OTL logfile created on: 17.6.2010 22:51:45 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\ADMIN1\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
478,00 Mb Total Physical Memory | 117,00 Mb Available Physical Memory | 24,00% Memory free
737,00 Mb Paging File | 344,00 Mb Available in Paging File | 47,00% Paging File free
Paging file location(s): C:\pagefile.sys 336 672 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 15,95 Gb Free Space | 42,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ADMIN1-B440DBDE
Current User Name: ADMIN1
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.17 22:50:32 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN1\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.04 22:06:30 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.12.22 10:42:52 | 003,216,664 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
PRC - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.03 21:06:26 | 000,121,392 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2008.03.03 21:06:12 | 000,150,064 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2008.03.03 21:06:10 | 000,109,104 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe
PRC - [2007.03.23 11:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
PRC - [2006.11.13 16:50:20 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006.11.13 16:50:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
========== Modules (SafeList) ==========
MOD - [2010.06.17 22:50:32 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN1\Dokumenty\Stažené soubory\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2009.09.03 14:48:36 | 000,355,584 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.06.30 11:41:58 | 000,022,528 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.03.03 21:06:26 | 000,121,392 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2008.03.03 21:06:12 | 000,150,064 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2008.03.03 21:06:10 | 000,109,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2007.03.23 11:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2)
========== Driver Services (SafeList) ==========
DRV - [2010.05.30 13:33:42 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys.28992841 -- (sptd)
DRV - [2009.12.15 15:41:30 | 000,268,912 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2009.12.10 21:12:16 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.18 23:45:08 | 000,055,208 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2009.11.10 15:54:18 | 000,095,568 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2009.05.11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008.03.03 21:06:38 | 000,034,864 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2008.03.03 21:06:36 | 000,925,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2008.03.03 21:06:34 | 000,025,136 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2008.03.03 21:06:32 | 000,020,912 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2008.03.03 20:12:22 | 000,028,592 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2008.03.03 20:12:22 | 000,016,816 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2007.03.23 11:03:00 | 000,018,480 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2)
DRV - [2007.01.31 15:33:46 | 000,005,632 | ---- | M] (GRISOFT, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\avgarkt.sys -- (AVG Anti-Rootkit)
DRV - [2007.01.18 14:00:28 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AvgArCln.sys -- (AvgArCln)
DRV - [2004.12.29 09:34:10 | 000,167,424 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2004.06.28 14:03:42 | 000,276,480 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA)
DRV - [2004.06.28 14:03:02 | 000,292,864 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD)
DRV - [2004.04.14 07:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004.03.10 10:40:00 | 000,199,552 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004.03.10 10:37:00 | 000,682,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004.03.10 10:35:00 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003.06.06 11:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2002.12.11 17:03:36 | 000,091,392 | ---- | M] (ATMEL) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fvnetd51.sys -- (SMC_WinXP_PCMCIAFVNETR_(SMCD)(R)) SMC_WinXP_PCMCIAFVNETR_(SMCD)(R) Service for SMC EZ Connect Wireless PC Card(SMC2632W)
DRV - [2002.05.02 12:52:22 | 000,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.seznam.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "
http://search.conduit.com/ResultsExt.as ... ource=3&q="
FF - prefs.js..browser.startup.homepage: "
http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..network.proxy.no_proxies_on: "microweb"
FF - user.js..browser.search.openintab: false
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.16 15:16:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.25 21:36:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.04.13 11:23:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2009.09.02 00:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN1\Data aplikací\Mozilla\Extensions
[2010.06.17 13:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\extensions
[2010.04.28 21:04:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.23 22:46:27 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010.04.28 21:04:53 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.02.23 22:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\extensions\
noia2_option@kk.noia
[2010.06.17 13:38:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.25 21:36:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.25 21:35:47 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.16 23:44:48 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.16 23:44:48 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.16 23:44:48 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.16 23:44:49 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.16 23:44:49 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.06.09 19:02:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} Reg Error: Value error. (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ADMIN1\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ADMIN1\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.25 12:37:14 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.17 16:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\CDCheck
[2010.06.17 14:07:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.06.17 13:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN1\Plocha\Nová složka22
[2010.06.16 21:06:19 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.06.10 20:24:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\ADMIN1\UserData
[2010.06.08 22:44:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.06.08 20:47:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.06.08 20:47:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.06.08 20:47:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.06.08 20:47:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.06.08 20:42:16 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.06.08 20:42:15 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.06.08 20:42:13 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.06.08 20:41:44 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2010.06.08 20:41:43 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2010.06.08 20:41:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.06.08 20:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.06.08 20:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.06 17:26:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ADMIN1\Recent
[2010.06.06 16:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.06.06 16:11:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN1\Application Data
[2010.05.30 14:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN1\Data aplikací\Digital Red
[2010.05.30 13:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Red
[2010.05.30 13:33:39 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.28992841
[2010.05.30 13:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.05.30 13:32:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN1\Data aplikací\DAEMON Tools Lite
[2010.05.30 13:32:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
========== Files - Modified Within 30 Days ==========
[2010.06.17 21:28:19 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\ADMIN1\NTUSER.DAT
[2010.06.17 16:53:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.17 16:53:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.17 16:49:43 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ADMIN1\ntuser.ini
[2010.06.17 16:00:52 | 000,001,538 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\CDCheck.lnk
[2010.06.17 13:27:15 | 000,000,122 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\config.ini
[2010.06.17 13:22:29 | 000,071,192 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.16 20:33:15 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.16 15:33:47 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.15 22:38:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.10 20:52:28 | 000,000,179 | ---- | M] () -- C:\WINDOWS\registr_prospechu.ini
[2010.06.10 20:33:05 | 000,048,501 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\darovaci_smlouva_nemovitost3.rtf
[2010.06.10 20:31:04 | 000,012,126 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\DAR smlouva.docx
[2010.06.10 20:26:17 | 000,034,816 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\darovaci__smlouva_nemovitost1.doc
[2010.06.10 20:24:46 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\darovaci_smlouva_na_nemovitost.doc
[2010.06.09 19:02:27 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.09 19:02:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.08 23:17:21 | 001,580,676 | -H-- | M] () -- C:\Documents and Settings\ADMIN1\Local Settings\Data aplikací\IconCache.db
[2010.06.08 22:32:00 | 000,000,241 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Dokumenty\pinfect.zip
[2010.06.08 21:01:39 | 005,937,990 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2010.06.08 20:47:46 | 000,000,056 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.06.08 20:42:15 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2010.06.08 20:42:14 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2010.06.08 20:42:12 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.06.06 17:16:53 | 000,016,217 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\PrezencniListina.docx
[2010.06.06 17:14:58 | 000,018,666 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\ZaznamHlasovani.docx
[2010.05.30 13:33:44 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.05.30 13:33:42 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.28992841
[2010.05.30 13:16:17 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2010.05.30 13:16:17 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2010.05.30 13:09:01 | 000,624,183 | ---- | M] () -- C:\Documents and Settings\ADMIN1\Plocha\Upgrading from Windows Vista to Windows 7.pdf
========== Files Created - No Company Name ==========
[2010.06.17 16:00:52 | 000,001,538 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\CDCheck.lnk
[2010.06.17 13:50:34 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\gmer.exe
[2010.06.17 13:26:49 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\config.ini
[2010.06.17 13:26:42 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\Dropresize.exe
[2010.06.10 20:33:04 | 000,048,501 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\darovaci_smlouva_nemovitost3.rtf
[2010.06.10 20:29:18 | 000,012,126 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\DAR smlouva.docx
[2010.06.10 20:26:16 | 000,034,816 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\darovaci__smlouva_nemovitost1.doc
[2010.06.10 20:24:44 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\darovaci_smlouva_na_nemovitost.doc
[2010.06.08 22:45:05 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.06.08 22:32:00 | 000,000,241 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Dokumenty\pinfect.zip
[2010.06.08 20:57:51 | 005,937,990 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2010.06.08 20:44:25 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.06.08 20:42:13 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.05.30 15:32:42 | 000,018,666 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\ZaznamHlasovani.docx
[2010.05.30 15:32:02 | 000,016,217 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\PrezencniListina.docx
[2010.05.30 13:33:44 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2010.05.30 13:10:57 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2010.05.30 13:10:57 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2010.05.30 13:09:01 | 000,624,183 | ---- | C] () -- C:\Documents and Settings\ADMIN1\Plocha\Upgrading from Windows Vista to Windows 7.pdf
[2010.04.26 22:07:16 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2010.03.18 21:27:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\swunilog.ini
[2010.03.12 00:57:35 | 000,000,179 | ---- | C] () -- C:\WINDOWS\registr_prospechu.ini
[2010.01.28 17:07:43 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.01.28 17:07:41 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.01.28 17:07:35 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.01.28 17:07:35 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.01.28 17:07:27 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.01.28 17:07:27 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.01.27 00:14:28 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2010.01.21 23:29:53 | 000,103,424 | ---- | C] () -- C:\WINDOWS\System32\DCLibrary_nat.dll
[2010.01.18 20:27:41 | 000,268,912 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys
[2009.11.22 00:32:46 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Player.INI
[2009.11.06 01:25:34 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009.11.06 01:25:06 | 000,006,211 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009.09.10 01:50:30 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
< End of report >
stáhněte a spusťte T-Cleaner ke stažení zde http://sweb.cz/Marinus/T-Cleaner.exe , uklidí po programech, které jsme použili
Přispějete na provoz fóra?