prosim o kontrolu logu...

Zpráva

Francouz · #1 Příspěvek od **Francouz** » 21 čer 2010 14:29

Logfile of random's system information tool 1.07 (written by random/random)
Run by aa at 2010-06-21 15:27:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (33%) free of 21 GB
Total RAM: 766 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:28:15, on 21.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Documents and Settings\aa\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\aa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qword.com/?s=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.qword.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FB0819B-7EA0-459F-94E7-C96DE20E64ED}: NameServer = 85.92.58.185
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 9211 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Install.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-01 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-01 520192]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-24 198160]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-06-16 2176512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"uTorrent"=C:\Program Files\uTorrent\utorrent.exe [2010-06-15 322352]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-06-16 3037696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-01-24 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2010-06-15 322352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-01-17 618557]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"O&O Defrag"=2
"getPlus(R) Helper"=3
"PnkBstrB"=2
"PnkBstrA"=2
"ICQ Service"=2
"wltrysvc"=2
"ose"=3
"odserv"=3
"JavaQuickStarterService"=2
"IDriverT"=3
"AVP"=2
"Ati HotKey Poller"=2
"sp_rssrv"=2
"SPF4"=2
"SbPF.Launcher"=2
"btwdins"=2
"NBService"=3
"WMPNetworkSvc"=3
"NMIndexingService"=3
"Microsoft Office Groove Audit Service"=3
"idsvc"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-07-29 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=
"NoResolveTrack"=
"NoFileAssociate"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\aa\Plocha\utorrent.exe"="C:\Documents and Settings\aa\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-06-21 15:27:33 ----D---- C:\rsit
2010-06-21 15:27:33 ----D---- C:\Program Files\trend micro
2010-06-17 21:18:20 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-17 18:35:47 ----D---- C:\WINDOWS\Downloaded Installations
2010-06-16 06:24:26 ----D---- C:\Documents and Settings\aa\Data aplikací\Spyware Terminator
2010-06-16 06:23:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-06-16 06:23:14 ----D---- C:\Program Files\Spyware Terminator
2010-06-15 17:28:21 ----D---- C:\Program Files\uTorrent
2010-06-13 19:31:48 ----A---- C:\WINDOWS\ODBC.INI
2010-06-13 18:52:10 ----D---- C:\Program Files\666DC580F193437E9ACD593DB62A89C4
2010-06-13 18:52:09 ----D---- C:\Program Files\NBget
2010-06-13 18:51:18 ----D---- C:\Versalsoft
2010-06-13 18:50:55 ----D---- C:\Program Files\Versalsoft
2010-06-13 17:31:38 ----HDC---- C:\WINDOWS\ie8
2010-06-13 17:02:20 ----D---- C:\Program Files\Mozilla ActiveX Control v1.7.12
2010-06-13 17:00:47 ----D---- C:\Program Files\Universal
2010-06-13 16:54:44 ----D---- C:\Documents and Settings\aa\Data aplikací\Opera
2010-06-13 16:54:23 ----D---- C:\Program Files\Opera
2010-06-10 10:50:03 ----D---- C:\Documents and Settings\aa\Data aplikací\BSplayer
2010-06-10 10:50:01 ----D---- C:\Program Files\Webteh
2010-06-10 05:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 05:11:15 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 05:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 05:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 05:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 05:06:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-09 19:03:30 ----D---- C:\Program Files\Common Files\Skype
2010-06-07 20:33:57 ----D---- C:\Documents and Settings\aa\Data aplikací\IceChat
2010-06-05 14:13:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ironclad Games
2010-05-25 23:13:10 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-24 23:56:38 ----A---- C:\Documents and Settings\aa\Data aplikací\inst.exe
2010-05-24 23:56:21 ----A---- C:\WINDOWS\system32\sipr3260.dll
2010-05-24 23:56:21 ----A---- C:\WINDOWS\system32\drv43260.dll
2010-05-24 23:56:21 ----A---- C:\WINDOWS\system32\drv33260.dll
2010-05-24 23:56:21 ----A---- C:\WINDOWS\system32\drv23260.dll
2010-05-24 23:56:21 ----A---- C:\WINDOWS\system32\cook3260.dll
2010-05-24 23:56:17 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2010-05-24 23:56:16 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-05-24 23:56:13 ----D---- C:\Program Files\VSO

======List of files/folders modified in the last 1 months======

2010-06-21 15:28:03 ----D---- C:\Documents and Settings\aa\Data aplikací\uTorrent
2010-06-21 15:27:33 ----RD---- C:\Program Files
2010-06-21 15:26:21 ----D---- C:\Documents and Settings\aa\Data aplikací\Skype
2010-06-21 15:24:08 ----D---- C:\Documents and Settings\aa\Data aplikací\skypePM
2010-06-21 14:43:45 ----D---- C:\WINDOWS\Prefetch
2010-06-21 13:59:19 ----D---- C:\WINDOWS\temp
2010-06-20 10:33:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-18 15:37:32 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-17 21:25:09 ----D---- C:\WINDOWS
2010-06-17 21:18:42 ----SHD---- C:\WINDOWS\Installer
2010-06-17 21:18:42 ----D---- C:\Config.Msi
2010-06-17 18:41:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-17 18:41:37 ----A---- C:\WINDOWS\wincmd.ini
2010-06-17 18:34:46 ----D---- C:\WINDOWS\system32
2010-06-17 18:28:24 ----D---- C:\WINDOWS\system32\DirectX
2010-06-17 18:28:22 ----RSD---- C:\WINDOWS\assembly
2010-06-17 18:27:46 ----HD---- C:\WINDOWS\inf
2010-06-16 06:24:30 ----D---- C:\WINDOWS\system32\drivers
2010-06-16 06:13:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-16 05:58:57 ----D---- C:\Program Files\Common Files
2010-06-16 05:58:55 ----D---- C:\Program Files\SUPERAntiSpyware
2010-06-15 15:20:38 ----D---- C:\Program Files\CCleaner
2010-06-14 15:59:35 ----D---- C:\WINDOWS\Debug
2010-06-14 09:01:20 ----D---- C:\Documents and Settings\aa\Data aplikací\Vso
2010-06-13 22:35:34 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-13 19:31:47 ----A---- C:\WINDOWS\ODBCINST.INI
2010-06-13 19:31:19 ----D---- C:\Program Files\Mozilla Firefox
2010-06-13 17:47:45 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-13 17:45:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-13 17:45:44 ----D---- C:\WINDOWS\ie8updates
2010-06-13 17:38:35 ----D---- C:\WINDOWS\system32\cs-cz
2010-06-13 17:38:34 ----D---- C:\WINDOWS\Media
2010-06-13 17:38:34 ----D---- C:\WINDOWS\Help
2010-06-13 17:38:34 ----D---- C:\Program Files\Internet Explorer
2010-06-13 17:35:41 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-12 08:30:35 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-11 13:54:59 ----D---- C:\WINDOWS\WinSxS
2010-06-10 15:20:21 ----D---- C:\Program Files\AIMP2
2010-06-10 05:11:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-06-09 19:03:30 ----RD---- C:\Program Files\Skype
2010-06-09 19:03:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-06-08 16:45:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-07 20:23:48 ----D---- C:\Documents and Settings\aa\Data aplikací\mIRC
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-05-15 165376]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\System32\drivers\btserial.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-05-15 18048]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2007-07-26 547904]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [2006-01-17 850474]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 EMSCR;EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [2006-05-25 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [2006-05-25 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [2006-05-25 74752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-01 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-01 210688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-05-24 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-01 731136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 a0jfsh3r;a0jfsh3r; C:\WINDOWS\system32\drivers\a0jfsh3r.sys []
S3 a2m92thi;a2m92thi; C:\WINDOWS\system32\drivers\a2m92thi.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\System32\DRIVERS\btport.sys [2006-01-17 30459]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\aa\LOCALS~1\Temp\catchme.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\aa\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2009-10-22 57800]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2009-10-22 72520]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 KLIF;KLIF; \??\C:\WINDOWS\system32\drivers\klif.sys []
S3 kvnet;Kerio Virtual Network Adapter; C:\WINDOWS\system32\DRIVERS\kvnet.sys [2009-03-23 29696]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer; C:\WINDOWS\system32\DRIVERS\kwflower.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-16 488960]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2006-04-27 405504]
S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-15 66872]
S4 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-13 202448]
S4 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2005-11-11 18944]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 21 čer 2010 17:44

Zdravim a pekny vecer preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Doporucuji odinstalovat klienty P2P siti - jsou potencialnim rizikem pro bezpecnost PC a jsou velmi casto zdrojem viru a haveti - navic jejich pouzivani odporuje i pravidlum naseho fora (vice zde)

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Francouz · #3 Příspěvek od **Francouz** » 22 čer 2010 18:41

po25 minutach a asi takto 5 zkouskach se me vzdy nejak otl seka a nechce zastavit....neodpovida...
mam to nechat prohledavat dele?

ale bez pridani toho scriptu to je ok 5 minutek a vkladam log

OTL logfile created on: 22.6.2010 19:41:38 - Run 4
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\aa\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

766,00 Mb Total Physical Memory | 264,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,49 Gb Total Space | 6,90 Gb Free Space | 33,66% Space Free | Partition Type: NTFS
Drive D: | 44,82 Gb Total Space | 5,00 Gb Free Space | 11,17% Space Free | Partition Type: NTFS
Drive E: | 46,47 Gb Total Space | 20,63 Gb Free Space | 44,39% Space Free | Partition Type: NTFS
Drive F: | 2,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 465,65 Gb Total Space | 129,04 Gb Free Space | 27,71% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOMA-FK3WZJTN19
Current User Name: aa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.22 17:43:27 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aa\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.06.16 06:24:29 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.01 19:59:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.24 16:04:59 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 07:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.06.22 17:43:27 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aa\Dokumenty\Stažené soubory\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.06.16 06:24:29 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.09.23 17:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.06.16 06:24:29 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.05.15 13:54:17 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.05.15 13:54:17 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.03.19 22:25:03 | 000,015,906 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.12.13 21:17:59 | 000,138,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009.11.12 23:17:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.22 15:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009.10.22 15:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009.03.23 11:25:54 | 000,029,696 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kvnet.sys -- (kvnet)
DRV - [2008.10.31 07:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.09.15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.07.18 17:39:18 | 000,213,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2008.06.21 04:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 04:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008.02.01 15:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008.02.01 15:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2007.07.26 13:19:24 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.05.14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007.05.14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007.03.01 22:22:04 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.03.01 22:21:24 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.03.01 22:21:22 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006.06.28 17:25:00 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.06.16 20:56:00 | 000,083,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.05.25 11:19:00 | 000,074,752 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006.05.25 11:19:00 | 000,061,056 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006.05.25 11:19:00 | 000,040,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006.05.10 12:22:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.27 10:46:50 | 001,540,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.03.03 13:52:00 | 000,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006.01.17 10:21:52 | 000,328,061 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.01.17 10:19:46 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006.01.17 10:18:22 | 000,850,474 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.01.17 10:15:36 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2004.10.15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qword.com/?s=1
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.5.6.0
FF - prefs.js..extensions.enabledItems: feedbar@efinke.com:4.4
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,www.plimus.com,regnow.com,www.regnow.com,"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 7070

FF - user.js..browser.search.openintab: false
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""
FF - user.js..network.proxy.socks: "127.0.0.1"
FF - user.js..network.proxy.socks_port: 7070
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\Program Files\Internet Explorer\plugins [2010.05.18 12:58:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.18 12:58:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.18 12:58:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2008.09.05 16:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Extensions
[2010.06.22 19:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions
[2009.01.01 20:40:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.05.18 12:29:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.03 15:10:24 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010.05.18 12:29:37 | 000,000,000 | ---D | M] (Firefox Showcase) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2010.06.03 15:10:23 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2009.05.24 20:06:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009.10.30 11:08:35 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.06.10 10:50:06 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com
[2010.04.04 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\personas@christopher.beard
[2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis
[2009.12.27 01:27:17 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\askcom.xml
[2009.07.01 14:22:12 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\conduit.xml
[2010.05.15 13:27:18 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\daemon-search.xml
[2010.06.21 05:38:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-1.xml
[2009.07.18 07:43:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-10.xml
[2009.08.07 13:43:12 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-11.xml
[2009.09.13 19:00:31 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-12.xml
[2009.09.13 19:18:40 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-13.xml
[2009.10.30 07:51:17 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-14.xml
[2009.11.07 06:52:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-15.xml
[2009.11.12 23:34:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-16.xml
[2009.12.22 19:00:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-17.xml
[2010.01.07 13:53:46 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-18.xml
[2010.03.07 08:00:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-19.xml
[2008.12.28 22:46:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-2.xml
[2010.03.24 16:06:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-20.xml
[2010.04.04 20:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-21.xml
[2010.04.28 12:34:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-22.xml
[2009.02.06 12:24:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-3.xml
[2009.03.14 21:49:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-4.xml
[2009.04.08 08:59:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-5.xml
[2009.04.08 09:25:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-6.xml
[2009.04.26 08:37:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-7.xml
[2009.05.06 11:04:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-8.xml
[2009.06.21 09:29:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-9.xml
[2009.09.06 13:26:42 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.xml
[2010.06.22 19:06:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.10.16 10:34:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.11.05 21:05:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(2)
[2010.05.18 12:26:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.10.16 15:09:05 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npdrmv2.dll
[2008.10.16 15:08:46 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\Mozilla Firefox\plugins\npdsplay(2).dll
[2009.01.07 10:58:04 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2008.10.16 15:08:57 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.12 17:06:25 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O3 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003..\Run: [uTorrent] C:\Program Files\uTorrent\utorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Key error. File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: qword.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([.sbs] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([sbs] https in Důvěryhodné servery)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Value error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\aa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\aa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 7 Days ==========

[2010.06.21 15:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.21 15:27:33 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.17 21:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.06.17 18:35:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010.06.17 18:34:45 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.06.17 18:34:45 | 000,168,960 | ---- | C] (Xceed Software Inc. 1-450-442-2626 zip@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XCDZIP35.OCX
[2010.06.16 06:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aa\Data aplikací\Spyware Terminator
[2010.06.16 06:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.06.16 06:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator

========== Files - Modified Within 7 Days ==========

[2010.06.22 18:55:55 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.22 18:55:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.22 18:54:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.22 18:54:43 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.22 17:42:32 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.22 17:00:15 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.22 16:25:41 | 000,966,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.22 16:25:41 | 000,433,356 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.22 16:25:41 | 000,380,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.22 16:25:41 | 000,079,930 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.22 16:25:41 | 000,061,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.22 16:22:35 | 009,354,473 | ---- | M] () -- C:\Documents and Settings\aa\Plocha\Underworld - Born Slippy.mp3
[2010.06.22 16:19:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.06.21 23:05:24 | 000,018,209 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Zabijaci.osamelych.srdci.DVD5.1cz.torrent
[2010.06.21 18:14:33 | 000,002,896 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.21 18:14:15 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\aa\Plocha\Total Commander.lnk
[2010.06.21 13:15:06 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Total.Commander.v7.55.Multilingual.Incl.Patch.and.Keymaker-ZWT.torrent
[2010.06.20 10:33:28 | 010,747,904 | ---- | M] () -- C:\Documents and Settings\aa\ntuser.dat
[2010.06.20 10:33:28 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\aa\ntuser.ini
[2010.06.20 10:33:20 | 016,633,006 | -H-- | M] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\IconCache.db
[2010.06.17 08:20:56 | 000,023,643 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\JCVD.2008.DVDR.CZ.Destroy-DRagON.torrent
[2010.06.17 06:26:17 | 000,016,107 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\RTS Stavitel 2008.torrent
[2010.06.16 06:24:29 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.16 06:24:22 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.15 22:07:11 | 000,006,896 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\DVDFab 7.0.7.0 Final.torrent

========== Files Created - No Company Name ==========

[2010.06.22 16:21:36 | 009,354,473 | ---- | C] () -- C:\Documents and Settings\aa\Plocha\Underworld - Born Slippy.mp3
[2010.06.21 23:05:24 | 000,018,209 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Zabijaci.osamelych.srdci.DVD5.1cz.torrent
[2010.06.21 18:07:57 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\aa\Plocha\Total Commander.lnk
[2010.06.21 13:06:56 | 000,001,583 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Total.Commander.v7.55.Multilingual.Incl.Patch.and.Keymaker-ZWT.torrent
[2010.06.17 08:20:55 | 000,023,643 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\JCVD.2008.DVDR.CZ.Destroy-DRagON.torrent
[2010.06.17 06:26:17 | 000,016,107 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\RTS Stavitel 2008.torrent
[2010.06.16 06:24:29 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.16 06:24:22 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.15 22:07:11 | 000,006,896 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\DVDFab 7.0.7.0 Final.torrent
[2010.06.13 19:31:48 | 000,000,298 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.05.18 20:03:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.05.18 20:02:56 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.05.18 20:02:56 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.18 20:02:56 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.18 20:02:54 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.05.18 20:02:53 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.05.15 13:54:17 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.05.15 13:54:17 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.04.26 13:31:40 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010.03.10 19:59:35 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009.12.14 16:35:08 | 001,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll
[2009.12.05 12:30:50 | 000,000,060 | ---- | C] () -- C:\WINDOWS\pident.ini
[2009.12.05 12:27:56 | 000,000,584 | ---- | C] () -- C:\WINDOWS\pirchutl.ini
[2009.10.17 19:56:11 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.12.111745.560_XP_Vista_x32.INI
[2009.08.24 13:06:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.03.10 14:41:00 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.02.08 17:26:29 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.01.19 17:23:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.01.19 17:23:50 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.01.08 20:45:41 | 000,138,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.01.01 20:36:55 | 000,002,686 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.11.11 22:37:20 | 000,000,196 | ---- | C] () -- C:\WINDOWS\thtitanc.INI
[2008.09.26 12:27:20 | 000,002,896 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.07 00:10:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.09.07 00:01:25 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.09.06 09:53:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.09.06 00:04:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.09.05 15:33:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.09.05 14:14:26 | 000,000,211 | ---- | C] () -- C:\WINDOWS\System32\BOOTBAK.INI
[2008.09.05 13:22:12 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2008.09.05 12:17:21 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008.09.05 12:16:56 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006.10.28 20:57:48 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2006.01.17 10:31:30 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.02.17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2002.05.18 00:18:30 | 000,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

========== LOP Check ==========

[2008.12.19 23:33:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Ace
[2008.11.01 22:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Ashampoo
[2009.11.30 23:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Bersirc
[2010.06.10 10:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\BSplayer
[2010.03.11 22:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\BSplayer PRO
[2009.05.27 12:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\DAEMON Tools
[2009.05.27 12:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\DAEMON Tools Lite
[2009.02.10 22:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\GanymedeNet
[2008.10.30 21:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\gnupg
[2008.11.01 22:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Hide IP NG
[2008.10.31 11:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\HideIP
[2009.12.24 17:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\HLSW
[2010.06.08 11:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\IceChat
[2009.10.05 18:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\ICQLite
[2009.05.09 20:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\IObit
[2010.03.19 22:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Kerio
[2009.01.01 20:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\LangSoft
[2008.11.02 22:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Leadertech
[2009.08.29 16:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Marine Aquarium 3
[2010.06.13 16:54:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Opera
[2010.06.21 00:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Spyware Terminator
[2009.09.16 21:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\TeamViewer
[2008.10.31 20:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\TuneUp Software
[2010.06.22 19:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\uTorrent
[2009.10.13 16:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\uTorrent(2)
[2010.06.14 09:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Vso
[2010.05.03 20:07:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\X-Chat 2
[2010.04.14 08:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2009.11.12 23:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2008.09.05 15:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2008.09.10 14:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Harley-Davidson_ Race to the Rally Saves
[2009.10.16 10:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.04.26 12:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.06.05 14:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ironclad Games
[2009.01.01 20:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2009.11.02 13:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.04.26 12:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2009.10.04 10:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\page
[2010.04.28 12:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2010.06.22 09:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.04.26 18:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.01.05 23:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\The Skins Factory
[2010.02.28 18:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2008.09.14 17:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2008.12.25 17:44:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.02.28 16:52:50 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.05.16 23:56:01 | 000,000,624 | ---- | M] () -- C:\WINDOWS\Tasks\Install.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8
< End of report >

#4 Příspěvek od **vyosek** » 22 čer 2010 18:47

Nene, je to chyba OTL, resp obcas nejak nedokaze pokousat ten skript, zjistujem s kolegy kde je chyba...Takze spust OTL bez skriptu....

Francouz · #5 Příspěvek od **Francouz** » 22 čer 2010 18:48

a pak jsem vlozil script a dal opravit a hlaska vse ok opraveno...

log je po te uprave zde
Error: Unable to interpret <netsvcs> in the current context!
Error: Unable to interpret <drivers32> in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s> in the current context!
Error: Unable to interpret <c:\windows\*.* /U> in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.> in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s> in the current context!
Error: Unable to interpret <%APPDATA%\*.> in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s> in the current context!
Error: Unable to interpret </md5start> in the current context!
Error: Unable to interpret <eventlog.dll> in the current context!
Error: Unable to interpret <scecli.dll> in the current context!
Error: Unable to interpret <netlogon.dll> in the current context!
Error: Unable to interpret <cngaudit.dll> in the current context!
Error: Unable to interpret <sceclt.dll> in the current context!
Error: Unable to interpret <ntelogon.dll> in the current context!
Error: Unable to interpret <logevent.dll> in the current context!
Error: Unable to interpret <iaStor.sys> in the current context!
Error: Unable to interpret <nvstor.sys> in the current context!
Error: Unable to interpret <atapi.sys> in the current context!
Error: Unable to interpret <IdeChnDr.sys> in the current context!
Error: Unable to interpret <viasraid.sys> in the current context!
Error: Unable to interpret <AGP440.sys> in the current context!
Error: Unable to interpret <vaxscsi.sys> in the current context!
Error: Unable to interpret <nvatabus.sys> in the current context!
Error: Unable to interpret <viamraid.sys> in the current context!
Error: Unable to interpret <nvata.sys> in the current context!
Error: Unable to interpret <nvgts.sys> in the current context!
Error: Unable to interpret <iastorv.sys> in the current context!
Error: Unable to interpret <ViPrt.sys> in the current context!
Error: Unable to interpret <eNetHook.dll> in the current context!
Error: Unable to interpret <ahcix86.sys> in the current context!
Error: Unable to interpret <KR10N.sys> in the current context!
Error: Unable to interpret <nvstor32.sys> in the current context!
Error: Unable to interpret <ahcix86s.sys> in the current context!
Error: Unable to interpret <nvrd32.sys> in the current context!
Error: Unable to interpret <symmpi.sys> in the current context!
Error: Unable to interpret <adp3132.sys> in the current context!
Error: Unable to interpret <mv61xx.sys> in the current context!
Error: Unable to interpret <nvraid.sys> in the current context!
Error: Unable to interpret <ndis.sys> in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
Error: Unable to interpret <userinit.exe> in the current context!
Error: Unable to interpret <lsass.exe> in the current context!
Error: Unable to interpret <svchost.exe> in the current context!
Error: Unable to interpret <smss.exe> in the current context!
Error: Unable to interpret <hal.dll> in the current context!
Error: Unable to interpret <ws2_32.dll> in the current context!
Error: Unable to interpret <tcpip.sys> in the current context!
Error: Unable to interpret <cryptsvc.dll> in the current context!
Error: Unable to interpret <Changer.sys> in the current context!
Error: Unable to interpret <JakNDis.sys> in the current context!
Error: Unable to interpret <isapnp.sys> in the current context!
Error: Unable to interpret <cdrom.sys> in the current context!
Error: Unable to interpret <autochk.exe> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\Tasks\*.job /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles> in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles> in the current context!
Error: Unable to interpret <reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c> in the current context!
Error: Unable to interpret <reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c> in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /3> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.* /3> in the current context!
Error: Unable to interpret <CREATERESTOREPOINT > in the current context!

OTL by OldTimer - Version 3.2.6.1 log created on 06222010_194747

#6 Příspěvek od **vyosek** » 22 čer 2010 18:52

Prosim needitujte

Nemusim si toho vsimnou
Mel jste jen spustit OTL a dat prohledat - nevkladat skript...
jak koukam tak jste pak skript vlozil a dal opravit - to nic neudelalo, pac tam nebyly spravne prikazy - ten skript byl na prohledavani ne na opravu - takze nic OK nebylo a nic opraveno nebylo

Dejte mi chvili, podivam se na log a dam Vam postup a skript pro opravu

Francouz · #7 Příspěvek od **Francouz** » 22 čer 2010 18:56

jj poslechnu nebojte,ale jak pisi nahore po vlozeni scriptu a zapnuti scanu to po 25minutach nic neudelalo,ale jen pri kliknuti neodpovidalo...

#8 Příspěvek od **vyosek** » 22 čer 2010 19:00

Rikam ze to skenovani se skriptem nam radcum obcas dela problemy, zjistujeme ve ktere casti skriptu je chyba a dame to vyrobci OTL na prozkoumani

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qword.com/?s=1
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,www.plimus.com,regnow.com,www.regnow.com,"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 7070
FF - user.js..browser.search.openintab: false
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""
FF - user.js..network.proxy.socks: "127.0.0.1"
FF - user.js..network.proxy.socks_port: 7070
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.type: 0
[2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com
[2010.04.04 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\personas@christopher.beard
[2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis
[2009.12.27 01:27:17 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\askcom.xml
[2009.07.01 14:22:12 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\conduit.xml
[2010.05.15 13:27:18 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\daemon-search.xml
[2010.06.21 05:38:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-1.xml
[2009.07.18 07:43:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-10.xml
[2009.08.07 13:43:12 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-11.xml
[2009.09.13 19:00:31 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-12.xml
[2009.09.13 19:18:40 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-13.xml
[2009.10.30 07:51:17 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-14.xml
[2009.11.07 06:52:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-15.xml
[2009.11.12 23:34:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-16.xml
[2009.12.22 19:00:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-17.xml
[2010.01.07 13:53:46 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-18.xml
[2010.03.07 08:00:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-19.xml
[2008.12.28 22:46:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-2.xml
[2010.03.24 16:06:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-20.xml
[2010.04.04 20:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-21.xml
[2010.04.28 12:34:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-22.xml
[2009.02.06 12:24:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-3.xml
[2009.03.14 21:49:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-4.xml
[2009.04.08 08:59:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-5.xml
[2009.04.08 09:25:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-6.xml
[2009.04.26 08:37:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-7.xml
[2009.05.06 11:04:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-8.xml
[2009.06.21 09:29:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-9.xml
[2009.09.06 13:26:42 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.xml
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: qword.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([.sbs] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([sbs] https in Důvěryhodné servery)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Value error.)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Francouz · #9 Příspěvek od **Francouz** » 22 čer 2010 19:14

OTL logfile created on: 22.6.2010 20:08:47 - Run 5
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\aa\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

766,00 Mb Total Physical Memory | 177,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,49 Gb Total Space | 6,89 Gb Free Space | 33,61% Space Free | Partition Type: NTFS
Drive D: | 44,82 Gb Total Space | 5,00 Gb Free Space | 11,17% Space Free | Partition Type: NTFS
Drive E: | 46,47 Gb Total Space | 20,63 Gb Free Space | 44,39% Space Free | Partition Type: NTFS
Drive F: | 2,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 465,65 Gb Total Space | 129,04 Gb Free Space | 27,71% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOMA-FK3WZJTN19
Current User Name: aa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.22 17:43:27 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aa\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.06.16 06:24:29 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.06.15 20:35:21 | 000,322,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\utorrent.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\java.exe
PRC - [2010.04.01 19:59:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.24 16:04:59 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 07:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.06.22 17:43:27 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aa\Dokumenty\Stažené soubory\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.06.16 06:24:29 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.09.23 17:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2008.10.31 07:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 07:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - [2010.06.16 06:24:29 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.05.15 13:54:17 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.05.15 13:54:17 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.03.19 22:25:03 | 000,015,906 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.12.13 21:17:59 | 000,138,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009.11.12 23:17:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.22 15:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009.10.22 15:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009.03.23 11:25:54 | 000,029,696 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kvnet.sys -- (kvnet)
DRV - [2008.10.31 07:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.09.15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.07.18 17:39:18 | 000,213,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2008.06.21 04:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 04:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2008.02.01 15:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008.02.01 15:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2007.07.26 13:19:24 | 000,547,904 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.05.14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007.05.14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007.03.01 22:22:04 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.03.01 22:21:24 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.03.01 22:21:22 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006.06.28 17:25:00 | 004,304,384 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.06.16 20:56:00 | 000,083,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.05.25 11:19:00 | 000,074,752 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006.05.25 11:19:00 | 000,061,056 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006.05.25 11:19:00 | 000,040,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006.05.10 12:22:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.27 10:46:50 | 001,540,096 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.03.03 13:52:00 | 000,192,672 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006.01.17 10:21:52 | 000,328,061 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.01.17 10:19:46 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006.01.17 10:18:22 | 000,850,474 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.01.17 10:15:36 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2004.10.15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qword.com/?s=1
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.5.6.0
FF - prefs.js..extensions.enabledItems: feedbar@efinke.com:4.4
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,www.plimus.com,regnow.com,www.regnow.com,"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 7070

FF - user.js..browser.search.openintab: false
FF - user.js..network.proxy.ftp: ""
FF - user.js..network.proxy.ftp_port: 0
FF - user.js..network.proxy.gopher: ""
FF - user.js..network.proxy.gopher_port: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""
FF - user.js..network.proxy.socks: "127.0.0.1"
FF - user.js..network.proxy.socks_port: 7070
FF - user.js..network.proxy.socks_version: 5
FF - user.js..network.proxy.ssl: ""
FF - user.js..network.proxy.ssl_port: 0
FF - user.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.7\extensions\\Plugins: C:\Program Files\Internet Explorer\plugins [2010.05.18 12:58:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.18 12:58:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.18 12:58:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2008.09.05 16:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Extensions
[2010.06.22 19:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions
[2009.01.01 20:40:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.05.18 12:29:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.03 15:10:24 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010.05.18 12:29:37 | 000,000,000 | ---D | M] (Firefox Showcase) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2010.06.03 15:10:23 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2009.05.24 20:06:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2009.10.30 11:08:35 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.06.10 10:50:06 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com
[2010.04.04 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\personas@christopher.beard
[2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis
[2009.12.27 01:27:17 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\askcom.xml
[2009.07.01 14:22:12 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\conduit.xml
[2010.05.15 13:27:18 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\daemon-search.xml
[2010.06.21 05:38:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-1.xml
[2009.07.18 07:43:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-10.xml
[2009.08.07 13:43:12 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-11.xml
[2009.09.13 19:00:31 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-12.xml
[2009.09.13 19:18:40 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-13.xml
[2009.10.30 07:51:17 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-14.xml
[2009.11.07 06:52:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-15.xml
[2009.11.12 23:34:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-16.xml
[2009.12.22 19:00:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-17.xml
[2010.01.07 13:53:46 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-18.xml
[2010.03.07 08:00:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-19.xml
[2008.12.28 22:46:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-2.xml
[2010.03.24 16:06:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-20.xml
[2010.04.04 20:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-21.xml
[2010.04.28 12:34:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-22.xml
[2009.02.06 12:24:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-3.xml
[2009.03.14 21:49:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-4.xml
[2009.04.08 08:59:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-5.xml
[2009.04.08 09:25:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-6.xml
[2009.04.26 08:37:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-7.xml
[2009.05.06 11:04:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-8.xml
[2009.06.21 09:29:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-9.xml
[2009.09.06 13:26:42 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.xml
[2010.06.22 19:06:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.10.16 10:34:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2008.11.05 21:05:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(2)
[2010.05.18 12:26:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.10.16 15:09:05 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npdrmv2.dll
[2008.10.16 15:08:46 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\Mozilla Firefox\plugins\npdsplay(2).dll

Francouz · #10 Příspěvek od **Francouz** » 22 čer 2010 19:15

druha cast logu
[2009.01.07 10:58:04 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2008.10.16 15:08:57 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll
[2010.04.01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.12 17:06:25 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O3 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe File not found
O4 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003..\Run: [uTorrent] C:\Program Files\uTorrent\utorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Key error. File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: qword.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([.sbs] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([sbs] https in Důvěryhodné servery)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Value error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\aa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\aa\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[CLEARALLRESTOREPOINTS]
Restore points cleared and new OTL Restore Point set!

========== Files/Folders - Created Within 7 Days ==========

[2010.06.22 19:47:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.06.21 15:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.21 15:27:33 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.17 21:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.06.17 18:35:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010.06.17 18:34:45 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.06.17 18:34:45 | 000,168,960 | ---- | C] (Xceed Software Inc. 1-450-442-2626 zip@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XCDZIP35.OCX
[2010.06.16 06:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\aa\Data aplikací\Spyware Terminator
[2010.06.16 06:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.06.16 06:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator

========== Files - Modified Within 7 Days ==========

[2010.06.22 18:55:55 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.22 18:55:19 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.22 18:54:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.22 18:54:43 | 803,385,344 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.22 17:42:32 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.22 17:00:15 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.22 16:25:41 | 000,966,990 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.22 16:25:41 | 000,433,356 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.22 16:25:41 | 000,380,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.22 16:25:41 | 000,079,930 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.22 16:25:41 | 000,061,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.22 16:22:35 | 009,354,473 | ---- | M] () -- C:\Documents and Settings\aa\Plocha\Underworld - Born Slippy.mp3
[2010.06.22 16:19:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.06.21 23:05:24 | 000,018,209 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Zabijaci.osamelych.srdci.DVD5.1cz.torrent
[2010.06.21 18:14:33 | 000,002,896 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.21 18:14:15 | 000,000,769 | ---- | M] () -- C:\Documents and Settings\aa\Plocha\Total Commander.lnk
[2010.06.21 13:15:06 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\Total.Commander.v7.55.Multilingual.Incl.Patch.and.Keymaker-ZWT.torrent
[2010.06.20 10:33:28 | 010,747,904 | ---- | M] () -- C:\Documents and Settings\aa\ntuser.dat
[2010.06.20 10:33:28 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\aa\ntuser.ini
[2010.06.20 10:33:20 | 016,633,006 | -H-- | M] () -- C:\Documents and Settings\aa\Local Settings\Data aplikací\IconCache.db
[2010.06.17 08:20:56 | 000,023,643 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\JCVD.2008.DVDR.CZ.Destroy-DRagON.torrent
[2010.06.17 06:26:17 | 000,016,107 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\RTS Stavitel 2008.torrent
[2010.06.16 06:24:29 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.16 06:24:22 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.15 22:07:11 | 000,006,896 | ---- | M] () -- C:\Documents and Settings\aa\Dokumenty\DVDFab 7.0.7.0 Final.torrent

========== Files Created - No Company Name ==========

[2010.06.22 16:21:36 | 009,354,473 | ---- | C] () -- C:\Documents and Settings\aa\Plocha\Underworld - Born Slippy.mp3
[2010.06.21 23:05:24 | 000,018,209 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Zabijaci.osamelych.srdci.DVD5.1cz.torrent
[2010.06.21 18:07:57 | 000,000,769 | ---- | C] () -- C:\Documents and Settings\aa\Plocha\Total Commander.lnk
[2010.06.21 13:06:56 | 000,001,583 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\Total.Commander.v7.55.Multilingual.Incl.Patch.and.Keymaker-ZWT.torrent
[2010.06.17 08:20:55 | 000,023,643 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\JCVD.2008.DVDR.CZ.Destroy-DRagON.torrent
[2010.06.17 06:26:17 | 000,016,107 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\RTS Stavitel 2008.torrent
[2010.06.16 06:24:29 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010.06.16 06:24:22 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Spyware Terminator.lnk
[2010.06.15 22:07:11 | 000,006,896 | ---- | C] () -- C:\Documents and Settings\aa\Dokumenty\DVDFab 7.0.7.0 Final.torrent
[2010.06.13 19:31:48 | 000,000,298 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.05.18 20:03:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.05.18 20:02:56 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.05.18 20:02:56 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.18 20:02:56 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.18 20:02:54 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.05.18 20:02:53 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.05.15 13:54:17 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.05.15 13:54:17 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.04.26 13:31:40 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010.03.10 19:59:35 | 000,000,232 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009.12.14 16:35:08 | 001,380,403 | ---- | C] () -- C:\WINDOWS\System32\avgsdk.dll
[2009.12.05 12:30:50 | 000,000,060 | ---- | C] () -- C:\WINDOWS\pident.ini
[2009.12.05 12:27:56 | 000,000,584 | ---- | C] () -- C:\WINDOWS\pirchutl.ini
[2009.10.17 19:56:11 | 000,000,120 | ---- | C] () -- C:\WINDOWS\CIS_Setup_3.12.111745.560_XP_Vista_x32.INI
[2009.08.24 13:06:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.03.10 14:41:00 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.02.08 17:26:29 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.01.19 17:23:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.01.19 17:23:50 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.01.08 20:45:41 | 000,138,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.01.01 20:36:55 | 000,002,686 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.11.11 22:37:20 | 000,000,196 | ---- | C] () -- C:\WINDOWS\thtitanc.INI
[2008.09.26 12:27:20 | 000,002,896 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.07 00:10:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.09.07 00:01:25 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.09.06 09:53:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.09.06 00:04:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.09.05 15:33:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.09.05 14:14:26 | 000,000,211 | ---- | C] () -- C:\WINDOWS\System32\BOOTBAK.INI
[2008.09.05 13:22:12 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2008.09.05 12:17:21 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008.09.05 12:16:56 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006.10.28 20:57:48 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2006.01.17 10:31:30 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.02.17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2002.05.18 00:18:30 | 000,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

========== LOP Check ==========

[2008.12.19 23:33:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Ace
[2008.11.01 22:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Ashampoo
[2009.11.30 23:47:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Bersirc
[2010.06.10 10:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\BSplayer
[2010.03.11 22:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\BSplayer PRO
[2009.05.27 12:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\DAEMON Tools
[2009.05.27 12:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\DAEMON Tools Lite
[2009.02.10 22:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\GanymedeNet
[2008.10.30 21:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\gnupg
[2008.11.01 22:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Hide IP NG
[2008.10.31 11:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\HideIP
[2009.12.24 17:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\HLSW
[2010.06.08 11:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\IceChat
[2009.10.05 18:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\ICQLite
[2009.05.09 20:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\IObit
[2010.03.19 22:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Kerio
[2009.01.01 20:42:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\LangSoft
[2008.11.02 22:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Leadertech
[2009.08.29 16:46:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Marine Aquarium 3
[2010.06.13 16:54:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Opera
[2010.06.21 00:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Spyware Terminator
[2009.09.16 21:14:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\TeamViewer
[2008.10.31 20:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\TuneUp Software
[2010.06.22 20:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\uTorrent
[2009.10.13 16:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\uTorrent(2)
[2010.06.14 09:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Vso
[2010.05.03 20:07:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\X-Chat 2
[2010.04.14 08:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2009.11.12 23:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2008.09.05 15:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2008.09.10 14:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Harley-Davidson_ Race to the Rally Saves
[2009.10.16 10:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.04.26 12:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.06.05 14:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ironclad Games
[2009.01.01 20:40:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2009.11.02 13:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.04.26 12:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2009.10.04 10:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\page
[2010.04.28 12:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2010.06.22 09:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.04.26 18:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.01.05 23:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\The Skins Factory
[2010.02.28 18:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2008.09.14 17:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2008.12.25 17:44:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.02.28 16:52:50 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.05.16 23:56:01 | 000,000,624 | ---- | M] () -- C:\WINDOWS\Tasks\Install.job

========== Purity Check ==========

========== Custom Scans ==========

< :otl >

< IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qword.com/?s=1 >
Invalid Switch: ?s=1

< IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage >
Invalid Switch: startpage

< IE - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com >

< FF - prefs.js..browser.search.defaultenginename: "ICQ Search" >

< FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search" >

< FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}" >

< FF - prefs.js..browser.search.selectedEngine: "ICQ Search" >

< FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" >

< FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,www.plimus.com,regnow.com,www.regnow.com," >

< FF - prefs.js..network.proxy.socks: "127.0.0.1" >

< FF - prefs.js..network.proxy.socks_port: 7070 >

< FF - user.js..browser.search.openintab: false >

< FF - user.js..network.proxy.ftp: "" >

< FF - user.js..network.proxy.ftp_port: 0 >

< FF - user.js..network.proxy.gopher: "" >

< FF - user.js..network.proxy.gopher_port: 0 >

< FF - user.js..network.proxy.http: "" >

< FF - user.js..network.proxy.http_port: >

< FF - user.js..network.proxy.no_proxies_on: "" >

< FF - user.js..network.proxy.socks: "127.0.0.1" >

< FF - user.js..network.proxy.socks_port: 7070 >

< FF - user.js..network.proxy.socks_version: 5 >

< FF - user.js..network.proxy.ssl: "" >

< FF - user.js..network.proxy.ssl_port: 0 >

< FF - user.js..network.proxy.type: 0 >

< [2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com >

< [2010.04.04 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\personas@christopher.beard >

< [2010.06.03 15:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis >

< [2009.12.27 01:27:17 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\askcom.xml >

< [2009.07.01 14:22:12 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\conduit.xml >

< [2010.05.15 13:27:18 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\daemon-search.xml >

< [2010.06.21 05:38:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-1.xml >

< [2009.07.18 07:43:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-10.xml >

< [2009.08.07 13:43:12 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-11.xml >

< [2009.09.13 19:00:31 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-12.xml >

< [2009.09.13 19:18:40 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-13.xml >

< [2009.10.30 07:51:17 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-14.xml >

< [2009.11.07 06:52:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-15.xml >

< [2009.11.12 23:34:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-16.xml >

< [2009.12.22 19:00:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-17.xml >

< [2010.01.07 13:53:46 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-18.xml >

< [2010.03.07 08:00:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-19.xml >

< [2008.12.28 22:46:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-2.xml >

< [2010.03.24 16:06:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-20.xml >

< [2010.04.04 20:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-21.xml >

< [2010.04.28 12:34:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-22.xml >

< [2009.02.06 12:24:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-3.xml >

< [2009.03.14 21:49:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-4.xml >

< [2009.04.08 08:59:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-5.xml >

< [2009.04.08 09:25:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-6.xml >

< [2009.04.26 08:37:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-7.xml >

< [2009.05.06 11:04:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-8.xml >

< [2009.06.21 09:29:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-9.xml >

< [2009.09.06 13:26:42 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.xml >

< O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Reg Error: Key error. File not found >

< O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: qword.com ([]* in Důvěryhodné servery) >

< O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([.sbs] https in Důvěryhodné servery) >

< O15 - HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\..Trusted Domains: topc.cz ([sbs] https in Důvěryhodné servery) >

< O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Value error.) >
Invalid Switch: fhg.CAB (Reg Error: Value error.)

< O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.) >

< O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.) >

< @Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 >

< @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8 >

< >

< :files >

< C:\WINDOWS\system32\*.tmp.dll /s >

< C:\WINDOWS\system32\SET*.tmp /s >

< C:\WINDOWS\*.tmp /s >
[8 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\1dae72938e631e61bacdde4929bca486\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\1dae72938e631e61bacdde4929bca486\*.tmp -> ]
[1 C:\WINDOWS\temp\_avast5_\*.tmp files -> C:\WINDOWS\temp\_avast5_\*.tmp -> ]

< >

< :commands >

< [EMPTYTEMP] >

< [EMPTYFLASH] >

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8

< End of report >

#11 Příspěvek od **vyosek** » 22 čer 2010 19:27

Ctete prosim DUKLADNE me rady...Vlozte skript znovu a kliknete na OPRAVIT, nikoliv na prohledat...ted uz opravujem, prohledavani mame davno za sebou

Francouz · #12 Příspěvek od **Francouz** » 22 čer 2010 19:45

All processes killed
========== OTL ==========
HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1957994488-1958367476-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BS Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" removed from keyword.URL
Prefs.js: "plimus.com,www.plimus.com,regnow.com,www.regnow.com," removed from network.proxy.no_proxies_on
Prefs.js: "127.0.0.1" removed from network.proxy.socks
Prefs.js: 7070 removed from network.proxy.socks_port
C:\Documents and Settings\aa\Data aplikací\Mozilla\FireFox\Profiles\ae1wnv4i.default\user.js moved successfully.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\modules scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\defaults scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\personas@christopher.beard scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis\{003D3EDC-99B9-4a34-9C20-60CB94F7E829} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis\personas@christopher.beard scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis scheduled to be moved on reboot.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\qword.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\topc.cz\.sbs\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1957994488-1958367476-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\topc.cz\sbs\ deleted successfully.
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control DirectAnimation Java Classes Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes Reg Error: Value error.\ not found.
Starting removal of ActiveX control Microsoft XML Parser for Java Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java Reg Error: Value error.\ not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CB0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3AA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP508.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP654.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP83.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB75.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBBE.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE49.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI11A.tmp moved successfully.
C:\WINDOWS\Installer\MSI60D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\1dae72938e631e61bacdde4929bca486\BIT10.tmp moved successfully.
C:\WINDOWS\temp\_avast5_\unp41593343.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: aa
->Temp folder emptied: 73427432 bytes
->Temporary Internet Files folder emptied: 76567902 bytes
->Java cache emptied: 52842 bytes
->FireFox cache emptied: 62808263 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 5140 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66127 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 30198168 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 232,00 mb

[EMPTYFLASH]

User: aa
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.6.1 log created on 06222010_203804

Files\Folders moved on Reboot...
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\modules folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\defaults folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com\chrome folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\feedbar@efinke.com folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\personas@christopher.beard folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis\{003D3EDC-99B9-4a34-9C20-60CB94F7E829} folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis\personas@christopher.beard folder moved successfully.
C:\Documents and Settings\aa\Data aplikací\Mozilla\Firefox\Profiles\ae1wnv4i.default\extensions\staged-xpis folder moved successfully.
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 22 čer 2010 19:53

Tak je to spravne

Co nas pacient, jak se chova

Francouz · #14 Příspěvek od **Francouz** » 22 čer 2010 19:57

No abych pravdu rekl slo jen o prev.kontr. mozna je troska rychlejsi...
myslite ze je to vsechno co potreboval polecil..i kdyz jak isi slo jen o prev.kontr.

#15 Příspěvek od **vyosek** » 22 čer 2010 20:00

Byly to spise jen drobnosti na zrychleni, nejaka havet tam primo nebyla

Takze jsem pochopil ze PC je v poradku a muzem se vrhnout na uklid a pripadne odhaleni musek po upravach

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Poprosim o novy log ze RSITu

VIRY.CZ

prosim o kontrolu logu...

prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...

Re: prosim o kontrolu logu...