
"UDP Query User{DC1DE7CF-95EB-4AB9-B78C-CF18782C4117}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{EC939B66-2CDC-49CC-9B76-196FF06921B0}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{F3FEDEF5-B9EB-4DE0-9FF8-BC0481DEFAD9}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{F9F0DEE6-AAD6-4177-A4B1-6CDD329317AA}C:\users\jan svoboda\jakub\flash\cs\hl.exe" = protocol=17 | dir=in | app=c:\users\jan svoboda\jakub\flash\cs\hl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Pomocník pro přihlášení ke službě Windows Live ID
"{10F15459-C54E-41BA-AC83-F12ACAF24690}" = Moorfrosch XS
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{239BB983-8A2D-4974-B780-2ADAE32752D5}" = Windows Live installer
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{32A3A4F4-B792-11D6-A78A-00B0D0160120}" = Java(TM) SE Development Kit 6 Update 12
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E5E0DD2-6904-43DF-8713-10D27C0382B1}" = COSMOSWorks 2008 SP0
"{40345A8F-3B72-44DE-814F-72E8A52B1161}" = eDrawings 2008
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}" = Nokia PC Suite
"{55979B95-CE20-4BD4-8BCA-DA3DFAE47402}" = Nortns 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-6001-0405-0002-0060B0CE6BBA}" = AutoCAD 2008 - Český
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.0.131
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}" = Moorfrosch XXL
"{8876F541-F374-4375-BF2A-8FD9FA8141C4}" = COSMOSMotion 2008 SP0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90150405-6000-11D3-8CFE-0050048383C9}" = Microsoft Access 2002
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9BE2AFE1-617E-478F-9BE5-DABB63B4380A}" = COSMOSMotion 2007 SP0
"{AA48705D-C811-4B1B-908F-C808D9896389}" = SolidWorks 2008 SP0
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCBFCA70-D1B3-48A7-9504-8D149DD39658}" = SolidWorks viewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3896DF6-96CC-44F9-BDBB-DD9D3DEDD378}" = COSMOSFloWorks 2008 SP0
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}" = Nero 7 Premium
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E42D62BA-2D98-4D08-8242-9F410ACA4727}" = Testy Autoškola
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Zaklínač
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"Ant Movie Catalog_is1" = Ant Movie Catalog
"AnyDVD" = AnyDVD
"AutoCAD 2008 - Český" = AutoCAD 2008 - Český
"BitLord" = BitLord 1.1
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Cyklotrasy 2.12" = Cyklotrasy 2.12
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Flick_is1" = DVD Flick
"DVDFab HD Decrypter 4_is1" = DVDFab HD Decrypter 4.0.5.5
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.0.5.5 Ghosthunter release
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"ffdshow_is1" = ffdshow [rev 1155] [2007-05-12]
"Foxit Reader CZ_is1" = Foxit Reader 1.3 Build 1130 CZ
"GameParkClient_is1" = GamePark
"Google Updater" = Google Updater
"Inquisitor_is1" = Inquisitor v1.01
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"MediaCoder" = MediaCoder 0.7.2.4560
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Moorhuhn Atlantis" = Crazy Chicken Atlantis
"Moorhuhn Winter-Edition" = Moorhuhn Winter-Edition
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NFS: Most Wanted" = NFS: Most Wanted CZ
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"QIP Infium_is1" = QIP Infium 2.0.9020 RC3
"Runic Games Torchlight" = Torchlight
"SolidWorks Installation Manager 20080-40000-1100-200" = SolidWorks 2008 SP0
"SpywareBlaster_is1" = SpywareBlaster 4.2
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"TagScanner_is1" = TagScanner 5.1 build 555
"Venetica_is1" = Venetica
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
"xp-AntiSpy" = xp-AntiSpy 3.96-5
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24.6.2009 11:29:29 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 11:29:33 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 11:29:36 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 11:29:49 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 11:29:52 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 11:29:55 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 11:30:08 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 13:52:15 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 13:52:15 | Computer Name = JanSvoboda-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 24.6.2009 14:38:27 | Computer Name = JanSvoboda-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 22.3.2010 11:43:44 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 22.3.2010 11:43:56 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 22.3.2010 11:47:29 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 22.3.2010 11:47:29 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 22.3.2010 12:00:25 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 22.3.2010 12:00:25 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 23.3.2010 9:11:04 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 23.3.2010 9:11:04 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 24.3.2010 9:30:57 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 24.3.2010 9:30:57 | Computer Name = JanSvoboda-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
Nahoru
swobi
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 17 bře 2010 17:05

Re: vir Alureon.B nelze odstranit

#32 Příspěvek od swobi »

OTL logfile created on: 24.3.2010 15:10:06 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Jan Svoboda\Jakub\download
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 5,84 Gb Free Space | 1,25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JANSVOBODA-PC
Current User Name: Jan Svoboda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.03.24 15:09:00 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Svoboda\Jakub\download\OTL.exe
PRC - [2010.03.01 20:42:48 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.02.21 05:03:12 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.01.16 04:11:42 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.12.09 18:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.08.13 11:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2009.06.12 12:34:16 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.05.28 13:45:00 | 000,132,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.03.30 10:11:14 | 000,120,320 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2007.07.23 08:05:24 | 000,675,840 | ---- | M] () -- C:\Program Files\SolidWorks (2)\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
PRC - [2005.05.07 01:47:08 | 002,224,128 | ---- | M] (www.BitLord.com) -- C:\Program Files\BitLord\BitLord.exe


========== Modules (SafeList) ==========

MOD - [2010.03.24 15:09:00 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Jan Svoboda\Jakub\download\OTL.exe
MOD - [2009.04.11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009.12.09 18:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.03.15 17:26:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.18 19:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.09.22 19:33:34 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2008.01.28 17:00:36 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.07.23 08:05:24 | 000,675,840 | ---- | M] () [Auto | Running] -- C:\Program Files\SolidWorks (2)\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe -- (Remote Solver for COSMOSFloWorks 2007)


========== Driver Services (SafeList) ==========

DRV - [2010.01.12 12:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.12.20 10:53:32 | 000,234,016 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.12.02 15:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009.02.09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.13 11:45:35 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007.12.26 16:24:16 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2007.12.26 16:24:15 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.11.30 15:18:16 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2007.02.28 21:56:07 | 000,015,440 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007.02.16 01:56:49 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006.11.02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2005.05.03 16:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2004.11.05 10:08:06 | 000,670,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.1.1:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.idnes.cz"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - prefs.js..network.proxy.ftp: "192.168.1.1"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "192.168.1.1"
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "192.168.1.1"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.1.1"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "192.168.1.1"
FF - prefs.js..network.proxy.ssl_port: 80

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.03.14 14:49:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.12 16:55:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.12 16:55:53 | 000,000,000 | ---D | M]

[2009.12.25 13:24:07 | 000,000,000 | ---D | M] -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Extensions
[2009.12.25 13:24:07 | 000,000,000 | ---D | M] -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2010.03.22 21:36:14 | 000,000,000 | ---D | M] -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\extensions
[2010.03.12 16:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\extensions\{0F4F7F5C-C791-4951-8D9C-A0847AD03A7B}
[2009.06.24 19:24:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.12 16:45:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\extensions\{2843a0c8-caba-4428-b96a-83b5547c0fdd}
[2010.02.19 17:58:40 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.01.16 19:31:05 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.07.23 20:48:53 | 000,004,446 | ---- | M] () -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\searchplugins\hyperwords.xml
[2010.02.16 19:20:00 | 000,002,061 | ---- | M] () -- C:\Users\Jan Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\2hrjvwbb.default\searchplugins\qipsearch.xml
[2010.03.12 16:55:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007.09.07 14:55:48 | 000,155,648 | ---- | M] (Solidworks Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll
[2010.01.16 01:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 01:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 01:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 01:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 01:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.03.22 16:47:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.135 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jan Svoboda\Jakub\wall1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jan Svoboda\Jakub\wall1.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010.03.22 16:56:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.03.22 16:56:03 | 000,000,000 | ---D | C] -- C:\Users\Jan Svoboda\AppData\Local\temp
[2010.03.22 16:47:24 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010.03.22 16:34:55 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.03.22 16:34:55 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.03.22 16:34:55 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.03.22 16:34:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.03.21 17:53:14 | 000,000,000 | ---D | C] -- C:\Avenger
[2010.03.19 15:11:10 | 000,000,000 | ---D | C] -- C:\Users\Jan Svoboda\AppData\Local\ESET
[2010.03.17 17:48:04 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.03.17 17:43:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.03.17 17:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.03.17 17:08:54 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.17 15:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010.03.17 15:02:24 | 000,000,000 | ---D | C] -- C:\Users\Jan Svoboda\AppData\Local\Downloaded Installations
[2010.03.17 14:44:48 | 000,000,000 | ---D | C] -- C:\Users\Jan Svoboda\AppData\Roaming\Malwarebytes
[2010.03.17 14:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.03.14 14:49:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2010.03.14 14:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2010.03.14 14:49:28 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.03.14 14:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.03.12 17:04:22 | 000,000,000 | ---D | C] -- C:\Users\Jan Svoboda\AppData\Roaming\Opera
[2010.03.12 17:04:22 | 000,000,000 | ---D | C] -- C:\Users\Jan Svoboda\AppData\Local\Opera
[2010.03.12 17:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.03.12 15:58:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.03.12 15:57:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.12 07:21:59 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010.03.12 07:21:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010.03.06 12:57:12 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.03.06 12:57:12 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.02.26 15:05:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010.02.24 16:05:03 | 000,000,000 | ---D | C] -- C:\Users\Jan Svoboda\Documents\Venetica
[2010.02.24 15:33:01 | 000,000,000 | ---D | C] -- C:\Program Files\Venetica
[2010.02.24 13:38:55 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.02.24 13:38:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.24 13:38:38 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.02.24 13:38:38 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.02.24 13:38:32 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.02.24 13:38:31 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.02.24 13:38:31 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.02.24 13:38:30 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.02.24 13:38:29 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.02.24 13:38:29 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.02.24 13:38:29 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.02.24 13:38:28 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.02.24 13:38:27 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.02.24 13:38:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2008.01.31 19:27:04 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jan Svoboda\AppData\Roaming\pcouffin.sys
[23 C:\Users\Jan Svoboda\Documents\*.tmp files -> C:\Users\Jan Svoboda\Documents\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.03.24 15:10:07 | 005,767,168 | -HS- | M] () -- C:\Users\Jan Svoboda\NTUSER.DAT
[2010.03.24 14:45:20 | 000,032,768 | ---- | M] () -- C:\Users\Jan Svoboda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.24 14:32:58 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.03.24 14:32:48 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D3BCFB12-CB3B-472F-9F00-1BB3D1BD21C9}.job
[2010.03.24 14:30:39 | 000,035,465 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.03.24 14:30:38 | 000,035,465 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.03.24 14:30:31 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.24 14:30:31 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.24 14:30:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.24 14:30:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.24 14:30:17 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.23 20:38:09 | 000,524,288 | -HS- | M] () -- C:\Users\Jan Svoboda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.03.23 20:38:09 | 000,065,536 | -HS- | M] () -- C:\Users\Jan Svoboda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.03.23 20:38:05 | 002,598,225 | -H-- | M] () -- C:\Users\Jan Svoboda\AppData\Local\IconCache.db
[2010.03.22 21:24:40 | 000,001,118 | ---- | M] () -- C:\Users\Jan Svoboda\.drjava
[2010.03.22 16:47:27 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.03.22 16:47:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.03.18 16:04:05 | 000,000,000 | ---- | M] () -- C:\Users\Jan Svoboda\defogger_reenable
[2010.03.17 17:44:38 | 001,419,592 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.17 17:44:38 | 000,606,912 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.03.17 17:44:38 | 000,595,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.17 17:44:38 | 000,119,398 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.03.17 17:44:38 | 000,104,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.14 14:53:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010.03.14 14:49:42 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010.03.13 13:27:40 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.03.12 17:04:16 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.03.12 16:55:55 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.03.12 16:06:47 | 000,001,589 | ---- | M] () -- C:\Users\Public\Desktop\Výběr prohlížeče.lnk
[2010.03.10 15:36:34 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.03.04 19:54:24 | 000,524,288 | -HS- | M] () -- C:\Users\Jan Svoboda\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.02.26 15:33:15 | 000,000,144 | ---- | M] () -- C:\Windows\win.ini
[2010.02.26 15:17:38 | 000,000,019 | ---- | M] () -- C:\Users\Jan Svoboda\AppData\Roaming\mdbu.bin
[2010.02.26 14:52:16 | 000,001,670 | ---- | M] () -- C:\Users\Jan Svoboda\Desktop\CCleaner.lnk
[2010.02.25 10:21:28 | 000,120,104 | ---- | M] () -- C:\Users\Jan Svoboda\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.02.25 10:20:27 | 002,324,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.02.24 16:01:12 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\Venetica.lnk
[2010.02.24 10:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[23 C:\Users\Jan Svoboda\Documents\*.tmp files -> C:\Users\Jan Svoboda\Documents\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.22 16:34:55 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010.03.22 16:34:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.03.22 16:34:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.03.22 16:34:55 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.03.22 16:34:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.03.18 16:04:05 | 000,000,000 | ---- | C] () -- C:\Users\Jan Svoboda\defogger_reenable
[2010.03.14 14:53:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010.03.14 14:49:42 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2010.03.12 17:04:16 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.03.12 16:55:55 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.03.12 16:06:47 | 000,001,589 | ---- | C] () -- C:\Users\Public\Desktop\Výběr prohlížeče.lnk
[2010.03.09 19:46:33 | 732,719,104 | ---- | C] () -- C:\Users\Jan Svoboda\Desktop\Supervulkan.avi
[2010.02.26 15:05:02 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.02.24 16:01:12 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Venetica.lnk
[2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.11.26 16:15:15 | 000,035,465 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.11.26 16:07:12 | 000,035,465 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.10.20 19:48:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.03.06 18:20:40 | 000,000,671 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\vso_ts_preview.xml
[2009.03.05 16:35:09 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.06.09 15:55:18 | 000,000,019 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\mdbu.bin
[2008.05.14 15:28:53 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2008.03.30 14:30:12 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008.01.31 19:27:46 | 000,000,034 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\pcouffin.log
[2008.01.31 19:27:04 | 000,007,887 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\pcouffin.cat
[2008.01.31 19:27:04 | 000,001,144 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\pcouffin.inf
[2008.01.31 19:12:08 | 000,024,085 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\UserTile.png
[2008.01.22 19:17:46 | 000,003,013 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\mainhst.zgh
[2008.01.20 14:18:31 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008.01.11 18:21:25 | 000,000,235 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\devices.xml
[2008.01.11 18:21:25 | 000,000,012 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\settings.xml
[2008.01.11 18:05:33 | 000,000,764 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.01.10 17:37:32 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.01.09 18:35:24 | 000,000,009 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\mdb.bin
[2007.12.26 16:24:16 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2007.12.26 16:24:15 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2007.12.25 14:01:53 | 000,000,099 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Local\fusioncache.dat
[2007.12.25 13:56:25 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2007.12.25 13:56:25 | 000,022,328 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Roaming\PnkBstrK.sys
[2007.12.15 10:59:59 | 000,000,000 | ---- | C] () -- C:\Windows\MTSTACK.INI
[2007.12.15 09:55:23 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.12.15 09:55:23 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007.12.15 09:49:46 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.12.14 11:10:15 | 000,032,768 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.30 15:13:22 | 000,000,680 | ---- | C] () -- C:\Users\Jan Svoboda\AppData\Local\d3d9caps.dat
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.06.13 15:35:32 | 000,053,760 | ---- | C] () -- C:\Windows\System32\zlib.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: vir Alureon.B nelze odstranit

#33 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8

:Files
C:\Users\Jan Svoboda\Documents\*.tmp
C:\Windows\System32\*.tmp

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[REBOOT]
Poté klikněte na Run fix, PC se restartuje, log vložte sem.
Obrázek
Nahoru
swobi
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 17 bře 2010 17:05

Re: vir Alureon.B nelze odstranit

#34 Příspěvek od swobi »

All processes killed
========== OTL ==========
ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.
========== FILES ==========
C:\Users\Jan Svoboda\Documents\~WRL0160.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL0197.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL0326.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL0504.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL0532.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL0572.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL0632.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL1077.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL1357.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL1721.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL1876.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL1910.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL2295.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL2337.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL2458.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL2663.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL2767.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL2937.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL3056.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL3225.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL3289.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL3480.tmp moved successfully.
C:\Users\Jan Svoboda\Documents\~WRL3808.tmp moved successfully.
C:\Windows\System32\tmp204C.tmp moved successfully.
C:\Windows\System32\tmp20BA.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jan Svoboda
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 578547 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87767479 bytes
->Flash cache emptied: 1697 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18700 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 84,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Jan Svoboda
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb




OTL by OldTimer - Version 3.1.37.3 log created on 03242010_153428

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: vir Alureon.B nelze odstranit

#35 Příspěvek od Caroprd111 »

Obrázek Odinstalujte ComboFix přes:
Start >> Spustit, zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter


Obrázek Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
  • Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
  • Po použití program vymažte. Pozor,antiviry ho mohou falešně označit za vir.


Obrázek Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
  • Spusťte.
  • Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)


Obrázek Otevřete si Poznámkový blok a zkopírujte do něj text (z bílého políčka):

Kód: Vybrat vše

REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
Nyní uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek, klik na uložit, pak na soubor standardně 2X kliknete a potvrďte dialogové okno.



Obrázek Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
  • Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

    Obrázek Záložka Čistič
  • Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

    Obrázek Záložka Registry
  • Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
    Obrázek OK Obrázek Zavřít
Obrázek
Nahoru
swobi
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 17 bře 2010 17:05

Re: vir Alureon.B nelze odstranit

#36 Příspěvek od swobi »

jen maly dotaz nez se do toho vseho pustim, k cemu vsemu to je? a jeste mi unika na co je tam to yahoo toolbar
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: vir Alureon.B nelze odstranit

#37 Příspěvek od Caroprd111 »

Je to dočištění po použitých programech. Toolbar je tam k ničemu, právě proto píšu, abyste ho neinstaloval.
Obrázek
Nahoru
swobi
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 17 bře 2010 17:05

Re: vir Alureon.B nelze odstranit

#38 Příspěvek od swobi »

omlouvam se spatne jsem si to precetl moje chyba.. jinak vse porobehlo, jen Ccleaner uz jsem udelal vcera po dobehnuti antiviru kdyz jsem zjitil ze pc je city je nutne znovu??
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: vir Alureon.B nelze odstranit

#39 Příspěvek od Caroprd111 »

Znovu čistit nemusíte. :)
Obrázek
Nahoru
swobi
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 17 bře 2010 17:05

Re: vir Alureon.B nelze odstranit

#40 Příspěvek od swobi »

ok a uz je to teda vse a ciste??
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: vir Alureon.B nelze odstranit

#41 Příspěvek od Caroprd111 »

Podle mě máte čisto. :)
Obrázek
Nahoru
swobi
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 17 bře 2010 17:05

Re: vir Alureon.B nelze odstranit

#42 Příspěvek od swobi »

mockrat dekuji za vydatnou pomoc sam bych asi nezvladl uz jsem premyslel o OS coz se mi vubec nechtelo. Jeste jsem se chtel zeptat pry nejak uxistuje vytvorit si nejak ten obraz windowsu a ten pak nejak jen zpetne nainstalovat jiz s temi programy co chci atd jestli vite jak na to nebo jen jak udelat ten bod obnoveni kdyz se neco po...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: vir Alureon.B nelze odstranit

#43 Příspěvek od Caroprd111 »

Bod obnovení se vytvoří sám. Podívejte se sem: http://www.viry.cz/forum/viewforum.php?f=46
Obrázek
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“