VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=108590

Stránka 1 z 2

prosim o kontrolu logu

Napsal: 17 led 2011 22:59
od niceacee
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavla at 2011-01-16 19:46:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 60 GB (74%) free of 82 GB
Total RAM: 1015 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:46:56, on 16.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pavla\Plocha\RSIT.exe
C:\Program Files\trend micro\Pavla.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ACSnews.lnk = C:\Auto-diagnostika\ADnews.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... xdm185YYCZ
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6686205-D2B6-4355-9AB6-33F4BBEABBAE}: NameServer = 192.168.1.20
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - http://1000wallpapers.eu/wp/hory/mini/889.jpg

--
End of file - 11718 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL [2009-06-13 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2009-06-13 434271]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-12 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL [2009-06-13 434271]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-24 104984]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-24 121368]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-24 100888]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-06-03 98304]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-06-03 479232]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-13 16871936]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-07-21 86016]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-05-04 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF []
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe [2009-06-13 32838]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe [2009-06-13 24688]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-24 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe [2009-06-13 32838]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SuperHybridEngine.lnk - C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Documents and Settings\Pavla\Nabídka Start\Programy\Po spuštění
ACSnews.lnk - C:\Auto-diagnostika\ADnews.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-10-10 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2010-10-07 87424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2011-01-16 19:46:09 ----D---- C:\Program Files\trend micro
2011-01-16 19:46:08 ----D---- C:\rsit
2011-01-16 19:07:30 ----D---- C:\Program Files\CCleaner
2011-01-16 19:05:32 ----D---- C:\Program Files\Google
2011-01-12 21:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-10 16:30:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2011-01-10 16:29:34 ----A---- C:\WINDOWS\system32\javaws.exe
2011-01-10 16:29:34 ----A---- C:\WINDOWS\system32\javaw.exe
2011-01-10 16:29:34 ----A---- C:\WINDOWS\system32\java.exe
2011-01-10 16:29:34 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-01-10 16:10:35 ----HDC---- C:\WINDOWS\ie8
2010-12-28 01:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-28 01:22:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-28 01:21:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-28 01:21:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-28 01:21:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-28 01:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-28 01:14:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$

======List of files/folders modified in the last 1 months======

2011-01-16 19:46:09 ----RD---- C:\Program Files
2011-01-16 19:17:43 ----D---- C:\Program Files\Mozilla Firefox
2011-01-16 19:17:14 ----D---- C:\WINDOWS\Debug
2011-01-16 19:17:14 ----D---- C:\WINDOWS
2011-01-16 19:17:13 ----D---- C:\WINDOWS\Minidump
2011-01-16 19:17:08 ----D---- C:\WINDOWS\Temp
2011-01-16 19:07:11 ----D---- C:\WINDOWS\Prefetch
2011-01-16 19:05:41 ----SHD---- C:\WINDOWS\Installer
2011-01-16 19:05:38 ----SD---- C:\WINDOWS\Tasks
2011-01-16 12:41:10 ----D---- C:\Program Files\LogMeIn
2011-01-15 20:49:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-01-14 13:04:30 ----D---- C:\WINDOWS\system32
2011-01-13 22:23:17 ----D---- C:\Documents and Settings\Pavla\Data aplikací\ICQ
2011-01-13 21:00:43 ----D---- C:\Program Files\ICQ6.5
2011-01-12 21:42:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-12 21:38:47 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-12 21:38:42 ----HD---- C:\WINDOWS\inf
2011-01-12 21:38:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-12 08:56:00 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-10 19:02:41 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-10 19:02:31 ----D---- C:\WINDOWS\ie8updates
2011-01-10 16:30:02 ----D---- C:\Program Files\Common Files\Java
2011-01-10 16:29:32 ----D---- C:\Program Files\Java
2011-01-10 16:16:58 ----D---- C:\WINDOWS\system32\cs-cz
2011-01-10 16:16:57 ----D---- C:\WINDOWS\Help
2011-01-10 16:16:57 ----D---- C:\Program Files\Internet Explorer
2011-01-10 16:12:10 ----D---- C:\WINDOWS\WBEM
2011-01-10 16:12:01 ----D---- C:\WINDOWS\Media
2010-12-28 01:21:20 ----D---- C:\WINDOWS\system32\drivers
2010-12-28 01:14:59 ----D---- C:\Program Files\Outlook Express
2010-12-18 16:41:55 ----D---- C:\WINDOWS\Network Diagnostic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2007-07-26 11264]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-04-15 990632]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-03-27 47272]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-10-10 1181824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-17 4756992]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-05-19 25088]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-14 342624]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-09-27 374152]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-10-07 116104]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exe [2009-06-13 28762]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Re: prosim o kontrolu logu

Napsal: 18 led 2011 00:09
od 1danab
zdravím :)
stáhněte a uložte nejlépe na plochu ComboFix

spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:

Obrázek

může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte

sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace

během skenování může být Vaše pc restartováno, proto nepropadejte panice

upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware

po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem :)

Re: prosim o kontrolu logu

Napsal: 18 led 2011 13:17
od niceacee
ComboFix 11-01-17.04 - Pavla 18.01.2011 13:01:55.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.626 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pavla\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
c:\program files\FunWebProducts
c:\program files\FunWebProducts\ScreenSaver\Cache\29B0E412.swf
c:\program files\FunWebProducts\ScreenSaver\Cache\29B3874D
c:\program files\FunWebProducts\ScreenSaver\Cache\files.ini
c:\program files\FunWebProducts\ScreenSaver\Images\29B02A09.urr
c:\program files\FunWebProducts\ScreenSaver\Images\29B0E1DF.urr
c:\program files\FunWebProducts\ScreenSaver\Images\29B0F40F.dat
c:\program files\FunWebProducts\ScreenSaver\Images\29B17536.dat
c:\program files\FunWebProducts\ScreenSaver\Images\29B1E11F.dat
c:\program files\FunWebProducts\ScreenSaver\Images\29B39BFE.dat
c:\program files\FunWebProducts\ScreenSaver\Images\29B416BC.dat
c:\program files\FunWebProducts\ScreenSaver\Images\wrkparam.lst
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn-new.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.html
c:\program files\ICQ6.5\updates\ICQLRun.exe.f9cb5bbb98c818d0e6c63e8613a6d549
c:\program files\Internet Explorer\msimg32.dll
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\2.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\2.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\2.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SCrctr.dll
c:\program files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\2.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\2.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\2.bin\M3PATCH.DLL
c:\program files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSrcas.dll
c:\program files\MyWebSearch\bar\2.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\000207D6.bin
c:\program files\MyWebSearch\bar\Cache\0003A9ED
c:\program files\MyWebSearch\bar\Cache\00748B05
c:\program files\MyWebSearch\bar\Cache\0102DE53
c:\program files\MyWebSearch\bar\Cache\0251C4D2.exe
c:\program files\MyWebSearch\bar\Cache\02AA14BB
c:\program files\MyWebSearch\bar\Cache\09597075
c:\program files\MyWebSearch\bar\Cache\095971BD
c:\program files\MyWebSearch\bar\Cache\0FC4C600.bin
c:\program files\MyWebSearch\bar\Cache\0FC4C748
c:\program files\MyWebSearch\bar\Cache\140F8433
c:\program files\MyWebSearch\bar\Cache\29B0269E
c:\program files\MyWebSearch\bar\Cache\29B027C7.bin
c:\program files\MyWebSearch\bar\Cache\29B0294D.bin
c:\program files\MyWebSearch\bar\Cache\29B02B41.bin
c:\program files\MyWebSearch\bar\Cache\29B02D54.bin
c:\program files\MyWebSearch\bar\Cache\2E9C899D.bin
c:\program files\MyWebSearch\bar\Cache\2E9C8B72.bin
c:\program files\MyWebSearch\bar\Cache\2E9C8CE9.bin
c:\program files\MyWebSearch\bar\Cache\2E9C8E11.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\MyWebSearch\bar\Settings\setting2.htm
c:\program files\MyWebSearch\bar\Settings\settings.dat
c:\program files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\AutoRun.inf
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\Thumbs.db
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
-------\Service_usnjsvc


((((((((((((((((((((((((( Soubory vytvořené od 2010-12-18 do 2011-01-18 )))))))))))))))))))))))))))))))
.

2011-01-16 18:46 . 2011-01-16 18:46 -------- d-----w- c:\program files\trend micro
2011-01-16 18:46 . 2011-01-16 18:47 -------- d-----w- C:\rsit
2011-01-16 18:10 . 2011-01-16 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-01-16 18:07 . 2011-01-16 18:07 -------- d-----w- c:\program files\CCleaner
2011-01-16 18:05 . 2011-01-16 18:06 -------- d-----w- c:\documents and settings\Pavla\Local Settings\Data aplikací\Temp
2011-01-16 18:05 . 2011-01-16 18:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-01-16 18:05 . 2011-01-16 18:07 -------- d-----w- c:\program files\Google
2011-01-16 18:05 . 2011-01-16 18:05 -------- d-----w- c:\documents and settings\Pavla\Local Settings\Data aplikací\Google
2011-01-10 15:29 . 2010-11-12 17:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-10 15:29 . 2010-11-12 17:53 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-01-10 15:10 . 2011-01-10 15:12 -------- dc-h--w- c:\windows\ie8

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:15 . 2008-07-02 09:21 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 15:34 . 2008-07-03 09:29 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2008-07-02 11:07 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2008-07-02 11:07 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2008-07-02 11:07 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2008-07-02 11:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-07-02 11:06 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-07-02 11:07 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2008-07-02 11:06 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2008-07-02 11:07 1853312 ----a-w- c:\windows\system32\win32k.sys
2008-05-07 14:34 . 2008-07-03 09:25 15523560 ----a-w- c:\program files\U1 Setup.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 104984]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 121368]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 100888]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-06-03 98304]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-06-03 479232]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]
"SoundMan"="SOUNDMAN.EXE" [2006-07-21 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 2808832]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

c:\documents and settings\Pavla\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ACSnews.lnk - c:\auto-diagnostika\ADnews.exe [2010-7-19 733184]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-14 596584]
SuperHybridEngine.lnk - c:\program files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2008-7-2 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-10-07 18:47 87424 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.1.2010 17:47 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.1.2010 17:47 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2.12.2008 23:23 222968]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [16.11.2010 20:51 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24.7.2008 18:46 12856]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16.1.2011 19:05 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Obsah adresáře 'Naplánované úlohy'

2011-01-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2011-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 18:05]

2011-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 18:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp? ... earchTerms}
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {A6686205-D2B6-4355-9AB6-33F4BBEABBAE} = 192.168.1.20
FF - ProfilePath - c:\documents and settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp? ... searchfor=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-18 13:11
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\windows\TEMP\_asw_aisI.tm~a04080
c:\windows\TEMP\_asw_aisI.tm~a04080\onefile 543 bytes
c:\windows\TEMP\_asw_aisI.tm~a04080\setup.lok 0 bytes

sken byl úspešně dokončen
skryté soubory: 3

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(776)
c:\windows\system32\LMIinit.dll

- - - - - - - > 'explorer.exe'(3488)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\windows\RTHDCPL.EXE
c:\windows\SOUNDMAN.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\PC Connectivity Solution\NclBTHandler.exe
.
**************************************************************************
.
Celkový čas: 2011-01-18 13:15:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-18 12:15

Před spuštěním: Volných bajtů: 62 930 124 800
Po spuštění: Volných bajtů: 62 886 121 472

- - End Of File - - EE3F27B1F4A8375B7E4FD932D2692E31

Re: prosim o kontrolu logu

Napsal: 18 led 2011 20:58
od 1danab
spusťte HiJackThis odtud C:\Program Files\trend micro\Pavla.exe

v operacnich systemech Windows Vista a Windows 7 spoustejte aplikaci jako spravce (kliknutim pravym mysitkem na ikonu aplikace a volbou "Spustit jako spravce" :!:

neprovadejte sken, ale kliknete na tlacitko Open the Misc Tools Section

nahore jsou ctyri tlacitka, musi byt zamacknute Misc Tools:

Obrázek

najdete vlevo tlacitko Open ADS Spy , kliknete na nej, v nasledujicim okne zruste zaskrtnuti chlivku Quick scan (Windows base folder only), kliknete na Scan, chvili vyckejte, nez probehne sken, pote kliknete na Save log (obsah logu sem) a dale pak klik na Remove selected

Re: prosim o kontrolu logu

Napsal: 19 led 2011 11:34
od niceacee
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\007148E1-00000018.eml : OEStandardProperty (1512 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\011B4E11-00000016.eml : OEStandardProperty (1428 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\17EE182E-00000004.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\18EC7490-00000003.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\19115CA5-00000001.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\202D1C73-00000010.eml : OEStandardProperty (1330 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\20387C6A-0000001A.eml : OEStandardProperty (1428 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\207C5DDE-0000000D.eml : OEStandardProperty (1780 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\2954665A-0000000A.eml : OEStandardProperty (1428 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\2B6D14BC-00000002.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\2D202862-00000014.eml : OEStandardProperty (1628 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\2F3C7D1C-0000000C.eml : OEStandardProperty (1752 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\348354D5-0000000B.eml : OEStandardProperty (1942 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\38F20D85-00000012.eml : OEStandardProperty (1344 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\3AF20C14-00000005.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\3E975605-00000013.eml : OEStandardProperty (1360 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\41A57C52-0000000E.eml : OEStandardProperty (2864 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\44EE0A4E-00000019.eml : OEStandardProperty (1428 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\4BBA36FF-00000006.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\4E384929-0000000F.eml : OEStandardProperty (1678 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\51D97015-00000008.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\5B4629EB-00000007.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\5E8D7969-00000015.eml : OEStandardProperty (1428 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\6041790F-00000017.eml : OEStandardProperty (1428 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\6FAB59A2-00000011.eml : OEStandardProperty (1386 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Deleted Items\7EF25EFB-00000009.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Drafts\456526DB-00000001.eml : OEStandardProperty (1328 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\00294823-00000002.eml : OEStandardProperty (3282 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\003507CF-0000005D.eml : OEStandardProperty (1906 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\00C15A9B-000000A4.eml : OEStandardProperty (1838 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\00D825CD-000000BC.eml : OEStandardProperty (2464 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0120759A-00000022.eml : OEStandardProperty (2840 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0124305E-0000000E.eml : OEStandardProperty (1784 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\01537E39-000000D1.eml : OEStandardProperty (1370 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\03421E23-000000CB.eml : OEStandardProperty (2186 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\03847F4F-00000050.eml : OEStandardProperty (2958 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\03902A38-000000AE.eml : OEStandardProperty (1820 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\044D4E50-000000CF.eml : OEStandardProperty (1414 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\072851D1-000000AF.eml : OEStandardProperty (1894 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\074D4DC8-00000013.eml : OEStandardProperty (3066 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\09407014-00000099.eml : OEStandardProperty (1612 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0B187239-000000BE.eml : OEStandardProperty (7926 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0BB32EA6-0000000A.eml : OEStandardProperty (2268 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0C153807-0000006F.eml : OEStandardProperty (1420 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0CE14FC0-000000A5.eml : OEStandardProperty (1820 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0D6A40A5-0000009B.eml : OEStandardProperty (1692 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0E125F1E-00000056.eml : OEStandardProperty (2006 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0E903A2D-00000061.eml : OEStandardProperty (1720 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0F3E0099-0000000D.eml : OEStandardProperty (1330 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0FBF2F14-00000042.eml : OEStandardProperty (1878 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\0FED51FF-000000C0.eml : OEStandardProperty (1498 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1049086A-00000096.eml : OEStandardProperty (1724 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\10D95F23-000000AC.eml : OEStandardProperty (1634 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\10D96C6C-000000B0.eml : OEStandardProperty (1596 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\11F45DD5-00000059.eml : OEStandardProperty (1312 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\12DB153C-0000000B.eml : OEStandardProperty (2936 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\12E1798B-00000034.eml : OEStandardProperty (1564 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\12F155F5-000000C4.eml : OEStandardProperty (1702 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\13661CD0-0000002D.eml : OEStandardProperty (11486 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\139D7049-00000039.eml : OEStandardProperty (2722 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\13E94080-0000003D.eml : OEStandardProperty (2728 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\149602DA-000000D4.eml : OEStandardProperty (1372 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\154754DE-00000011.eml : OEStandardProperty (1334 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\15A15422-00000031.eml : OEStandardProperty (1360 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\16496DF1-00000007.eml : OEStandardProperty (1840 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\169A2FE7-000000AB.eml : OEStandardProperty (1630 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\169C054A-000000CE.eml : OEStandardProperty (1530 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\16D47F61-0000006C.eml : OEStandardProperty (2616 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\17965E73-0000007A.eml : OEStandardProperty (1716 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\17C063EE-000000B7.eml : OEStandardProperty (1506 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\18502B00-0000006B.eml : OEStandardProperty (2624 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\187E16C5-0000003B.eml : OEStandardProperty (1542 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\18BE6784-00000003.eml : OEStandardProperty (1418 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\19166172-0000004D.eml : OEStandardProperty (1436 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1A633D0D-000000BB.eml : OEStandardProperty (1344 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1AF40ECC-0000005F.eml : OEStandardProperty (1606 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1C2B7518-000000D2.eml : OEStandardProperty (1372 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1D112528-0000009C.eml : OEStandardProperty (1732 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1D186270-00000072.eml : OEStandardProperty (2598 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1E7E000E-000000C1.eml : OEStandardProperty (1414 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\1ED64579-000000B8.eml : OEStandardProperty (1622 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\2059127E-0000005C.eml : OEStandardProperty (1744 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\2213260D-0000001E.eml : OEStandardProperty (3348 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\235022EE-00000023.eml : OEStandardProperty (1502 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\23C948CC-0000003F.eml : OEStandardProperty (2196 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\249E2B0C-00000058.eml : OEStandardProperty (1582 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\266878D4-00000095.eml : OEStandardProperty (1744 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\26E901EB-00000009.eml : OEStandardProperty (2294 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\28337874-00000057.eml : OEStandardProperty (1950 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\285248DB-00000087.eml : OEStandardProperty (1542 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\2CD672AE-00000005.eml : OEStandardProperty (1360 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\301C0BDB-00000020.eml : OEStandardProperty (1442 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\30557600-000000B2.eml : OEStandardProperty (1346 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\30A76486-000000A8.eml : OEStandardProperty (1826 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\349219DA-00000073.eml : OEStandardProperty (1496 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\366B66C4-0000002E.eml : OEStandardProperty (1730 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\368E0D66-00000045.eml : OEStandardProperty (1780 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\36990902-00000037.eml : OEStandardProperty (1506 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\37E51DC0-00000066.eml : OEStandardProperty (1344 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\37E619D9-00000064.eml : OEStandardProperty (1618 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\39B32D12-00000012.eml : OEStandardProperty (2630 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\39CE3BB1-00000075.eml : OEStandardProperty (1656 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3A6122CD-0000004A.eml : OEStandardProperty (1618 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3A8D7FBE-0000006D.eml : OEStandardProperty (2444 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3A9E797D-00000028.eml : OEStandardProperty (1616 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3B251E1F-00000019.eml : OEStandardProperty (1730 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3B974027-00000090.eml : OEStandardProperty (1612 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3C612FFF-00000048.eml : OEStandardProperty (1360 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3E121A49-00000026.eml : OEStandardProperty (1308 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3EF60822-00000032.eml : OEStandardProperty (1754 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3F0B3087-0000009F.eml : OEStandardProperty (2134 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3F4A0A4A-0000007F.eml : OEStandardProperty (1500 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3F97658C-000000A0.eml : OEStandardProperty (1994 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\3FF9548D-000000D3.eml : OEStandardProperty (1372 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\401D71F0-0000004F.eml : OEStandardProperty (1642 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\40877B44-00000069.eml : OEStandardProperty (1646 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\412F30F1-000000A1.eml : OEStandardProperty (2452 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\42282244-000000D9.eml : OEStandardProperty (1414 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\422D54DC-00000044.eml : OEStandardProperty (1660 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\42307EB7-0000002F.eml : OEStandardProperty (1450 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\428B26A6-00000015.eml : OEStandardProperty (2758 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\43EB5EEC-000000B6.eml : OEStandardProperty (1578 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\440218D7-00000052.eml : OEStandardProperty (6336 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\440D491C-0000000F.eml : OEStandardProperty (2898 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\45091238-00000018.eml : OEStandardProperty (1692 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\458F0975-00000063.eml : OEStandardProperty (3246 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\46572C49-00000047.eml : OEStandardProperty (2432 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\46C22DB5-000000A9.eml : OEStandardProperty (1650 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\46CF01D3-00000060.eml : OEStandardProperty (1454 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\470E73D9-0000007B.eml : OEStandardProperty (1478 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\486A3004-00000079.eml : OEStandardProperty (2518 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\48A51FBD-000000C2.eml : OEStandardProperty (2004 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\49442E40-0000002C.eml : OEStandardProperty (4034 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\494A0677-00000051.eml : OEStandardProperty (1746 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\49BB6F11-00000083.eml : OEStandardProperty (1614 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4AE13D6C-00000004.eml : OEStandardProperty (1508 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4AE230FA-000000BD.eml : OEStandardProperty (1630 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4B405878-00000024.eml : OEStandardProperty (1360 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4C567FB3-000000BF.eml : OEStandardProperty (1304 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4C85513E-00000076.eml : OEStandardProperty (1346 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4CAD314F-0000002A.eml : OEStandardProperty (1570 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4CD45FA4-0000005B.eml : OEStandardProperty (1588 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4D064DB7-00000010.eml : OEStandardProperty (2766 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4D675968-0000007D.eml : OEStandardProperty (2754 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4E087A61-00000098.eml : OEStandardProperty (7296 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4E45323B-0000001D.eml : OEStandardProperty (1874 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4F685876-00000081.eml : OEStandardProperty (3138 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\4FF85C46-00000078.eml : OEStandardProperty (2298 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\50644D54-00000074.eml : OEStandardProperty (1396 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\50781481-00000068.eml : OEStandardProperty (2140 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5165183E-000000B5.eml : OEStandardProperty (1498 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\52A379BF-000000C6.eml : OEStandardProperty (1540 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\53B1293B-0000009A.eml : OEStandardProperty (1692 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\54D60EA9-0000009E.eml : OEStandardProperty (1768 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\55797CFE-00000086.eml : OEStandardProperty (1328 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\56AE0732-00000021.eml : OEStandardProperty (1572 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\575360BF-00000040.eml : OEStandardProperty (1738 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5815441D-000000A2.eml : OEStandardProperty (2580 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\58B026CA-00000036.eml : OEStandardProperty (1642 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\590E765F-0000006A.eml : OEStandardProperty (3148 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\591D252A-00000065.eml : OEStandardProperty (1380 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5991409D-00000033.eml : OEStandardProperty (7130 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5AF141BB-00000008.eml : OEStandardProperty (1628 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5C673CD6-00000041.eml : OEStandardProperty (1450 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5DB233EA-0000003E.eml : OEStandardProperty (1578 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5DCD17C0-000000C3.eml : OEStandardProperty (2134 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5DF04D49-00000001.eml : OEStandardProperty (1472 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5E144DF2-0000002B.eml : OEStandardProperty (2102 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5E9D489C-0000004C.eml : OEStandardProperty (2560 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5ED04E57-00000080.eml : OEStandardProperty (1328 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5F323BF6-00000027.eml : OEStandardProperty (3136 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5F490DDC-00000029.eml : OEStandardProperty (3020 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\5FA83F9A-000000A7.eml : OEStandardProperty (1304 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\604857D3-00000062.eml : OEStandardProperty (1586 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\610B71F8-000000B3.eml : OEStandardProperty (1324 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\62953889-000000D0.eml : OEStandardProperty (1370 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\63B70B8A-000000BA.eml : OEStandardProperty (1648 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\63CB6BFC-0000001B.eml : OEStandardProperty (1784 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\644366BB-00000014.eml : OEStandardProperty (1846 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\66FA1316-00000082.eml : OEStandardProperty (2518 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\67326D22-0000005E.eml : OEStandardProperty (1654 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\68993CD5-0000003C.eml : OEStandardProperty (1658 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\692C4A80-0000003A.eml : OEStandardProperty (1540 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\69525F90-00000006.eml : OEStandardProperty (1360 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\69D07AC2-00000093.eml : OEStandardProperty (1818 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6AD45A9F-0000005A.eml : OEStandardProperty (2946 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6AD6047E-00000043.eml : OEStandardProperty (1334 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6B365CFD-00000025.eml : OEStandardProperty (1680 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6B7232E6-0000004E.eml : OEStandardProperty (2772 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6B89030A-0000001F.eml : OEStandardProperty (1756 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6B901148-000000CA.eml : OEStandardProperty (1946 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6BCB0FC9-00000055.eml : OEStandardProperty (1270 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6BE85039-00000053.eml : OEStandardProperty (1678 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6C69288F-00000049.eml : OEStandardProperty (1582 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6C850FFB-000000CC.eml : OEStandardProperty (1612 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6D696A15-00000077.eml : OEStandardProperty (1440 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6E5D1AD4-0000001A.eml : OEStandardProperty (1910 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6E7E3EE9-000000A6.eml : OEStandardProperty (2314 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6EA14C66-000000B1.eml : OEStandardProperty (1590 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\6FC95CCD-00000094.eml : OEStandardProperty (1744 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\701F5D03-00000016.eml : OEStandardProperty (1888 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\7282251F-00000071.eml : OEStandardProperty (2530 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\74AD4EAE-00000084.eml : OEStandardProperty (1496 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\75C1468C-0000009D.eml : OEStandardProperty (1762 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\761F7DD1-000000D7.eml : OEStandardProperty (1296 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\76290487-000000D8.eml : OEStandardProperty (1486 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\76BA184B-000000CD.eml : OEStandardProperty (1692 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\773B0633-00000070.eml : OEStandardProperty (4044 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\798375EF-00000046.eml : OEStandardProperty (1786 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\79D14E55-000000AD.eml : OEStandardProperty (1604 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\79FD067E-000000C9.eml : OEStandardProperty (2296 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\7A5450BF-000000AA.eml : OEStandardProperty (1684 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\7A5A767D-00000017.eml : OEStandardProperty (1732 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\7BB95772-00000038.eml : OEStandardProperty (1628 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\7DD1261E-0000004B.eml : OEStandardProperty (1546 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\7E87390C-0000000C.eml : OEStandardProperty (1516 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Inbox\7F967FF5-0000001C.eml : OEStandardProperty (3942 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Junk E-mail\482318BE-0000000B.eml : OEStandardProperty (1360 bytes)
C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Windows Live Mail\pop3.seznam.cz\Junk E-mail\67844AE1-0000000C.eml : OEStandardProperty (1390 bytes)
C:\Documents and Settings\Pavla\Oblíbené položky\Inzerce a bazar zdarma - zacatek.cz.url : favicon (1406 bytes)
C:\Documents and Settings\Pavla\Oblíbené položky\Pobočka Brno - Alza.cz.url : favicon (1386 bytes)

Re: prosim o kontrolu logu

Napsal: 19 led 2011 20:04
od 1danab
stáhněte GMER , rozbalte a spusťte

proběhne sken, po jehož ukončení se zobrazí výsledky

poté klikněte na Save a uložíte tak log, jeho obsah sem vložte

pak dle tohoto návodu absolvujte druhý sken a opět obsah logu sem :)

Re: prosim o kontrolu logu

Napsal: 20 led 2011 17:48
od niceacee
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-20 17:47:44
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9160827AS rev.3.AAA
Running: gmer.exe; Driver: C:\DOCUME~1\Pavla\LOCALS~1\Temp\uxtdapod.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xAA010BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xAA0109D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xAA010B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----

Re: prosim o kontrolu logu

Napsal: 20 led 2011 19:16
od niceacee
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-20 19:14:45
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9160827AS rev.3.AAA
Running: gmer.exe; Driver: C:\DOCUME~1\Pavla\LOCALS~1\Temp\uxtdapod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xAA003CF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xAA003BAC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xAA004160]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xAA00408A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xAA003782]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xAA003C86]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xAA0036C2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xAA003726]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xAA003DA6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xAA00422E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xAA003D66]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xAA003EE6]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xAA010BAE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xAA0109D2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xAA010B0C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntkrnlpa.exe!ZwLoadDriver 805795FA 7 Bytes JMP AA010B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 805A075C 7 Bytes JMP AA0109D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805B1CE0 5 Bytes JMP AA00C5D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805B8B58 5 Bytes JMP AA00DFFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805C73EA 7 Bytes JMP AA010BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1484] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[820] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT C:\WINDOWS\system32\services.exe[820] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----

Re: prosim o kontrolu logu

Napsal: 20 led 2011 21:00
od 1danab
v internetovém prohlížeči firefox otevřete nové okno a do řádku adresy napište následující:
about:config
zobrazí se vám varování, které potvrďte kliknutím na "Budu opatrný, slibuji"
do řádku filtr zkopírujte browser.search.selectedEngine, tam kde se ve sloupci Hodnota zobrazí MyWebSearch změňte hodnoty adresy na např. http://www.google.com nebo http://www.seznam.cz
poté do řádku filtr zkopírujte keyword.URL a zopakujte to samé
pak pro jistotu do řádku filtr zkopírujte MyWebSearch a pokud se ještě někde zobrazí i tam změňte Hodnotu adresy
až to budete mít hotové, stáhněte si OTL

po stažení klikněte na tlačítko Prohledat, vyčkejte až to doběhne, zobrazí se log a jeho obsah mi sem vložte :)

Re: prosim o kontrolu logu

Napsal: 21 led 2011 11:04
od niceacee
OTL.TXT

OTL logfile created on: 21.1.2011 10:55:09 - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\Pavla\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 545,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,02 Gb Total Space | 58,61 Gb Free Space | 73,25% Space Free | Partition Type: NTFS
Drive D: | 69,00 Gb Total Space | 68,66 Gb Free Space | 99,52% Space Free | Partition Type: NTFS

Computer Name: PAVLA | User Name: Pavla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.21 10:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
PRC - [2011.01.06 21:10:38 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.07 19:48:08 | 000,116,104 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010.09.27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.04.15 13:50:56 | 000,733,184 | ---- | M] (AutoComSoft s.r.o.) -- C:\Auto-diagnostika\ADnews.exe
PRC - [2009.06.01 21:20:12 | 000,222,968 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.07.24 18:46:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008.07.24 18:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008.06.03 13:24:50 | 000,294,912 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2008.06.03 12:43:56 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008.06.03 11:34:38 | 000,479,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008.05.21 00:56:24 | 000,094,208 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008.04.14 14:03:54 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.04.14 14:03:54 | 000,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.24 14:43:36 | 000,129,560 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2007.03.23 13:20:52 | 000,227,328 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2007.02.15 17:29:44 | 000,086,016 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
PRC - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.07.21 09:14:36 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe


========== Modules (SafeList) ==========

MOD - [2011.01.21 10:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 13:58:14 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010.10.07 19:48:08 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010.09.27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.06.01 21:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.07.24 18:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007.10.25 14:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2010.10.07 19:47:45 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.24 18:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.06.17 09:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.05.19 14:01:30 | 000,025,088 | ---- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ETD.sys -- (Ktp)
DRV - [2008.04.15 10:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.27 16:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.11 18:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.02.04 16:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.07.26 19:00:38 | 000,011,264 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2007.05.03 03:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.10.10 14:24:00 | 001,181,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redi ... earchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "http://www.seznam.cz"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.seznam.cz"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.06 21:10:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.10 16:29:34 | 000,000,000 | ---D | M]

[2009.08.18 13:34:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Extensions
[2010.01.07 21:41:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\extensions
[2009.08.21 10:23:11 | 000,009,949 | ---- | M] () -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\searchplugins\mywebsearch.xml
[2011.01.20 17:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.10 16:29:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.01.01 14:25:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.06.13 07:48:56 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
[2010.11.15 14:51:03 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.11.15 14:51:03 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.11.15 14:51:03 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.11.15 14:51:03 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.11.15 14:51:03 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.18 13:11:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Documents and Settings\Pavla\Nabídka Start\Programy\Po spuštění\ACSnews.lnk = C:\Auto-diagnostika\ADnews.exe (AutoComSoft s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20 192.168.1.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 () - http://1000wallpapers.eu/wp/hory/mini/889.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.22 16:40:58 | 000,000,000 | ---D | M] - C:\Auto-diagnostika -- [ NTFS ]
O32 - AutoRun File - [2008.07.02 10:24:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.21 10:54:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
[2011.01.20 17:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Plocha\gmer
[2011.01.18 12:59:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.18 12:59:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.18 12:59:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.18 12:58:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.18 12:58:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.01.18 12:58:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.16 19:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.16 19:46:08 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.16 19:17:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavla\Recent
[2011.01.16 19:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2011.01.16 19:07:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.01.16 19:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.16 19:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2011.01.16 19:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Temp
[2011.01.16 19:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2011.01.16 19:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.01.16 19:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Google
[2011.01.10 16:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.01.10 16:29:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.01.10 16:29:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.01.10 16:29:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.01.10 16:29:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.01.10 16:10:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2008.07.03 10:25:01 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.21 10:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
[2011.01.21 10:41:42 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.21 10:38:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.20 21:10:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.20 18:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.01.20 17:46:21 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\gmer.zip
[2011.01.18 13:11:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.18 12:57:00 | 004,156,990 | R--- | M] () -- C:\Documents and Settings\Pavla\Plocha\ComboFix.exe
[2011.01.17 11:57:41 | 000,008,774 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.doc
[2011.01.17 11:57:41 | 000,006,494 | ---- | M] () -- C:\Documents and Settings\Pavla\Data aplikací\wklnhst.dat
[2011.01.16 19:45:37 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\RSIT.exe
[2011.01.16 19:07:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.01.16 18:58:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Tento Počítač.lnk
[2011.01.14 13:04:30 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.12 08:52:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.10 15:52:20 | 000,004,980 | ---- | M] () -- C:\Documents and Settings\Pavla\Dokumenty\Průvodní dopis..rtf
[2011.01.10 15:33:21 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.wps
[2011.01.06 19:33:57 | 000,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.20 17:46:20 | 000,288,107 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\gmer.zip
[2011.01.18 12:59:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.18 12:59:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.18 12:59:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.18 12:59:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.18 12:59:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.18 12:56:22 | 004,156,990 | R--- | C] () -- C:\Documents and Settings\Pavla\Plocha\ComboFix.exe
[2011.01.17 11:57:40 | 000,008,774 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.doc
[2011.01.16 19:45:36 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\RSIT.exe
[2011.01.16 19:07:26 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.01.16 19:05:38 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.16 19:05:37 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.16 18:58:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\Tento Počítač.lnk
[2011.01.14 12:45:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.06.12 17:33:41 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.12.16 19:00:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.08.10 20:35:59 | 000,000,341 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.02.17 10:26:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.01.13 21:59:18 | 000,111,192 | ---- | C] () -- C:\Documents and Settings\Pavla\Data aplikací\NMM-MetaData.db
[2009.01.13 20:56:37 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.01.13 20:56:33 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.01.13 20:56:33 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.01.13 20:56:31 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.11 18:26:03 | 000,000,762 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008.12.02 23:44:10 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.12.02 02:42:28 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.02 02:39:53 | 000,006,494 | ---- | C] () -- C:\Documents and Settings\Pavla\Data aplikací\wklnhst.dat
[2008.12.02 02:39:53 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\fusioncache.dat
[2008.07.03 12:23:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.07.03 10:32:56 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008.07.03 10:32:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008.07.03 10:32:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008.07.03 10:32:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008.07.03 10:32:56 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008.07.03 10:32:56 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008.07.02 12:16:06 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.07.02 12:07:14 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008.07.02 11:43:44 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll
[2008.04.14 13:58:40 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.03.17 14:54:36 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2007.08.06 12:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

< End of report >
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010.10.07 19:48:08 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010.09.27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.06.01 21:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.07.24 18:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007.10.25 14:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2010.10.07 19:47:45 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.24 18:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.06.17 09:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.05.19 14:01:30 | 000,025,088 | ---- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ETD.sys -- (Ktp)
DRV - [2008.04.15 10:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.27 16:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.11 18:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.02.04 16:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.07.26 19:00:38 | 000,011,264 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2007.05.03 03:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.10.10 14:24:00 | 001,181,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redi ... earchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "http://www.seznam.cz"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.seznam.cz"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.06 21:10:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.10 16:29:34 | 000,000,000 | ---D | M]

[2009.08.18 13:34:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Extensions
[2010.01.07 21:41:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\extensions
[2009.08.21 10:23:11 | 000,009,949 | ---- | M] () -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\searchplugins\mywebsearch.xml
[2011.01.20 17:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.10 16:29:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.01.01 14:25:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.06.13 07:48:56 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
[2010.11.15 14:51:03 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.11.15 14:51:03 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.11.15 14:51:03 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.11.15 14:51:03 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.11.15 14:51:03 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.18 13:11:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Documents and Settings\Pavla\Nabídka Start\Programy\Po spuštění\ACSnews.lnk = C:\Auto-diagnostika\ADnews.exe (AutoComSoft s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20 192.168.1.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 () - http://1000wallpapers.eu/wp/hory/mini/889.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.22 16:40:58 | 000,000,000 | ---D | M] - C:\Auto-diagnostika -- [ NTFS ]
O32 - AutoRun File - [2008.07.02 10:24:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.21 10:54:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
[2011.01.20 17:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Plocha\gmer
[2011.01.18 12:59:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.18 12:59:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.18 12:59:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.18 12:58:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.18 12:58:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.01.18 12:58:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.16 19:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.16 19:46:08 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.16 19:17:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavla\Recent
[2011.01.16 19:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2011.01.16 19:07:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.01.16 19:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.16 19:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2011.01.16 19:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Temp
[2011.01.16 19:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2011.01.16 19:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.01.16 19:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Google
[2011.01.10 16:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.01.10 16:29:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.01.10 16:29:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.01.10 16:29:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.01.10 16:29:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.01.10 16:10:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2008.07.03 10:25:01 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.21 10:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
[2011.01.21 10:41:42 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.21 10:38:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.20 21:10:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.20 18:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.01.20 17:46:21 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\gmer.zip
[2011.01.18 13:11:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.18 12:57:00 | 004,156,990 | R--- | M] () -- C:\Documents and Settings\Pavla\Plocha\ComboFix.exe
[2011.01.17 11:57:41 | 000,008,774 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.doc
[2011.01.17 11:57:41 | 000,006,494 | ---- | M] () -- C:\Documents and Settings\Pavla\Data aplikací\wklnhst.dat
[2011.01.16 19:45:37 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\RSIT.exe
[2011.01.16 19:07:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.01.16 18:58:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Tento Počítač.lnk
[2011.01.14 13:04:30 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.12 08:52:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.10 15:52:20 | 000,004,980 | ---- | M] () -- C:\Documents and Settings\Pavla\Dokumenty\Průvodní dopis..rtf
[2011.01.10 15:33:21 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.wps
[2011.01.06 19:33:57 | 000,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.20 17:46:20 | 000,288,107 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\gmer.zip
[2011.01.18 12:59:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.18 12:59:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.18 12:59:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.18 12:59:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.18 12:59:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.18 12:56:22 | 004,156,990 | R--- | C] () -- C:\Documents and Settings\Pavla\Plocha\ComboFix.exe
[2011.01.17 11:57:40 | 000,008,774 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.doc
[2011.01.16 19:45:36 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\RSIT.exe
[2011.01.16 19:07:26 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.01.16 19:05:38 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.16 19:05:37 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.16 18:58:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\Tento Počítač.lnk
[2011.01.14 12:45:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.06.12 17:33:41 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.12.16 19:00:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.08.10 20:35:59 | 000,000,341 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.02.17 10:26:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.01.13 21:59:18 | 000,111,192 | ---- | C] () -- C:\Documents and Settings\Pavla\Data aplikací\NMM-MetaData.db
[2009.01.13 20:56:37 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.01.13 20:56:33 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.01.13 20:56:33 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.01.13 20:56:31 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.11 18:26:03 | 000,000,762 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008.12.02 23:44:10 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.12.02 02:42:28 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.02 02:39:53 | 000,006,494 | ---- | C] () -- C:\Documents and Settings\Pavla\Data aplikací\wklnhst.dat
[2008.12.02 02:39:53 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\fusioncache.dat
[2008.07.03 12:23:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.07.03 10:32:56 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008.07.03 10:32:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008.07.03 10:32:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008.07.03 10:32:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008.07.03 10:32:56 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008.07.03 10:32:56 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008.07.02 12:16:06 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.07.02 12:07:14 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008.07.02 11:43:44 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll
[2008.04.14 13:58:40 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.03.17 14:54:36 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2007.08.06 12:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

< End of report >

Re: prosim o kontrolu logu

Napsal: 21 led 2011 11:05
od niceacee
EXTRAS.TXT

OTL Extras logfile created on: 21.1.2011 10:55:09 - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\Pavla\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 545,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,02 Gb Total Space | 58,61 Gb Free Space | 73,25% Space Free | Partition Type: NTFS
Drive D: | 69,00 Gb Total Space | 68,66 Gb Free Space | 99,52% Space Free | Partition Type: NTFS

Computer Name: PAVLA | User Name: Pavla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0990B5DF-92C3-4AD6-A18D-BF3ADF311240}" = Super Hybrid Engine
"{17EAD3D5-7E7D-47A3-A63C-C07AB46D468B}" = Windows Live Mail
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{239BB983-8A2D-4974-B780-2ADAE32752D5}" = Windows Live installer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 23
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52CC5969-BBBF-4752-ACCB-5E835F64AF72}" = Windows Live Fotogalerie
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5C52CED3-D45C-4DA9-932F-B91BD44BB461}" = Adabas D 13.01.00
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66DCA952-0A6D-46AB-93B9-64379F829FAD}" = Windows Live Writer
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key
"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1.2 - Czech
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Driver Software 9.0.A Corporate Edition
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{BC6D5EAF-D314-4f47-8951-42CF14CB7316}" = dj_aio_corporate
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEB6ACEB-C418-4880-9133-1C5EB9AFBC79}" = Eee Storage
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F62475E6-6F06-4D65-97D3-71D3CB696A1C}" = Windows Live Messenger
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Balíček ovladače systému Windows - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoDiagnostika_is1" = AutoDiagnostika
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.5 (Corporate)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"Nokia PC Suite" = Nokia PC Suite

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.12.2010 20:23:03 | Computer Name = PAVLA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 519844

Error - 27.12.2010 20:23:03 | Computer Name = PAVLA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 519844

Error - 10.1.2011 12:44:50 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3986, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:36 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:36 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.1.2011 8:04:35 | Computer Name = PAVLA | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

[ System Events ]
Error - 16.11.2010 15:51:06 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.0.102 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 10.1.10.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 18.11.2010 4:08:37 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.1.10.11 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 26.11.2010 4:11:54 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.1.10.11 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 23.12.2010 18:42:53 | Computer Name = PAVLA | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 27.12.2010 13:42:16 | Computer Name = PAVLA | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 6.1.2011 14:34:17 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.1.10.10 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 10.1.10.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 20.1.2011 12:50:24 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 20.1.2011 12:50:40 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 20.1.2011 12:50:47 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 20.1.2011 12:52:33 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.


< End of report >

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0990B5DF-92C3-4AD6-A18D-BF3ADF311240}" = Super Hybrid Engine
"{17EAD3D5-7E7D-47A3-A63C-C07AB46D468B}" = Windows Live Mail
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{239BB983-8A2D-4974-B780-2ADAE32752D5}" = Windows Live installer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 23
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52CC5969-BBBF-4752-ACCB-5E835F64AF72}" = Windows Live Fotogalerie
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5C52CED3-D45C-4DA9-932F-B91BD44BB461}" = Adabas D 13.01.00
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66DCA952-0A6D-46AB-93B9-64379F829FAD}" = Windows Live Writer
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key
"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1.2 - Czech
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Driver Software 9.0.A Corporate Edition
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{BC6D5EAF-D314-4f47-8951-42CF14CB7316}" = dj_aio_corporate
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DEB6ACEB-C418-4880-9133-1C5EB9AFBC79}" = Eee Storage
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F62475E6-6F06-4D65-97D3-71D3CB696A1C}" = Windows Live Messenger
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Balíček ovladače systému Windows - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoDiagnostika_is1" = AutoDiagnostika
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.5 (Corporate)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"Nokia PC Suite" = Nokia PC Suite

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.12.2010 20:23:03 | Computer Name = PAVLA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 519844

Error - 27.12.2010 20:23:03 | Computer Name = PAVLA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 519844

Error - 10.1.2011 12:44:50 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3986, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:35 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:36 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 13.1.2011 14:13:36 | Computer Name = PAVLA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SoftwareUpdate.exe, verze 2.1.1.116, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 18.1.2011 8:04:35 | Computer Name = PAVLA | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

[ System Events ]
Error - 16.11.2010 15:51:06 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.0.102 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 10.1.10.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 18.11.2010 4:08:37 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.1.10.11 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 26.11.2010 4:11:54 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.1.10.11 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 23.12.2010 18:42:53 | Computer Name = PAVLA | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 27.12.2010 13:42:16 | Computer Name = PAVLA | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 6.1.2011 14:34:17 | Computer Name = PAVLA | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.1.10.10 pro síťovou kartu s adresou 00224305C131
byla serverem DHCP 10.1.10.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 20.1.2011 12:50:24 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 20.1.2011 12:50:40 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 20.1.2011 12:50:47 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 20.1.2011 12:52:33 | Computer Name = PAVLA | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.


< End of report >

Re: prosim o kontrolu logu

Napsal: 21 led 2011 16:40
od 1danab
poprosím vás o strpení, jsem ještě v práci a doma budu po sedmé hodině
pak vám napíšu co uděláte dál :)

Re: prosim o kontrolu logu

Napsal: 21 led 2011 17:23
od niceacee
ok dekuji :-)

Re: prosim o kontrolu logu

Napsal: 21 led 2011 20:20
od 1danab
tak, znovu spusťte OTL a do dolního okénka zkopírujte tento skript:

Kód: Vybrat vše

:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redi ... searchfor={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
[2009.08.21 10:23:11 | 000,009,949 | ---- | M] () -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\searchplugins\mywebsearch.xml
[2009.06.13 07:48:56 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
poté klikněte na tlačítko Opravit

restartujte pc, spusťte OTL, nechte znovu skenovat a vložte mi sem nový log :)

Re: prosim o kontrolu logu

Napsal: 21 led 2011 23:14
od niceacee
OTL logfile created on: 21.1.2011 23:02:54 - Run 2
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Documents and Settings\Pavla\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 015,00 Mb Total Physical Memory | 606,00 Mb Available Physical Memory | 60,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,02 Gb Total Space | 58,50 Gb Free Space | 73,11% Space Free | Partition Type: NTFS
Drive D: | 69,00 Gb Total Space | 68,66 Gb Free Space | 99,52% Space Free | Partition Type: NTFS

Computer Name: PAVLA | User Name: Pavla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.21 10:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
PRC - [2010.10.07 19:48:08 | 000,116,104 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010.09.27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.04.15 13:50:56 | 000,733,184 | ---- | M] (AutoComSoft s.r.o.) -- C:\Auto-diagnostika\ADnews.exe
PRC - [2009.06.01 21:20:12 | 000,222,968 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.07.24 18:46:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008.07.24 18:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008.06.03 13:24:50 | 000,294,912 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2008.06.03 12:43:56 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008.06.03 11:34:38 | 000,479,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008.05.21 00:56:24 | 000,094,208 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008.04.14 14:03:54 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.04.14 14:03:54 | 000,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.24 14:43:36 | 000,129,560 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2007.03.23 13:20:52 | 000,227,328 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2007.02.15 17:29:44 | 000,086,016 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
PRC - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.07.21 09:14:36 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe


========== Modules (SafeList) ==========

MOD - [2011.01.21 10:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 13:58:14 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010.10.07 19:48:08 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010.09.27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.06.01 21:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.07.24 18:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007.10.25 14:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.01.04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2010.10.07 19:47:45 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.07.24 18:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.06.17 09:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.05.19 14:01:30 | 000,025,088 | ---- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ETD.sys -- (Ktp)
DRV - [2008.04.15 10:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.27 16:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.11 18:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008.02.04 16:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.07.26 19:00:38 | 000,011,264 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2007.05.03 03:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.10.10 14:24:00 | 001,181,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redi ... earchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "http://www.seznam.cz"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.seznam.cz"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.06 21:10:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.10 16:29:34 | 000,000,000 | ---D | M]

[2009.08.18 13:34:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Extensions
[2010.01.07 21:41:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\extensions
[2009.08.21 10:23:11 | 000,009,949 | ---- | M] () -- C:\Documents and Settings\Pavla\Data aplikací\Mozilla\Firefox\Profiles\piel6g5q.default\searchplugins\mywebsearch.xml
[2011.01.21 18:00:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.10 16:29:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.01.01 14:25:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.06.13 07:48:56 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
[2010.11.15 14:51:03 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.11.15 14:51:03 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.11.15 14:51:03 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.11.15 14:51:03 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.11.15 14:51:03 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.18 13:11:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Documents and Settings\Pavla\Nabídka Start\Programy\Po spuštění\ACSnews.lnk = C:\Auto-diagnostika\ADnews.exe (AutoComSoft s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20 192.168.1.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 () - http://1000wallpapers.eu/wp/hory/mini/889.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.22 16:40:58 | 000,000,000 | ---D | M] - C:\Auto-diagnostika -- [ NTFS ]
O32 - AutoRun File - [2008.07.02 10:24:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.21 23:02:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.01.21 22:58:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.01.21 10:54:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
[2011.01.20 17:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Plocha\gmer
[2011.01.18 12:59:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.18 12:59:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.18 12:59:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.18 12:58:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.18 12:58:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.01.18 12:58:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.16 19:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.16 19:46:08 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.16 19:17:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavla\Recent
[2011.01.16 19:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2011.01.16 19:07:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.01.16 19:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.16 19:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2011.01.16 19:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Temp
[2011.01.16 19:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2011.01.16 19:05:32 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011.01.16 19:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\Google
[2011.01.10 16:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.01.10 16:29:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.01.10 16:29:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.01.10 16:29:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.01.10 16:29:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.01.10 16:10:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2008.07.03 10:25:01 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.21 23:01:23 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.21 23:01:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.21 22:10:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.21 10:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavla\Plocha\OTL.exe
[2011.01.20 18:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.01.20 17:46:21 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\gmer.zip
[2011.01.18 13:11:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.18 12:57:00 | 004,156,990 | R--- | M] () -- C:\Documents and Settings\Pavla\Plocha\ComboFix.exe
[2011.01.17 11:57:41 | 000,008,774 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.doc
[2011.01.17 11:57:41 | 000,006,494 | ---- | M] () -- C:\Documents and Settings\Pavla\Data aplikací\wklnhst.dat
[2011.01.16 19:45:37 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\RSIT.exe
[2011.01.16 19:07:26 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.01.16 18:58:37 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Tento Počítač.lnk
[2011.01.14 13:04:30 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.12 08:52:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.10 15:52:20 | 000,004,980 | ---- | M] () -- C:\Documents and Settings\Pavla\Dokumenty\Průvodní dopis..rtf
[2011.01.10 15:33:21 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.wps
[2011.01.06 19:33:57 | 000,224,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.20 17:46:20 | 000,288,107 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\gmer.zip
[2011.01.18 12:59:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.18 12:59:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.18 12:59:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.18 12:59:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.18 12:59:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.18 12:56:22 | 004,156,990 | R--- | C] () -- C:\Documents and Settings\Pavla\Plocha\ComboFix.exe
[2011.01.17 11:57:40 | 000,008,774 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\Profesní životopis Pavla.doc
[2011.01.16 19:45:36 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\RSIT.exe
[2011.01.16 19:07:26 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.01.16 19:05:38 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.16 19:05:37 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.16 18:58:37 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Pavla\Plocha\Tento Počítač.lnk
[2011.01.14 12:45:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.06.12 17:33:41 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.12.16 19:00:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.08.10 20:35:59 | 000,000,341 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.02.17 10:26:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.01.13 21:59:18 | 000,111,192 | ---- | C] () -- C:\Documents and Settings\Pavla\Data aplikací\NMM-MetaData.db
[2009.01.13 20:56:37 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.01.13 20:56:33 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.01.13 20:56:33 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.01.13 20:56:31 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.11 18:26:03 | 000,000,762 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008.12.02 23:44:10 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.12.02 02:42:28 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.02 02:39:53 | 000,006,494 | ---- | C] () -- C:\Documents and Settings\Pavla\Data aplikací\wklnhst.dat
[2008.12.02 02:39:53 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Pavla\Local Settings\Data aplikací\fusioncache.dat
[2008.07.03 12:23:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.07.03 10:32:56 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008.07.03 10:32:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008.07.03 10:32:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008.07.03 10:32:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008.07.03 10:32:56 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008.07.03 10:32:56 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008.07.02 12:16:06 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.07.02 12:07:14 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008.07.02 11:43:44 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll
[2008.04.14 13:58:40 | 002,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.03.17 14:54:36 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini
[2007.08.06 12:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

< End of report >
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz