Rogue.Pallidium

[stell]

premenuj ikonu combofixu na khonsun.com
a spust, vypnut firewall a AV

[khonsun]

Combofix stazen, prejmenovan na khonsun.com, vse vypnuto krome pripojeni k inetu, Combofix najede, vytvori si bod obnoveni, zacne skenovat a po 3 min se sekne. Po pul hodine tvrdy restart, win najedou, bod obnoveni po Combofixu je tam kde ma byt. O co se to sprajcne nevim.
Ted kdyz je Combofix stazen mohl bych prejit do nouzaku a zkusit sken Combofixem v nouzaku /pokud nepotrebuje byt pripojen k inetu/. Jakou velikost ma Combofix /pro kontrolu, jestli je stazen cely/?

[stell]

nechaj tak, combofix, nema rad tvoju masinu.
Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
do okna >vloz zeleny text a klik Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt a Extras.txt

Kód: Vybrat vše

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90

[khonsun]

Pred tim bych asi mel odinstal ten Combofix. Jak? Nyni se jmenuje: khonsun.com. Nebo ho mam nechat?

[stell]

premenuj na uninstall
a spust

[khonsun]

uniinstall, uninstall.com, uninstall.exe?

[stell]

to je jedno,

[khonsun]

OTL logfile created on: 6.1.2011 13:52:07 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\SwStazen
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 517,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 34,66 Gb Free Space | 62,01% Space Free | Partition Type: NTFS
Drive E: | 12,13 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: COMPAQ | User Name: Khonsun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.06 13:48:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\SwStazen\OTL.exe
PRC - [2010.12.21 13:04:30 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2010.12.13 15:48:46 | 000,816,736 | ---- | M] ( ) -- C:\Program Files\Miranda IM\miranda32.exe
PRC - [2010.12.11 08:52:57 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.07.24 08:51:16 | 004,334,272 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2010.03.31 00:31:23 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.03.02 04:07:04 | 012,080,424 | ---- | M] (EIZO NANAO CORPORATION) -- C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
PRC - [2008.07.23 03:11:10 | 001,496,312 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.06.19 10:23:58 | 001,871,872 | ---- | M] (LW-WORKS Software) -- C:\Program Files\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe
PRC - [2006.09.16 14:01:16 | 001,666,048 | ---- | M] (Renier Crause) -- C:\Program Files\PopTray\PopTray.exe
PRC - [2005.04.27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2004.10.14 08:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003.12.01 14:27:48 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
PRC - [2003.04.26 21:51:34 | 000,880,128 | ---- | M] (Pavel Chmelař) -- C:\Program Files\SmartClock\SmartClock.exe
PRC - [2002.09.20 13:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2011.01.06 13:48:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\SwStazen\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.03.31 00:31:24 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2007.06.18 10:47:26 | 000,007,168 | ---- | M] () -- C:\Program Files\LW-WORKS Software\Clipboard Recorder\cbhelper.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.12.21 13:04:30 | 000,987,704 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010.12.21 13:04:30 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010.03.31 00:31:23 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007.09.04 11:59:36 | 000,410,904 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007.03.28 18:42:42 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2005.04.27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2004.08.10 23:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\Program Files\Windows Media Connect\mswmccds.exe -- (WmcCds) Windows Media Connect (WMC)
SRV - [2004.08.10 20:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs) Podpora programu Windows Media Connect (WMC)
SRV - [2003.12.01 14:27:48 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)
SRV - [2002.10.16 21:56:00 | 000,176,128 | ---- | M] (Executive Software International, Inc.) [On_Demand | Stopped] -- C:\Program Files\Executive Software\DiskeeperLite\DKService.exe -- (Diskeeper)
SRV - [2002.09.20 13:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.sys -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASENUM.SYS -- (SASENUM)
DRV - File not found [Kernel | System | Stopped] -- C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys -- (BOCDRIVE)
DRV - [2010.09.01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.03.31 00:31:24 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010.03.31 00:31:24 | 000,087,104 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010.03.31 00:31:24 | 000,025,160 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.03.09 03:52:44 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.12.18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.10.22 15:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009.10.22 15:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009.10.12 14:21:54 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.09.15 11:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 11:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 11:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.05.05 23:03:22 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.04.23 05:23:41 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008.12.04 13:24:55 | 000,400,864 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008.12.04 13:24:55 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008.12.04 13:24:46 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008.07.30 02:43:06 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.07.30 02:43:06 | 000,024,448 | R--- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007.09.25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder Audio Edition\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007.07.26 00:44:28 | 002,210,048 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2007.06.12 12:15:10 | 000,051,040 | R--- | M] (IPWireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipw3gnet.sys -- (IpwP)
DRV - [2007.02.27 13:31:28 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007.01.13 09:33:18 | 005,672,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.04.07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2005.11.18 17:29:38 | 010,192,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2005.10.11 12:30:28 | 000,110,080 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2005.09.08 00:18:54 | 000,009,728 | R--- | M] (Gemfor s.r.o.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ethpdrv.sys -- (Ethpdrv)
DRV - [2005.08.16 10:43:14 | 000,401,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2005.08.16 10:40:48 | 001,341,466 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2005.08.16 10:38:56 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2005.08.16 10:38:50 | 000,030,189 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2005.08.16 10:38:22 | 000,056,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005.08.16 10:35:36 | 000,148,040 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2005.06.20 12:33:18 | 000,190,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005.04.27 10:31:50 | 000,999,808 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVHybrid.sys -- (AVHybrid)
DRV - [2005.04.04 17:25:36 | 000,160,768 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.01.28 18:31:08 | 000,266,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtwl5.SYS -- (GT43XX)
DRV - [2005.01.28 18:30:56 | 000,021,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGSC.sys -- (OptionWWSC)
DRV - [2005.01.28 18:30:42 | 000,052,864 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDGNet.sys -- (GTEDGWWNIC)
DRV - [2005.01.28 18:30:34 | 000,107,904 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTEDG.sys -- (GTEDGWModem)
DRV - [2004.11.22 12:33:52 | 000,190,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004.08.24 12:20:08 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004.06.16 10:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004.06.15 15:28:14 | 000,173,056 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM4.sys -- (odysseyIM4)
DRV - [2004.05.03 18:26:16 | 000,080,384 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21)
DRV - [2004.04.14 06:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004.02.20 09:35:28 | 000,059,044 | R--- | M] (Hewlett-Packard) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\ClntMgmt.sys -- (ClntMgmt.sys)
DRV - [2003.06.06 10:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2002.08.14 14:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001.08.17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2000.09.14 14:42:26 | 000,005,460 | ---- | M] (Elaborate Bytes) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.order.2: "Google"
FF - prefs.js..browser.search.order.3: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://tv.sms.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.12
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.2
FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.95.20100933
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.29 15:34:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 08:53:04 | 000,000,000 | ---D | M]

[2009.04.30 10:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Extensions
[2009.04.30 10:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Extensions\MediaCoder
[2011.01.06 09:02:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions
[2010.07.21 10:49:29 | 000,000,000 | ---D | M] (Screengrab) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010.07.21 10:49:29 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(2)
[2010.07.21 10:49:29 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}(3)
[2010.08.27 21:31:28 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2010.07.21 10:49:30 | 000,000,000 | ---D | M] (WindowsUpdate) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2b}
[2010.10.30 00:45:49 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.07.21 10:49:31 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2)
[2010.07.21 10:49:31 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}(2)
[2010.07.21 10:49:31 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}(2)
[2010.08.27 21:31:26 | 000,000,000 | ---D | M] (gTranslate) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2010.09.15 10:35:22 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2010.12.29 16:54:54 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.21 11:39:25 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.07.21 10:49:33 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}(2)
[2010.07.13 13:39:36 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.09.30 19:55:31 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\foxmarks@kei.com
[2010.11.26 15:44:21 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\ietab@ip.cn
[2010.11.26 15:44:33 | 000,000,000 | ---D | M] (FastestFox) -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\extensions\smarterwiki@wikiatic.com
[2010.04.15 06:53:22 | 000,011,124 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\firmyvyberemecz.xml
[2007.01.02 22:03:44 | 000,001,293 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\mapy-cz.xml
[2006.07.03 20:46:16 | 000,000,436 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\seznam-cz.png
[2007.01.02 22:03:44 | 000,001,349 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\seznam-encyklopedie.xml
[2007.01.02 22:03:44 | 000,001,462 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\seznam-slovnik-czen.xml
[2007.01.02 22:03:44 | 000,001,478 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\seznam-slovnik-encz.xml
[2007.01.02 22:03:44 | 000,001,335 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\seznam-zbozi.xml
[2010.12.31 21:28:40 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Khonsun\Data aplikací\Mozilla\Firefox\Profiles\7vvs3la1.default\searchplugins\slovnik-cizich-slovnet.xml
[2011.01.05 07:54:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.30 11:24:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{02450954-CDD9-410F-B1DA-DB804E18C671}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{35106BCA-6C78-48C7-AC28-56DF30B51D2B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{AFF87FA2-A58E-4EDD-B852-0A20203C1E17}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\FOXMARKS@KEI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\IETAB@IP.CN
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KHONSUN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\7VVS3LA1.DEFAULT\EXTENSIONS\SMARTERWIKI@WIKIATIC.COM
[2010.06.29 17:14:47 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
[2010.12.30 11:24:09 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.12.30 11:24:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.11.08 01:47:23 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2007.03.05 12:59:06 | 000,645,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2010.08.25 01:24:47 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.08.25 01:24:47 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.08.25 01:24:47 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.08.25 01:24:47 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.08.25 01:24:47 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.12 16:14:07 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\WEBIE.DLL ()
O3 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\..\Toolbar\WebBrowser: (no name) - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ScreenManager Pro for LCD] C:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe (EIZO NANAO CORPORATION)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005..\Run: [Clipboard Recorder] C:\Program Files\LW-WORKS Software\Clipboard Recorder\clipboard_recorder.exe (LW-WORKS Software)
O4 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005..\Run: [SmartClock] C:\Program Files\SmartClock\SmartClock.exe (Pavel Chmelař)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\WEBIE.DLL ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 0606052250 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0605929406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.30 15:35:56 | 000,022,256 | R--- | M] (Gemfor s.r.o.) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003.09.17 15:06:36 | 000,025,214 | R--- | M] () - E:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2008.07.30 15:59:44 | 000,000,238 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[khonsun]

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Translate Client.lnk - Reg Error: Value error. - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vykreslování vektorové grafiky (VML)
ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Aktualizace zabezpečení systému Windows XP (KB913433)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Datové vazby jazyka DHTML pro jazyk Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Vylepšené vytváření obsahu
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Třídy DirectAnimation jazyka Java
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {7F947BFE-C2DF-4779-9909-5BEE746BD0C4} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A2C9CD1B-2551-3AED-B244-6698FB929FA6} - .NET Framework
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Plánovač úloh
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.01.06 11:00:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.01.06 01:14:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Khonsun\Recent
[2011.01.05 22:56:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011.01.05 07:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Khonsun\Local Settings\Data aplikací\Secunia PSI
[2011.01.05 06:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2010.12.30 11:24:31 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.12.30 11:24:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.12.30 11:24:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.12.30 11:24:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.12.30 11:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.12.08 00:26:24 | 000,621,056 | R--- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2010.12.08 00:26:24 | 000,103,168 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbfake.sys
[2010.12.08 00:26:24 | 000,101,120 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010.12.08 00:26:24 | 000,100,992 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2010.12.08 00:26:24 | 000,024,448 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2007.04.27 16:24:19 | 000,225,350 | ---- | C] ( ) -- C:\WINDOWS\rsnp2std.dll
[2007.04.27 16:24:19 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2007.01.30 09:58:40 | 000,376,832 | ---- | C] (PebeSoft) -- C:\Program Files\uninstall.exe
[2006.10.11 12:00:56 | 000,246,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UNICOWS.DLL
[2006.10.11 12:00:53 | 000,212,992 | ---- | C] (Polar) -- C:\Program Files\POLSPELL.DLL
[2006.10.11 12:00:53 | 000,155,648 | ---- | C] (POLAR) -- C:\Program Files\AutoCorrectDLL.DLL
[2006.10.11 12:00:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ATL.DLL
[2006.10.11 12:00:33 | 000,790,528 | ---- | C] (Mgr. Tomáš Radil - METEOR Software, Budovatelská 4793, Zlín 760 05) -- C:\Program Files\WEBTRAN4.EXE
[2006.10.11 12:00:25 | 000,174,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\RICHED32.DLL
[2006.10.11 12:00:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WRITE32.WPC
[2006.10.11 12:00:24 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MSWD6_32.WPC
[2006.10.11 12:00:23 | 000,524,288 | ---- | C] (Sequiter Software Inc.) -- C:\Program Files\C4DLL320.DLL

========== Files - Modified Within 30 Days ==========

[2011.01.06 11:31:35 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.06 11:30:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.06 01:14:46 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2011.01.05 23:38:42 | 000,002,511 | ---- | M] () -- C:\Documents and Settings\Khonsun\Plocha\Diskeeper Lite.lnk
[2011.01.05 23:35:09 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\Khonsun\Plocha\Translate.lnk
[2011.01.05 23:19:40 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\Khonsun\Plocha\JavaRa.lnk
[2011.01.05 23:03:52 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2011.01.05 07:10:41 | 000,002,112 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2011.01.03 18:51:58 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\YouTube Downloader.lnk
[2011.01.03 16:11:29 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.12.31 11:50:22 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\Khonsun\Plocha\CCleaner.lnk
[2010.12.30 11:24:03 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.12.30 11:24:03 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.12.30 11:24:03 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.12.30 11:24:03 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.12.30 11:23:41 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.12.30 09:42:49 | 000,000,608 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.12.29 14:01:04 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Khonsun\.recently-used.xbel
[2010.12.26 20:16:57 | 000,004,221 | ---- | M] () -- C:\Documents and Settings\Khonsun\intlname.ols
[2010.12.26 19:23:11 | 038,079,846 | ---- | M] () -- C:\Program Files\ANCS.DBF
[2010.12.26 19:20:32 | 000,004,608 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.12.23 14:47:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.13 22:56:00 | 000,002,459 | ---- | M] () -- C:\Documents and Settings\Khonsun\Plocha\ABBYY FineReader 6.0 Sprint.lnk
[2010.12.08 00:30:39 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Web'n'walk Manager.lnk

========== Files Created - No Company Name ==========

[2011.01.05 23:35:09 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\Khonsun\Plocha\Translate.lnk
[2011.01.05 23:19:40 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\Khonsun\Plocha\JavaRa.lnk
[2010.12.31 11:50:22 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\Khonsun\Plocha\CCleaner.lnk
[2010.12.29 14:01:04 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Khonsun\.recently-used.xbel
[2010.12.08 00:30:39 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Web'n'walk Manager.lnk
[2010.08.18 16:01:27 | 000,079,696 | ---- | C] () -- C:\Program Files\zlib.dll
[2010.05.29 11:06:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2010.04.03 00:06:29 | 000,002,799 | ---- | C] () -- C:\WINDOWS\SKLANG.INI
[2010.03.31 01:04:08 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009.08.11 18:05:32 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\Khonsun\Data aplikací\fiosignzdenek.key
[2009.02.04 21:30:01 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.07.18 13:43:02 | 000,000,120 | ---- | C] () -- C:\WINDOWS\PbkUser.INI
[2008.05.30 14:42:10 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.05.30 14:42:10 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.05.30 14:42:10 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.05.30 14:42:09 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008.05.30 14:42:09 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008.05.26 21:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.03.16 18:19:49 | 000,139,008 | ---- | C] () -- C:\WINDOWS\System32\guard32(2).dll
[2008.03.01 19:43:27 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.01.24 20:07:54 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2008.01.24 19:04:57 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008.01.24 19:03:34 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE V200 Ex.ini
[2007.11.14 11:49:17 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\OdiOlDVR.dll
[2007.11.14 11:49:17 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\OdiAPI.dll
[2007.11.03 17:47:24 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Khonsun\Data aplikací\.rnd
[2007.10.30 12:48:16 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.04.27 16:24:23 | 010,192,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2007.04.14 21:12:56 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2007.04.12 10:40:03 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007.04.12 10:38:52 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007.04.12 10:34:47 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.01.30 09:58:36 | 000,000,060 | ---- | C] () -- C:\Program Files\characters.dia
[2006.12.27 18:45:12 | 000,001,207 | ---- | C] () -- C:\WINDOWS\disney.ini
[2006.12.21 14:26:46 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Khonsun\Data aplikací\$_hpcst$.hpc
[2006.12.13 14:30:32 | 000,005,333 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2006.10.12 07:44:24 | 000,001,008 | ---- | C] () -- C:\WINDOWS\SETUPWEB.INI
[2006.10.11 12:07:24 | 000,319,488 | ---- | C] () -- C:\Program Files\WEBIE.DLL
[2006.10.11 12:07:23 | 001,388,544 | ---- | C] () -- C:\Program Files\TRNCOM.DLL
[2006.10.11 12:05:40 | 000,000,038 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2006.10.11 12:05:31 | 005,886,976 | ---- | C] () -- C:\Program Files\CSAN.CDX
[2006.10.11 12:05:27 | 005,589,504 | ---- | C] () -- C:\Program Files\ANCS.CDX
[2006.10.11 12:05:25 | 001,695,312 | ---- | C] () -- C:\Program Files\ANCS2.DBF
[2006.10.11 12:05:02 | 038,079,846 | ---- | C] () -- C:\Program Files\ANCS.DBF
[2006.10.11 12:03:40 | 050,084,612 | ---- | C] () -- C:\Program Files\A4.CMP
[2006.10.11 12:03:17 | 070,065,564 | ---- | C] () -- C:\Program Files\A3.CMP
[2006.10.11 12:02:52 | 069,849,753 | ---- | C] () -- C:\Program Files\A2.CMP
[2006.10.11 12:02:19 | 080,825,424 | ---- | C] () -- C:\Program Files\A1.CMP
[2006.10.11 12:01:45 | 073,778,374 | ---- | C] () -- C:\Program Files\A0.CMP
[2006.10.11 12:01:44 | 000,365,568 | ---- | C] () -- C:\Program Files\READERA.CDX
[2006.10.11 12:01:37 | 001,912,405 | ---- | C] () -- C:\Program Files\READERA.DBF
[2006.10.11 12:01:03 | 000,007,126 | ---- | C] () -- C:\Program Files\CORRECT.PJS
[2006.10.11 12:01:02 | 000,001,262 | ---- | C] () -- C:\Program Files\RUCS.CET
[2006.10.11 12:01:01 | 000,001,514 | ---- | C] () -- C:\Program Files\SPCS.CET
[2006.10.11 12:01:01 | 000,001,286 | ---- | C] () -- C:\Program Files\FRCS.CET
[2006.10.11 12:01:01 | 000,001,253 | ---- | C] () -- C:\Program Files\ITCS.CET
[2006.10.11 12:01:00 | 000,001,358 | ---- | C] () -- C:\Program Files\GRCS.CET
[2006.10.11 12:01:00 | 000,001,170 | ---- | C] () -- C:\Program Files\ANCS.CET
[2006.10.11 12:00:59 | 000,467,765 | ---- | C] () -- C:\Program Files\NAME.DBF
[2006.10.11 12:00:59 | 000,397,312 | ---- | C] () -- C:\Program Files\NAME.CDX
[2006.10.11 12:00:58 | 000,003,352 | ---- | C] () -- C:\Program Files\CORRECTF.AN
[2006.10.11 12:00:58 | 000,000,457 | ---- | C] () -- C:\Program Files\CORRECTX.AN
[2006.10.11 12:00:56 | 000,000,608 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2006.10.11 12:00:55 | 001,513,491 | ---- | C] () -- C:\Program Files\CZCS.DIC
[2006.10.11 12:00:54 | 001,030,343 | ---- | C] () -- C:\Program Files\ANCS.DIC
[2006.10.11 12:00:52 | 000,375,774 | ---- | C] () -- C:\Program Files\TRNIKONY.BMP
[2006.10.11 12:00:52 | 000,375,774 | ---- | C] () -- C:\Program Files\SETUPWEB.BMP
[2006.10.11 12:00:52 | 000,036,864 | ---- | C] () -- C:\Program Files\REG.EXE
[2006.10.11 12:00:51 | 000,319,488 | ---- | C] () -- C:\Program Files\WEBIE.DL_
[2006.10.11 12:00:50 | 001,388,544 | ---- | C] () -- C:\Program Files\TRNCOM.DL_
[2006.10.11 12:00:49 | 000,249,856 | ---- | C] () -- C:\Program Files\CLIPDLL.DLL
[2006.10.11 12:00:48 | 000,335,872 | ---- | C] () -- C:\Program Files\SETUPWEB.EXE
[2006.10.11 12:00:48 | 000,001,008 | ---- | C] () -- C:\Program Files\SETUPWEB.IST
[2006.10.11 12:00:47 | 000,270,336 | ---- | C] () -- C:\Program Files\TRNIKONY.EXE
[2006.10.11 12:00:47 | 000,000,654 | ---- | C] () -- C:\Program Files\TRNIKONY.IST
[2006.10.11 12:00:46 | 000,499,878 | ---- | C] () -- C:\Program Files\WINTRAN.DCZ
[2006.10.11 12:00:45 | 000,688,128 | ---- | C] () -- C:\Program Files\CZL4.CDX
[2006.10.11 12:00:44 | 000,711,803 | ---- | C] () -- C:\Program Files\CZL4.DBF
[2006.10.11 12:00:41 | 004,075,520 | ---- | C] () -- C:\Program Files\COR4AN.CDX
[2006.10.11 12:00:39 | 003,698,738 | ---- | C] () -- C:\Program Files\COR4AN.DBF
[2006.10.11 12:00:38 | 000,884,706 | ---- | C] () -- C:\Program Files\PRONAN.DAT
[2006.10.11 12:00:37 | 000,923,648 | ---- | C] () -- C:\Program Files\PRONAN.CDX
[2006.10.11 12:00:35 | 003,465,911 | ---- | C] () -- C:\Program Files\PRONAN.DBF
[2006.10.11 12:00:34 | 000,000,666 | ---- | C] () -- C:\WINDOWS\WEBTRAN4.INI
[2006.10.11 12:00:34 | 000,000,666 | ---- | C] () -- C:\Program Files\WEBTRAN4.CFG
[2006.10.11 12:00:34 | 000,000,005 | ---- | C] () -- C:\Program Files\WEBTRAN4.WFL
[2006.10.11 12:00:33 | 000,013,022 | ---- | C] () -- C:\Program Files\ANCS.GRM
[2006.10.11 12:00:31 | 001,381,236 | ---- | C] () -- C:\Program Files\CSAN.TCX
[2006.10.11 12:00:26 | 009,759,612 | ---- | C] () -- C:\Program Files\ANCS.TCX
[2006.10.11 12:00:22 | 000,004,608 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2006.10.11 12:00:22 | 000,002,112 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2006.10.11 12:00:20 | 001,003,520 | ---- | C] () -- C:\Program Files\WDICT32.EXE
[2006.10.11 12:00:20 | 000,671,744 | ---- | C] () -- C:\Program Files\WTRDCTM.EXE
[2006.10.11 12:00:18 | 002,170,880 | ---- | C] () -- C:\Program Files\WTRAN32.EXE
[2006.10.11 12:00:18 | 000,112,522 | ---- | C] () -- C:\Program Files\CORRECT.CS0
[2006.10.11 12:00:18 | 000,002,825 | ---- | C] () -- C:\Program Files\CORRECT.AN0
[2006.10.11 12:00:17 | 000,019,190 | ---- | C] () -- C:\Program Files\CORRECT.CZA
[2006.10.11 12:00:17 | 000,017,890 | ---- | C] () -- C:\Program Files\CORRECT.CS
[2006.10.11 12:00:17 | 000,004,261 | ---- | C] () -- C:\Program Files\CORRECT.AN
[2006.10.11 12:00:16 | 000,004,215 | ---- | C] () -- C:\Program Files\WTRAN32.CFG
[2006.10.11 12:00:16 | 000,001,038 | ---- | C] () -- C:\Program Files\WDICT32.CFG
[2006.10.11 12:00:16 | 000,000,682 | ---- | C] () -- C:\Program Files\SLOZENI.DTA
[2006.10.11 12:00:13 | 000,032,109 | ---- | C] () -- C:\Program Files\APPEND.DTA
[2006.09.26 22:13:45 | 000,000,051 | -H-- | C] () -- C:\WINDOWS\System32\CA23042B-0876-4abc-9D76-29DCE1E858CC.dll
[2006.09.12 20:32:38 | 000,000,673 | ---- | C] () -- C:\Program Files\Recent.INI
[2006.08.24 09:44:46 | 000,000,703 | ---- | C] () -- C:\WINDOWS\WTRDICT.INI
[2006.08.24 09:42:20 | 000,001,278 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2006.08.20 21:49:17 | 000,000,861 | ---- | C] () -- C:\Program Files\PenezniDenik.ini
[2006.08.14 19:31:33 | 000,000,446 | -H-- | C] () -- C:\Documents and Settings\Khonsun\Data aplikací\xpy.ini
[2006.07.16 12:48:27 | 000,000,593 | ---- | C] () -- C:\WINDOWS\poradce_0411.ini
[2006.07.15 08:55:58 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\Khonsun\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.07.10 15:00:57 | 000,003,247 | ---- | C] () -- C:\Documents and Settings\Khonsun\Data aplikací\QuickZip45.ini
[2006.06.27 12:22:00 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006.06.26 21:52:26 | 000,000,245 | ---- | C] () -- C:\WINDOWS\mailheaders.ini
[2006.06.24 22:26:02 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\fusioncache.dat
[2006.06.19 07:24:20 | 000,040,571 | ---- | C] () -- C:\Documents and Settings\Khonsun\Local Settings\Data aplikací\FASTWiz.log
[2006.06.08 17:37:40 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE P242580EF.ini
[2006.06.08 16:03:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2006.06.08 16:03:08 | 000,999,808 | R--- | C] () -- C:\WINDOWS\System32\drivers\AVHybrid.sys
[2006.06.08 16:03:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006.06.07 23:07:57 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2006.06.07 22:58:20 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.06.07 18:53:24 | 000,000,504 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.06.07 13:17:28 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Khonsun\Local Settings\Data aplikací\fusioncache.dat
[2006.06.07 13:00:34 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.06.07 13:00:34 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.06.07 13:00:34 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.06.07 13:00:34 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.06.07 13:00:34 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.06.07 13:00:34 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.01.08 15:53:24 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\hash2.dll
[2005.09.29 23:07:03 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.09.29 22:59:55 | 000,029,516 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.08.16 10:45:36 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004.09.08 10:12:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004.09.08 09:57:00 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.06.01 10:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2004.01.13 20:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2008.01.11 18:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2009.11.01 10:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2008.01.18 19:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FreeDownloadManager.ORG
[2010.05.23 20:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Innovative Solutions
[2006.06.17 09:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Locktime
[2008.01.11 15:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MobilityManager
[2007.04.12 10:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2008.12.04 13:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Seagate
[2009.05.06 10:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Softland
[2009.05.31 16:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2007.11.14 11:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.08.26 16:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\avidemux
[2010.10.21 15:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\BatteryBar
[2010.02.19 23:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Broad Intelligence
[2007.10.30 09:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\clipboard_recorder
[2010.08.24 22:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\DeepBurner
[2008.01.24 20:08:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\EPSON
[2007.11.04 07:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\FIO
[2009.10.03 11:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Foxit
[2009.11.12 11:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Foxit Software
[2011.01.06 13:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Free Download Manager
[2007.08.21 21:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\GetRightToGo
[2010.08.09 22:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\gtk-2.0
[2007.03.12 22:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\InterVideo
[2010.10.30 11:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Jpeg Resampler
[2010.09.22 23:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\JPEGView
[2006.06.08 18:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\KeePass
[2006.06.16 09:39:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Leadertech
[2006.06.17 12:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Locktime
[2008.01.07 17:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\NewSoft
[2009.02.04 21:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\PDFCreator
[2007.03.01 07:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\PebeSoft
[2009.07.27 21:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\RawTherapee
[2010.02.12 18:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\RawTherapeeAlpha
[2006.06.24 07:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Registry Booster
[2007.04.12 10:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\ScanSoft
[2009.05.06 10:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Softland
[2006.10.12 07:23:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\TuneUp Software
[2008.01.18 21:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Uniblue
[2010.10.10 10:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\VSO
[2007.09.05 14:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\VSRevoGroup
[2009.06.19 10:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Windows Desktop Search
[2009.06.19 10:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Windows Search
[2009.01.11 10:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\XnView
[2010.05.08 19:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Khonsun\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2008.10.02 09:11:42 | 002,723,264 | ---- | M] (Microsoft Corporation) -- C:\vcredist_x86.exe


< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004.08.18 09:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.03.11 01:54:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.03.11 01:54:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004.08.18 09:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.03.11 01:54:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.03.11 01:54:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Documents and Settings\Khonsun\Dokumenty\My Drivers\hdc\mshdc.inf\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Documents and Settings\Khonsun\Dokumenty\Zalohy\DriverMagicianLite\Primární kanál IDE\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Documents and Settings\Khonsun\Dokumenty\Zalohy\DriverMagicianLite\Řadič rozhraní IDE a ATAPI ke sběrnici PCMCIA\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 09:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2004.08.18 09:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 09:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.05.05 23:03:22 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2004.09.08 11:43:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004.09.08 11:43:54 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.09.08 11:43:54 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\ZLIB.DLL:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Khonsun\Plocha\Diskeeper.msc:SummaryInformation
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:0D3D740E

< End of report >

[khonsun]

OTL Extras logfile created on: 6.1.2011 13:52:07 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\SwStazen
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 517,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 34,66 Gb Free Space | 62,01% Space Free | Partition Type: NTFS
Drive E: | 12,13 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: COMPAQ | User Name: Khonsun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{12803180-9CAD-11DE-B804-005056806466}" = Google Earth
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}" = Motorola Driver Installation
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 B2
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{570358CA-AEDA-4A75-80AB-FBBF3B0AD520}" = Motorola Phone Tools
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{70635FA6-1BA6-4F36-8360-34E0E1AF13C8}" = Clipboard Recorder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Trust Webcam 15007
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Seagate DiscWizard
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}" = HP ProtectTools Security Manager 2.00 A4
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = TIxx21
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3E5B5A9-88A4-4334-BBD0-96CCF002CBFF}" = HP User Guides 0004
"{A3F60446-48FB-48A8-B5FC-BB3430AEF806}" = Diskeeper Lite
"{A6C38A49-367A-443D-BBEA-403A3BF8C877}" = GlobeTrotter Mobility Manager
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE052EF7-2640-48D7-8915-69B810D975CB}" = HP BIOS Configuration for ProtectTools 1.00 D4
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B2395631-54D5-481E-B9A8-74B269546F40}" = Visual C++ CRT 8.0
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{BE38545B-08F7-4f80-95AE-752B99BF159C}" = Web'n'walk 4G software
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3B7C24-30A1-4961-8039-94919F5ED2EE}" = Noiseware Community Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 A2
"{D0572854-191F-45DB-B959-641F8E5C8409}" = HP Accessories Product Tour
"{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = DTV
"{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}" = ScreenManager Pro for LCD
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}" = On2 VP7 Personal Edition
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FB91E774-867B-4567-ACE7-8144EF036068}" = Olympus Digital Wave Player
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"7-Zip" = 7-Zip 9.15 beta
"A.L.A.R.M." = A.L.A.R.M. - A Laptop A/C Monitor
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"avast!" = avast! Antivirus
"Avidemux 2.5" = Avidemux 2.5
"Backup4all 3_is1" = Backup4all 3
"Calcute 6.4.8.0" = Calcute 6.4.8.0 (Remove only)
"CDR Drivers" = CDR Drivers 3.52.1.05a
"COMODO Internet Security" = COMODO Internet Security
"DMX3_is1" = DriverMax 3.0
"DMX5_is1" = DriverMax 5
"EPSON PERFECTION V200 PHOTO Uživatelská příručka" = EPSON PERFECTION V200 PHOTO Manuál
"EPSON Scanner" = EPSON Scan
"Font Xplorer" = Font Xplorer 1.2.2
"Foxit PDF Creator" = Foxit PDF Creator
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Free Download Manager_is1" = Free Download Manager 3.0
"FTDICOMM" = GSMcables USB to GSM Drivers
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Imagicon" = Imagicon
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = Texas Instruments PCIxx21/x515 drivers.
"InstallShield_{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = DTV
"KeePass Password Safe_is1" = KeePass Password Safe 1.17
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mapa Prahy pro CHIP" = Mapa Prahy pro CHIP
"MediaCoder Audio Edition" = MediaCoder Audio Edition 0.7.2.4598
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter
"Miranda IM" = Miranda IM 0.9.13
"MozBackup_is1" = MozBackup 1.4.4
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mp3 File Merger_is1" = Mp3 File Merger V1.6
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"oggcodecs" = oggcodecs 0.73.1936
"PopTray Hotmail Plug-in" = PopTray Hotmail Plug-in
"PopTray Plug-ins" = PopTray Plug-ins (beta 6)
"rajče průvodce_is1" = rajče beta32
"rajče.net_is1" = rajče verze 57 sestavení 192
"Recuva" = Recuva
"SaveSnap" = SaveSnap
"Secunia PSI" = Secunia PSI (2.0.0.1003)
"SmartClock" = SmartClock 2.1
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Communication Centre" = Web'n'walk Manager
"Unlocker" = Unlocker 1.8.9
"VinylStudio_Promo" = VinylStudio Magazine Edition
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Web Translator" = Web Translator
"WhoCrashed_is1" = WhoCrashed 2.10
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4258147995-3267704788-1683952696-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"JCE Strong Enviroment" = JCE Strong Enviroment
"Zoner Photo Client 3" = Zoner Photo Client 3

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 19.3.2009 12:51:42 | Computer Name = PC324087819871 | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestAddFile Error 1753.

Error - 19.3.2009 12:52:31 | Computer Name = PC324087819871 | Source = avast! | ID = 33554522
Description = Chyba v aswChestC: chestAddFile Error 1753.

Error - 16.10.2009 11:34:46 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu aswar scan function failed!, funkce
00000002.

Error - 7.11.2009 20:35:24 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://suggestqueries.google.com/comple ... reader+3.1.
failed, 0000A413.

Error - 9.11.2009 5:04:56 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://dc.idnes.cz/Dukaty.aspx?cmd=vali ... 8996645765
failed, 0000A413.

Error - 9.11.2009 18:57:17 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://dc.idnes.cz/Dukaty.aspx?cmd=vali ... 6780010225
failed, 0000A413.

Error - 5.4.2010 12:44:30 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu aswar scan function failed!, funkce
00000002.

Error - 6.4.2010 10:59:49 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu aswar scan function failed!, funkce
00000002.

Error - 2.6.2010 14:13:24 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu aswar scan function failed!, funkce
00000002.

Error - 5.6.2010 20:24:34 | Computer Name = COMPAQ | Source = avast! | ID = 33554522
Description = Nastala interní chyba v modulu aswar scan function failed!, funkce
00000002.

[ Application Events ]
Error - 3.11.2010 13:00:57 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3029
Description = Modul plug-in v <Search.TripoliIndexer> nebyl inicializován. Kontext:
aplikace Windows, katalog SystemIndex Podrobnosti: Index obsahu nelze číst. (0xc0041800)


Error - 3.11.2010 13:00:57 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3028
Description = Objekt sběrače nebyl inicializován. Kontext: aplikace Windows, katalog
SystemIndex Podrobnosti: Index obsahu nelze číst. (0xc0041800)

Error - 3.11.2010 13:00:57 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3058
Description = Aplikace nebyla inicializována. Kontext: aplikace Windows Podrobnosti:
Index
obsahu nelze číst. (0xc0041800)

Error - 22.11.2010 14:56:13 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 7040
Description = Vyhledávací služby zjistila, že index obsahuje poškozené datové soubory.
Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu. Kontext:
aplikace Windows, katalog SystemIndex Podrobnosti: 0xc0041801 (0xc0041801)

Error - 22.11.2010 14:56:13 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3029
Description = Modul plug-in v <Search.TripoliIndexer> nebyl inicializován. Kontext:
aplikace Windows, katalog SystemIndex Podrobnosti: Index obsahu nelze číst. (0xc0041800)


Error - 22.11.2010 14:56:13 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3028
Description = Objekt sběrače nebyl inicializován. Kontext: aplikace Windows, katalog
SystemIndex Podrobnosti: Index obsahu nelze číst. (0xc0041800)

Error - 22.11.2010 14:56:13 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3058
Description = Aplikace nebyla inicializována. Kontext: aplikace Windows Podrobnosti:
Index
obsahu nelze číst. (0xc0041800)

Error - 29.11.2010 5:19:01 | Computer Name = COMPAQ | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8328.0, stamp 4c717ed1,
faulting module olconnector.dll, version 2.0.2313.0, stamp 491c07db, debug? 0,
fault address 0x0000fd57.

Error - 8.12.2010 16:04:09 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3024
Description = Aktualizaci nelze spustit, protože zdroje obsahu jsou nepřístupné.
Opravte chyby a spusťte aktualizaci znovu. Kontext: aplikace , katalog SystemIndex


Error - 30.12.2010 8:27:34 | Computer Name = COMPAQ | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\KHONSUN\RECENT\DESKTOP.INI> v mapě
algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)

[ NetLimiter Events ]
Error - 17.4.2007 8:20:28 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 18.4.2007 6:31:01 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 18.4.2007 10:00:37 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 19.4.2007 1:18:39 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 19.4.2007 13:37:42 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 20.4.2007 1:20:44 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 20.4.2007 5:34:30 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 20.4.2007 13:42:39 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 21.4.2007 1:28:50 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

Error - 21.4.2007 14:08:20 | Computer Name = PC324087819871 | Source = NetLimiter 2 | ID = 1000
Description =

[ System Events ]
Error - 5.1.2011 16:01:37 | Computer Name = COMPAQ | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 5.1.2011 17:02:15 | Computer Name = COMPAQ | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro DeleteFlag s touto
chybou: %%5

Error - 5.1.2011 17:56:53 | Computer Name = COMPAQ | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5.1.2011 17:57:47 | Computer Name = COMPAQ | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 aswSP ClntMgmt.sys cmdGuard eabfiltr Fips intelppm SASDIFSV SASKUTIL

Error - 5.1.2011 18:03:56 | Computer Name = COMPAQ | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5.1.2011 18:06:42 | Computer Name = COMPAQ | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 6.1.2011 3:44:31 | Computer Name = COMPAQ | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL

Error - 6.1.2011 6:31:26 | Computer Name = COMPAQ | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL


< End of report >

[stell]

spust OTL>>do okna vloz zeleny text a teraz kliknes na OPRAVIT
log po restarte vloz sem

Kód: Vybrat vše

:OTL
DRV - File not found [Kernel | System | Stopped] -- C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.sys -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASENUM.SYS -- (SASENUM)
DRV - File not found [Kernel | System | Stopped] -- C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS -- (SASDIFSV)
FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=10587&gct=&gc=1&q="
O3 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-4258147995-3267704788-1683952696-1005\..\Toolbar\WebBrowser: (no name) - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - No CLSID value found.
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Translate Client.lnk - Reg Error: Value error. - File not found
@Alternate Data Stream - 88 bytes -> C:\ZLIB.DLL:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Khonsun\Plocha\Diskeeper.msc:SummaryInformation
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:0D3D740E
:Commands 
[CreateRestorePoint] 
[emptytemp] 
[start explorer]
[Reboot]

[khonsun]

Po restartu byl vypnut system Active desktop; hlasi to chybu aplikace IE. Co s tim?

All processes killed
========== OTL ==========
Service SASKUTIL stopped successfully!
Service SASKUTIL deleted successfully!
File C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.sys not found.
Service SASENUM stopped successfully!
Service SASENUM deleted successfully!
File C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASENUM.SYS not found.
Service SASDIFSV stopped successfully!
Service SASDIFSV deleted successfully!
File C:\DOCUME~1\Khonsun\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS not found.
Prefs.js: "Ask" removed from browser.search.defaultenginename
Prefs.js: "Ask" removed from browser.search.order.1
Prefs.js: "http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-4258147995-3267704788-1683952696-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-4258147995-3267704788-1683952696-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-4258147995-3267704788-1683952696-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{ED4BD629-C1B6-4399-8A34-02CCAA921DC9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED4BD629-C1B6-4399-8A34-02CCAA921DC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Translate Client.lnk\ deleted successfully.
C:\WINDOWS\pss\Translate Client.lnkCommon Startup moved successfully.
ADS C:\ZLIB.DLL:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\Khonsun\Plocha\Diskeeper.msc:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:0D3D740E deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point (0)

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Khonsun
->Temp folder emptied: 225517 bytes
->Temporary Internet Files folder emptied: 558576 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 63228256 bytes
->Flash cache emptied: 824 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115171 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 61,00 mb


OTL by OldTimer - Version 3.2.20.1 log created on 01062011_155738

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_754.dat moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_eec.dat moved successfully.

Registry entries deleted on Reboot...

[khonsun]

Plochu jsem zatim nastavil pomoci Zobrazeni-vlastnosti. Snad to vydrzi.

[stell]

ak nie su uz problemy tot vse.

[khonsun]

Dekuji; zda se to 0k; OTL si mam ponechat, ci odstranit prostym smazanim?