Logfile of random's system information tool 1.09 (written by random/random)
Run by a at 2012-05-14 12:00:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 46 GB (30%) free of 153 GB
Total RAM: 511 MB (7% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:07:51, on 14.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17108)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\runservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\mdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\a\Plocha\RSIT.exe
C:\Program Files\trend micro\a.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\windows\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\windows\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O24 - Desktop Component 0: (no name) - file:///D:/ppkplus/obrazky/g0134907.WMF
O24 - Desktop Component 1: (no name) - file:///D:/P6.jpg
O24 - Desktop Component 2: (no name) - http://vsemix.site.cz/tapety/priroda/4.jpg
--
End of file - 11308 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\OGALogon.job
=========Mozilla firefox=========
ProfilePath - C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npscriptable.xpt
C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npbittorrent.dll
npdeployJava1.dll
npgcplug.dll
NPOFFICE.DLL
nppdf32.dll
npracplug.dll
ShockwavePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\
plugin2@gameplaylabs.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2007-05-15 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-05-15 491520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2007-10-04 81920]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2007-10-04 8491008]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-01-23 101136]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2005-01-24 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-07-01 1447168]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
[]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Rychlý začátek s aplikací HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\windows\system32\ljJDwXno
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDevMgrUpdate"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe"="C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe"="C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe:*:Enabled:Need For Speed III for Win32"
"C:\games\SIERRA\MaximumCueball\pool.exe"="C:\games\SIERRA\MaximumCueball\pool.exe:*:Enabled:Maximum Cueball."
"C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe"="C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe:*:Enabled:MXvsATV"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i263_32.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=MSG723.ACM
"vidc.M263"=MSH263.DRV
"vidc.M261"=MSH261.DRV
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.MKVC"=KMVIDC32.DLL
"msacm.lhacm"=lhacm.acm
"MSACM.VOXACM160"=vct3216.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.I263"=I263_32.drv
"vidc.VP62"=vp6vfw.dll
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.VP70"=vp7vfw.dll
"msacm.l3fhg"=mp3fhg.acm
"msacm.divxa32"=divxa32.acm
"msacm.vorbis"=vorbis.acm
"VIDC.X264"=x264vfw.dll
"VIDC.HFYU"=huffyuv.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2012-05-14 12:01:12 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2012-05-14 12:05:55 ----D---- C:\WINDOWS\TEMP
2012-05-14 12:01:12 ----D---- C:\Program Files
2012-05-14 12:00:19 ----D---- C:\WINDOWS\Prefetch
2012-05-14 11:58:37 ----D---- C:\Program Files\Mozilla Firefox
2012-05-14 11:47:22 ----AD---- C:\WINDOWS
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-06-18 685816]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-09-21 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0x01000000 papycpu2;papycpu2; C:\WINDOWS\System32\DRIVERS\papycpu2.sys [2003-01-07 1984]
R0x01000000 papyjoy;papyjoy; C:\WINDOWS\System32\DRIVERS\papyjoy.sys [2003-01-07 1856]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-07-01 34312]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-07-10 165376]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-07-10 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-09 223128]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-12-20 45568]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-01-23 62992]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-01-23 34576]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-01-23 78864]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-01-23 28176]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-12-25 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S0 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2007-03-31 94080]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 jnv4_mib;jnv4_mib; C:\WINDOWS\system32\drivers\jnv4_mib.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\drivers\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 sm56pci;sm56pci; C:\WINDOWS\system32\DRIVERS\sm56pci.sys []
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VGAUTI;VGAUTI; \??\C:\WINDOWS\system32\DRIVERS\VGAUTI.sys []
S3 W700bus;Sony Ericsson W700 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\W700bus.sys [2006-10-09 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\W700mdfl.sys [2006-10-09 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\W700mdm.sys [2006-10-09 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\W700mgmt.sys [2006-10-09 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\W700obex.sys [2006-10-09 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2007-04-26 2560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-08 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-08 214520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2005-01-24 69632]
S2 .EsetTrialReset;Eset Trial Reset; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\system32\HPZipm12.exe [2007-08-09 73728]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-07-01 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HP Port Resolver;HP Port Resolver; C:\windows\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\windows\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-05-06 2785582]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý PC. Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalý PC. Prosím o kontrolu logu
Zdravim 
Nejprve vas poprosim o odstraneni nelegalniho NODu a nahrazeni free reseni bezpecnostniho SW (Avast, Avira ci MSE). Tento muj "pozadavek" vychazi z pravidel fora, kde je jasne psano, ze PC s nelegalnim bezp. SW se nezabyvame...
Az, a pokud, tuto zmenu provedete, tak vas poprosim o novy log z RSIT - do te doby odmitam problem resit
Nejprve vas poprosim o odstraneni nelegalniho NODu a nahrazeni free reseni bezpecnostniho SW (Avast, Avira ci MSE). Tento muj "pozadavek" vychazi z pravidel fora, kde je jasne psano, ze PC s nelegalnim bezp. SW se nezabyvame...
Az, a pokud, tuto zmenu provedete, tak vas poprosim o novy log z RSIT - do te doby odmitam problem resit
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Pomalý PC. Prosím o kontrolu logu
OK, tak už mám legální FREE Avast. Vkládám tedy nový log.
Logfile of random's system information tool 1.09 (written by random/random)
Run by a at 2012-05-14 13:19:46
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 45 GB (30%) free of 153 GB
Total RAM: 511 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:21:34, on 14.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17108)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\mdm.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\a\Plocha\RSIT.exe
C:\Program Files\trend micro\a.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\windows\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\windows\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O24 - Desktop Component 0: (no name) - file:///D:/ppkplus/obrazky/g0134907.WMF
O24 - Desktop Component 1: (no name) - file:///D:/P6.jpg
O24 - Desktop Component 2: (no name) - http://vsemix.site.cz/tapety/priroda/4.jpg
--
End of file - 11237 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\OGALogon.job
=========Mozilla firefox=========
ProfilePath - C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npscriptable.xpt
C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npbittorrent.dll
npdeployJava1.dll
npgcplug.dll
NPOFFICE.DLL
nppdf32.dll
npracplug.dll
ShockwavePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\
plugin2@gameplaylabs.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2007-05-15 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-05-15 491520]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2007-10-04 81920]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2007-10-04 8491008]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-01-23 101136]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2005-01-24 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
[]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Rychlý začátek s aplikací HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\windows\system32\ljJDwXno
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDevMgrUpdate"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe"="C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe"="C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe:*:Enabled:Need For Speed III for Win32"
"C:\games\SIERRA\MaximumCueball\pool.exe"="C:\games\SIERRA\MaximumCueball\pool.exe:*:Enabled:Maximum Cueball."
"C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe"="C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe:*:Enabled:MXvsATV"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i263_32.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=MSG723.ACM
"vidc.M263"=MSH263.DRV
"vidc.M261"=MSH261.DRV
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.MKVC"=KMVIDC32.DLL
"msacm.lhacm"=lhacm.acm
"MSACM.VOXACM160"=vct3216.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.I263"=I263_32.drv
"vidc.VP62"=vp6vfw.dll
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.VP70"=vp7vfw.dll
"msacm.l3fhg"=mp3fhg.acm
"msacm.divxa32"=divxa32.acm
"msacm.vorbis"=vorbis.acm
"VIDC.X264"=x264vfw.dll
"VIDC.HFYU"=huffyuv.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2012-05-14 12:57:14 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-05-14 12:57:13 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-05-14 12:57:10 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-05-14 12:57:09 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-05-14 12:57:08 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-05-14 12:57:08 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-05-14 12:57:08 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-05-14 12:57:07 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-05-14 12:56:18 ----A---- C:\WINDOWS\avastSS.scr
2012-05-14 12:56:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-05-14 12:55:42 ----D---- C:\Program Files\AVAST Software
2012-05-14 12:55:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-05-14 12:01:12 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2012-05-14 13:19:14 ----D---- C:\WINDOWS\TEMP
2012-05-14 13:18:13 ----AD---- C:\WINDOWS
2012-05-14 13:14:37 ----A---- C:\WINDOWS\SchedLog.Txt
2012-05-14 12:57:14 ----D---- C:\WINDOWS\system32\Drivers
2012-05-14 12:56:55 ----SHD---- C:\WINDOWS\Installer
2012-05-14 12:56:55 ----HD---- C:\Config.Msi
2012-05-14 12:56:55 ----D---- C:\WINDOWS\WinSxS
2012-05-14 12:56:16 ----D---- C:\WINDOWS\System32
2012-05-14 12:55:42 ----D---- C:\Program Files
2012-05-14 12:53:50 ----SHD---- C:\WINDOWS\Temporary Internet Files
2012-05-14 12:53:30 ----D---- C:\WINDOWS\Debug
2012-05-14 12:49:38 ----D---- C:\Program Files\Mozilla Firefox
2012-05-14 12:49:09 ----A---- C:\WINDOWS\MAILTRAN.INI
2012-05-14 12:32:43 ----HD---- C:\WINDOWS\INF
2012-05-14 12:26:56 ----HD---- C:\WINDOWS\$hf_mig$
2012-05-14 12:26:48 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-14 12:00:19 ----D---- C:\WINDOWS\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-06-18 685816]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-09-21 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0x01000000 papycpu2;papycpu2; C:\WINDOWS\System32\DRIVERS\papycpu2.sys [2003-01-07 1984]
R0x01000000 papyjoy;papyjoy; C:\WINDOWS\System32\DRIVERS\papyjoy.sys [2003-01-07 1856]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-07-10 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-07-10 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-09 223128]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-12-20 45568]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-01-23 62992]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-01-23 34576]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-01-23 78864]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-01-23 28176]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-12-25 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S0 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2007-03-31 94080]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 jnv4_mib;jnv4_mib; C:\WINDOWS\system32\drivers\jnv4_mib.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\drivers\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 sm56pci;sm56pci; C:\WINDOWS\system32\DRIVERS\sm56pci.sys []
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VGAUTI;VGAUTI; \??\C:\WINDOWS\system32\DRIVERS\VGAUTI.sys []
S3 W700bus;Sony Ericsson W700 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\W700bus.sys [2006-10-09 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\W700mdfl.sys [2006-10-09 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\W700mdm.sys [2006-10-09 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\W700mgmt.sys [2006-10-09 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\W700obex.sys [2006-10-09 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2007-04-26 2560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-08 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-08 214520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2005-01-24 69632]
S2 .EsetTrialReset;Eset Trial Reset; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\system32\HPZipm12.exe [2007-08-09 73728]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HP Port Resolver;HP Port Resolver; C:\windows\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\windows\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-05-06 2785582]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by a at 2012-05-14 13:19:46
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 45 GB (30%) free of 153 GB
Total RAM: 511 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:21:34, on 14.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17108)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\mdm.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\a\Plocha\RSIT.exe
C:\Program Files\trend micro\a.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\windows\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\windows\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O24 - Desktop Component 0: (no name) - file:///D:/ppkplus/obrazky/g0134907.WMF
O24 - Desktop Component 1: (no name) - file:///D:/P6.jpg
O24 - Desktop Component 2: (no name) - http://vsemix.site.cz/tapety/priroda/4.jpg
--
End of file - 11237 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\OGALogon.job
=========Mozilla firefox=========
ProfilePath - C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/npracplug;version=1.0.0.0]
"Description"=Scriptable Plugin for RealArcade
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npscriptable.xpt
C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npbittorrent.dll
npdeployJava1.dll
npgcplug.dll
NPOFFICE.DLL
nppdf32.dll
npracplug.dll
ShockwavePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\
plugin2@gameplaylabs.com
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2007-05-15 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-05-15 491520]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2007-10-04 81920]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2007-10-04 8491008]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-01-23 101136]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2005-01-24 81920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
[]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Rychlý začátek s aplikací HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\windows\system32\ljJDwXno
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDevMgrUpdate"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe"="C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe"="C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe:*:Enabled:Need For Speed III for Win32"
"C:\games\SIERRA\MaximumCueball\pool.exe"="C:\games\SIERRA\MaximumCueball\pool.exe:*:Enabled:Maximum Cueball."
"C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe"="C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe:*:Enabled:MXvsATV"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i263_32.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=MSG723.ACM
"vidc.M263"=MSH263.DRV
"vidc.M261"=MSH261.DRV
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.MKVC"=KMVIDC32.DLL
"msacm.lhacm"=lhacm.acm
"MSACM.VOXACM160"=vct3216.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.I263"=I263_32.drv
"vidc.VP62"=vp6vfw.dll
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.VP70"=vp7vfw.dll
"msacm.l3fhg"=mp3fhg.acm
"msacm.divxa32"=divxa32.acm
"msacm.vorbis"=vorbis.acm
"VIDC.X264"=x264vfw.dll
"VIDC.HFYU"=huffyuv.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2012-05-14 12:57:14 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-05-14 12:57:13 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-05-14 12:57:10 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-05-14 12:57:09 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-05-14 12:57:08 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-05-14 12:57:08 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-05-14 12:57:08 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-05-14 12:57:07 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-05-14 12:56:18 ----A---- C:\WINDOWS\avastSS.scr
2012-05-14 12:56:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-05-14 12:55:42 ----D---- C:\Program Files\AVAST Software
2012-05-14 12:55:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-05-14 12:01:12 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2012-05-14 13:19:14 ----D---- C:\WINDOWS\TEMP
2012-05-14 13:18:13 ----AD---- C:\WINDOWS
2012-05-14 13:14:37 ----A---- C:\WINDOWS\SchedLog.Txt
2012-05-14 12:57:14 ----D---- C:\WINDOWS\system32\Drivers
2012-05-14 12:56:55 ----SHD---- C:\WINDOWS\Installer
2012-05-14 12:56:55 ----HD---- C:\Config.Msi
2012-05-14 12:56:55 ----D---- C:\WINDOWS\WinSxS
2012-05-14 12:56:16 ----D---- C:\WINDOWS\System32
2012-05-14 12:55:42 ----D---- C:\Program Files
2012-05-14 12:53:50 ----SHD---- C:\WINDOWS\Temporary Internet Files
2012-05-14 12:53:30 ----D---- C:\WINDOWS\Debug
2012-05-14 12:49:38 ----D---- C:\Program Files\Mozilla Firefox
2012-05-14 12:49:09 ----A---- C:\WINDOWS\MAILTRAN.INI
2012-05-14 12:32:43 ----HD---- C:\WINDOWS\INF
2012-05-14 12:26:56 ----HD---- C:\WINDOWS\$hf_mig$
2012-05-14 12:26:48 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-14 12:00:19 ----D---- C:\WINDOWS\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-06-18 685816]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-09-21 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0x01000000 papycpu2;papycpu2; C:\WINDOWS\System32\DRIVERS\papycpu2.sys [2003-01-07 1984]
R0x01000000 papyjoy;papyjoy; C:\WINDOWS\System32\DRIVERS\papyjoy.sys [2003-01-07 1856]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-07-10 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-07-10 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2005-12-09 223128]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-12-20 45568]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-01-23 62992]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-01-23 34576]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-01-23 78864]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-01-23 28176]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-12-25 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S0 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2007-03-31 94080]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 jnv4_mib;jnv4_mib; C:\WINDOWS\system32\drivers\jnv4_mib.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\drivers\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 sm56pci;sm56pci; C:\WINDOWS\system32\DRIVERS\sm56pci.sys []
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VGAUTI;VGAUTI; \??\C:\WINDOWS\system32\DRIVERS\VGAUTI.sys []
S3 W700bus;Sony Ericsson W700 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\W700bus.sys [2006-10-09 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\W700mdfl.sys [2006-10-09 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\W700mdm.sys [2006-10-09 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\W700mgmt.sys [2006-10-09 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\W700obex.sys [2006-10-09 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2007-04-26 2560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-08 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-08 214520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2005-01-24 69632]
S2 .EsetTrialReset;Eset Trial Reset; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\system32\HPZipm12.exe [2007-08-09 73728]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HP Port Resolver;HP Port Resolver; C:\windows\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\windows\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-05-06 2785582]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Pomalý PC. Prosím o kontrolu logu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý PC. Prosím o kontrolu logu
OTL logfile created on: 14.5.2012 21:23:01 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\a\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Czech Republic | Language: csy | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 93,95 Mb Available Physical Memory | 18,37% Memory free
1,22 Gb Paging File | 0,82 Gb Available in Paging File | 67,37% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 43,90 Gb Free Space | 29,45% Space Free | Partition Type: NTFS
Computer Name: AMD | User Name: a | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.05.14 21:19:19 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.10 18:04:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.12.24 21:07:16 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.24 14:45:32 | 000,124,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mdm.exe
PRC - [2007.04.26 17:43:50 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2007.02.14 13:27:46 | 000,688,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007.01.23 16:44:00 | 000,101,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.exe
PRC - [2006.08.03 05:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.02.10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005.01.24 20:58:02 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2005.01.24 19:36:52 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.14 09:31:05 | 001,759,232 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12051400\algo.dll
MOD - [2011.11.11 15:58:11 | 008,527,008 | ---- | M] () -- C:\WINDOWS\System32\MACROMED\FLASH\NPSWF32.dll
MOD - [2011.11.10 18:04:03 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010.04.03 09:42:41 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
MOD - [2008.12.24 21:07:09 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2007.12.23 20:24:31 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2007.12.23 20:24:31 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2007.12.23 20:24:24 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2007.12.23 20:24:24 | 000,376,832 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqedit.resources.dll
MOD - [2007.12.23 20:24:23 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2007.12.23 20:24:23 | 000,258,048 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqbakup.resources.dll
MOD - [2007.12.23 20:24:21 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2007.12.23 20:24:19 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2007.12.23 20:24:19 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2007.12.23 20:24:19 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqprrsc.resources.dll
MOD - [2007.12.23 20:24:18 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2007.12.23 20:24:18 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2007.12.23 20:24:18 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2007.12.23 20:24:17 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2007.12.23 20:24:17 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2007.12.23 20:24:17 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2007.12.23 20:24:17 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2007.12.23 20:24:17 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2007.12.23 20:24:17 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2007.12.23 20:24:17 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2007.12.23 20:24:16 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2007.12.23 20:24:15 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2007.12.23 20:24:14 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2007.12.23 20:24:13 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2007.12.23 20:24:13 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2007.12.23 20:24:13 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2007.12.23 20:24:13 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2007.12.23 20:24:13 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2007.12.23 20:24:13 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2007.12.23 20:24:12 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2007.12.23 20:24:12 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2007.12.23 20:24:12 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2007.12.23 20:24:12 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2007.12.23 20:24:12 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2007.12.23 20:24:12 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2007.12.23 20:24:12 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2007.12.23 20:24:11 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2007.12.23 20:24:11 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2007.12.23 20:24:11 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcc2.resources.dll
MOD - [2007.12.07 02:18:16 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_cs_b77a5c561934e089\system.resources.dll
MOD - [2007.07.11 21:23:28 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e3174d18\mscorlib.dll
MOD - [2007.07.11 21:23:24 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_641f3ced\system.drawing.dll
MOD - [2007.07.11 21:23:12 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_27487380\system.xml.dll
MOD - [2007.07.11 21:23:02 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c3c64091\system.windows.forms.dll
MOD - [2007.07.11 21:22:52 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_396cf086\system.dll
MOD - [2007.07.11 21:22:43 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2007.04.26 17:43:53 | 000,122,880 | ---- | M] () -- C:\WINDOWS\lcmmfu.cpl
MOD - [2007.04.26 17:43:50 | 000,048,640 | ---- | M] () -- C:\WINDOWS\mmfs.dll
MOD - [2007.04.26 17:43:50 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
MOD - [2006.10.28 08:46:26 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006.10.28 08:46:24 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2006.10.28 08:46:23 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2006.10.16 12:11:12 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2005.10.20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005.10.20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2005.01.24 20:58:02 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
MOD - [2004.12.27 12:46:04 | 000,311,296 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2004.12.26 20:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.04.26 17:43:50 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2006.05.10 11:59:04 | 000,353,912 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\WINDOWS\System32\sfrem01.exe -- (sfrem01) SF FrontLine Drivers Auto Removal (v1)
SRV - [2005.01.26 16:30:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005.01.26 16:25:34 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005.01.26 16:20:14 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005.01.24 19:36:52 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2003.01.07 19:22:52 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\Drivers\papycpu2.sys -- (papycpu2)
SRV - [2003.01.07 19:22:52 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\Drivers\papyjoy.sys -- (papyjoy)
SRV - [2001.10.25 16:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (NOD32FiXTemDono)
SRV - [2001.10.25 16:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DRIVERS\VGAUTI.sys -- (VGAUTI)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\VClone.sys -- (VClone)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys -- (SYMIDSCO)
DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\sm56pci.sys -- (sm56pci)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (k750mdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (jnv4_mib)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.03.07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.11.08 14:45:03 | 000,137,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009.09.23 11:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\hamachi.sys -- (hamachi)
DRV - [2008.04.13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\gameenum.sys -- (gameenum)
DRV - [2007.09.21 18:49:10 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\videX32.sys -- (videX32)
DRV - [2007.07.10 17:42:45 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\atksgt.sys -- (atksgt)
DRV - [2007.07.10 17:42:44 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.06.18 11:45:54 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.04.03 13:53:13 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2007.03.31 15:31:30 | 000,094,080 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ezplay.sys -- (ezplay)
DRV - [2007.01.23 16:45:00 | 000,078,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007.01.23 16:45:00 | 000,034,576 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.01.23 16:45:00 | 000,028,176 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.01.23 16:44:00 | 000,062,992 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007.01.23 16:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007.01.12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006.10.09 18:03:43 | 000,097,056 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700mdm.sys -- (W700mdm)
DRV - [2006.10.09 18:03:43 | 000,088,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700mgmt.sys -- (W700mgmt) Sony Ericsson W700 USB WMC Device Management Drivers (WDM)
DRV - [2006.10.09 18:03:43 | 000,086,368 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700obex.sys -- (W700obex)
DRV - [2006.10.09 18:03:43 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700bus.sys -- (W700bus) Sony Ericsson W700 Driver driver (WDM)
DRV - [2006.10.09 18:03:43 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700mdfl.sys -- (W700mdfl)
DRV - [2006.08.18 13:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.07.10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006.07.05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.05.10 10:39:38 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.12.09 16:45:57 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\afc.sys -- (Afc)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\prosync1.sys -- (prosync1)
DRV - [2003.07.01 22:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2003.01.07 19:22:52 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\System32\Drivers\papycpu2.sys -- (papycpu2)
DRV - [2003.01.07 19:22:52 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\System32\Drivers\papyjoy.sys -- (papyjoy)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\${searchCLSID}: "URL" = http://search.yahoo.com/search?ei=ISO-8 ... earchTerms}
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 3E2C6492C6&
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60076
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{ADB3B143-6E53-4FE1-A6F9-5713C7C50607}: "URL" = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" = http://www.icq.com/search/results.php?q ... &ch_id=osd
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: File not found
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.05.14 12:56:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.10 18:04:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 20:15:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2008.07.05 08:53:38 | 000,000,000 | ---D | M] (No name found) -- C:\WINDOWS\Application Data\Mozilla\Extensions
[2012.05.14 11:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions
[2007.05.15 15:20:02 | 000,000,000 | ---D | M] (WebTran) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2009.09.02 17:24:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.02 00:28:50 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.09.29 16:59:15 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.26 10:46:45 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\plugin2@gameplaylabs.com
[2011.08.23 22:16:36 | 000,002,333 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\askcom.xml
[2012.05.14 11:52:37 | 000,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-1.xml
[2007.07.31 18:50:06 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-2.xml
[2007.09.19 17:54:06 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-3.xml
[2007.10.20 16:04:37 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-4.xml
[2007.11.28 17:58:01 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-5.xml
[2007.12.11 18:34:14 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-6.xml
[2007.12.12 18:09:58 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-7.xml
[2008.02.08 21:51:13 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-8.xml
[2008.03.26 22:13:18 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-9.xml
[2007.06.30 09:12:59 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin.xml
[2011.03.10 19:39:18 | 000,002,062 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\qip-search.xml
[2011.11.10 18:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.14 11:50:04 | 000,279,187 | ---- | M] () (No name found) -- C:\WINDOWS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FLSYW2ZM.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
[2011.11.10 18:04:06 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.01.04 03:29:08 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.02 21:37:48 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npgcplug.dll
[2005.04.27 22:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2011.09.03 18:02:30 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.03 18:02:30 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.03 18:02:30 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.03 18:02:30 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.03 18:02:30 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.17 13:27:51 | 000,435,581 | R--- | M]) - C:\WINDOWS\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 15016 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (GamePlayLabsBHO Class) - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - Reg Error: Value error. File not found
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKU\S-1-5-19\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-20\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7944229D-3C94-48FF-8B24-F93FAF7535FF}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///D:/ppkplus/obrazky/g0134907.WMF
O24 - Desktop Components:1 () - file:///D:/P6.jpg
O24 - Desktop Components:2 () - http://vsemix.site.cz/tapety/priroda/4.jpg
O24 - Desktop Components:3 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\a\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\a\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O30 - LSA: Authentication Packages - (C:\windows\system32\ljJDwXno) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8f7be6a4-4958-11da-9c03-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{8f7be6a4-4958-11da-9c03-806d6172696f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Toshiba\more4you.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (iolobtdfg C:\windows\system32)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1056
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\LHACM.ACM (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSACM.VOXACM160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.I263 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\WINDOWS\System32\KMVIDC32.DLL ()
Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.14 21:19:07 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
[2012.05.14 13:35:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\a\Recent
[2012.05.14 12:57:14 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.05.14 12:57:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2012.05.14 12:57:13 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.05.14 12:57:10 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.05.14 12:57:09 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.05.14 12:57:08 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.05.14 12:57:08 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.05.14 12:57:08 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.05.14 12:57:07 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.05.14 12:56:18 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.05.14 12:56:16 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.05.14 12:55:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.05.14 12:55:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.05.14 12:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[5850 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.05.14 21:28:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.14 21:19:19 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
[2012.05.14 21:15:58 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012.05.14 21:15:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.05.14 16:59:40 | 002,176,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.14 16:58:31 | 000,000,825 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2012.05.14 16:58:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.14 16:57:56 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.14 16:33:30 | 000,437,730 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.14 16:33:30 | 000,435,228 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.05.14 16:33:30 | 000,081,384 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.05.14 16:33:30 | 000,070,042 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.14 16:25:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.05.14 13:31:52 | 000,001,779 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2012.05.14 12:57:15 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.05.14 12:57:08 | 000,002,876 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[5850 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.05.14 21:28:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.14 16:11:22 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.05.14 12:57:15 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.01.27 17:34:10 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2010.06.24 12:31:42 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
========== LOP Check ==========
[2007.06.01 10:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Application Data\Spyware Terminator
[2007.06.02 08:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michala\Application Data\Spyware Terminator
[2007.02.21 08:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Application Data\Spyware Terminator
[2012.05.14 21:15:58 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\Drivers\atapi.sys
[2004.08.17 15:57:28 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.17 15:57:28 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\System32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\System32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\System32\Drivers\cdrom.sys
[2004.08.17 15:57:28 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\System32\HAL.DLL
[2004.08.17 15:57:28 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\System32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\System32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\System32\Drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\System32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\System32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[5850 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\All users\DRM\Cache\*.tmp files -> C:\WINDOWS\All users\DRM\Cache\*.tmp -> ]
[1 C:\WINDOWS\Application Data\Google\GoogleEarth\*.tmp files -> C:\WINDOWS\Application Data\Google\GoogleEarth\*.tmp -> ]
[1 C:\WINDOWS\Application Data\Microsoft\Office\*.tmp files -> C:\WINDOWS\Application Data\Microsoft\Office\*.tmp -> ]
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.10.07 07:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.09.05 11:51:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Adobe
[2008.07.28 06:48:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\AdobeUM
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Anvil Studio
[2010.03.09 10:44:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\AnvSoft
[2006.10.16 12:10:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Apple Computer
[2009.08.30 09:54:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ArcSoft
[2007.05.13 13:10:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Ashampoo
[2011.02.26 12:45:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Azureus
[2007.02.22 20:17:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\BitTorrent
[2009.10.28 20:27:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Canneverbe_Limited
[2008.05.18 10:10:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\CDBurnerXP_Soft
[2007.04.14 08:09:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Command & Conquer 3 Tiberium Wars Demo
[2009.04.24 15:54:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Comodo
[2010.01.11 16:44:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Creative
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\CyberLink
[2006.12.04 16:36:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DeepBurner
[2009.06.24 16:06:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Desktopicon
[2007.05.30 07:55:47 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Disney Interactive Studios
[2010.06.03 16:24:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DivX
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DVD Shrink
[2010.09.29 16:59:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DVDVideoSoftIEHelpers
[2008.03.26 09:40:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Elaborate Bytes
[2007.12.03 08:56:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ESET
[2009.04.18 19:25:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\FarmingSimulator2008
[2007.01.26 14:56:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\flightgear.org
[2009.06.27 20:10:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Google
[2009.12.12 17:18:19 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Hamachi
[2005.08.14 08:48:21 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Help
[2007.12.23 20:30:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\HP
[2007.03.23 17:40:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ICQ Toolbar
[2007.02.20 18:47:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ICQLite
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Identities
[2009.09.12 09:15:00 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\IMSIDesign
[2005.07.13 23:49:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\InfoTurist
[2008.04.09 17:58:09 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\InstallShield
[2011.04.05 20:11:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Jpeg Resampler
[2007.04.14 10:16:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Lavasoft
[2006.03.08 14:30:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Leadertech
[2008.12.24 21:07:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Logitech
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Macromedia
[2008.11.01 16:41:25 | 000,000,000 | --SD | M] -- C:\WINDOWS\Application Data\Microsoft
[2008.04.20 08:28:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Microsoft Games
[2006.03.22 18:51:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Microsoft Web Folders
[2011.03.11 22:36:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Miranda
[2008.07.05 08:53:38 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Mozilla
[2007.04.23 15:25:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\My Games
[2008.05.18 12:35:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Nero
[2008.12.03 17:58:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Nvu
[2008.04.12 17:06:43 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Off Road
[2006.04.08 07:51:02 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Opera
[2007.06.06 17:11:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Pamela
[2009.11.07 15:41:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Pinec
[2007.08.20 18:35:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\QIP
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Ratbag
[2010.06.28 08:54:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Real
[2011.11.11 19:09:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Rovio
[2005.10.13 17:08:42 | 000,000,000 | RH-D | M] -- C:\WINDOWS\Application Data\SecuROM
[2007.02.16 13:10:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Simply Super Software
[2010.01.17 01:00:57 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\skypePM
[2007.03.24 08:50:16 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\SlySoft
[2011.04.25 12:35:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Smart PC Solutions
[2006.01.28 21:57:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Sony Corporation
[2007.08.01 09:43:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\SpieleEntwicklungsKombinat
[2007.04.20 19:46:20 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Sports Interactive
[2008.08.22 21:46:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Spybot - Search & Destroy
[2008.06.03 14:37:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Spyware Terminator
[2007.02.23 20:58:36 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Sun
[2008.05.31 06:43:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\SUPERAntiSpyware.com
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Symantec
[2005.07.13 23:49:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Talkback
[2008.12.03 18:10:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\teamspeak2
[2006.10.09 18:07:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Teleca
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Thunderbird
[2012.05.14 13:35:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\uTorrent
[2010.12.25 12:30:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Vso
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Zoner
< %APPDATA%\*.exe /s >
[2010.11.07 18:32:08 | 000,081,920 | ---- | M] () -- C:\WINDOWS\Application Data\ezpinst.exe
[2010.12.25 12:29:46 | 000,087,608 | ---- | M] () -- C:\WINDOWS\Application Data\inst.exe
[2008.05.23 22:18:39 | 019,900,192 | ---- | M] ( ) -- C:\WINDOWS\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_en_US.exe
[2008.10.28 18:20:32 | 000,089,088 | ---- | M] () -- C:\WINDOWS\Application Data\Desktopicon\eBayShortcuts.exe
[2008.05.29 08:03:08 | 000,037,176 | ---- | M] () -- C:\WINDOWS\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2006.02.20 15:44:28 | 000,010,134 | R--- | M] () -- C:\WINDOWS\Application Data\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2008.12.24 21:04:44 | 000,010,134 | R--- | M] () -- C:\WINDOWS\Application Data\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
[2008.12.24 21:00:52 | 000,010,134 | R--- | M] () -- C:\WINDOWS\Application Data\Microsoft\Installer\{C89C8D86-4423-4A58-AA40-DD259ACE07C1}\ARPPRODUCTICON.exe
[2005.10.17 12:12:46 | 000,258,048 | ---- | M] () -- C:\WINDOWS\Application Data\uTorrent\wget.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.05.14 21:15:58 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2005.12.09 16:45:57 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys
[2007.06.18 11:45:54 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2005.07.13 23:40:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005.07.13 23:40:28 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005.07.13 23:40:28 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.14 12:57:08 | 000,002,876 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.05.14 16:59:40 | 002,176,968 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.05.14 16:58:31 | 000,000,825 | -HS- | M] () -- C:\WINDOWS\system32\mmf.sys
[2012.05.14 16:33:30 | 000,081,384 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.05.14 16:33:30 | 000,070,042 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.05.14 16:33:30 | 000,435,228 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.05.14 16:33:30 | 000,437,730 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.05.14 16:33:30 | 000,995,960 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.05.14 21:15:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.11.10 18:04:05 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=4CB4054659ABEEEF925B153E2290E634 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.02.29 13:01:00 | 000,634,680 | ---- | M] (Microsoft Corporation) MD5=50BA6A230D743A4D33BFFA2FA1113055 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.14 21:28:09 | 000,000,512 | ---- | M] () MD5=C95D40D9C71832F9DA9E0AFA4BCDC92F -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2001.12.19 00:55:10 | 000,013,312 | ---- | M] () -- \Diderot\Common\crack.exe
[2007.05.19 13:12:18 | 000,020,657 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\Bus_Driver___Crack.3656572.TPB.torrent
[2007.04.23 12:48:07 | 000,028,606 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\CIVILIZATION.4.+Patch.v1.52.+Crack.torrent
[2007.05.31 06:33:37 | 000,169,865 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] Battlestations - Midway.-.Keygen. .Crack.Testato!.by.summerinitaly.rar.torrent
[2007.05.08 10:15:33 | 000,024,924 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] Desperados 2 Coopers Revenge DVD Crack.torrent
[2007.05.30 13:14:05 | 000,013,703 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\^mininova.org^ Enlight__s_Restaurant_Empire_(Full_Game)___Crack___Cheat___Walkt.3415726.TPB.torrent
[2009.04.24 15:57:01 | 000,001,034 | ---- | M] () -- \WINDOWS\Application Data\Microsoft\Office\Naposledy otevřené\crack.LNK
[2008.03.26 09:16:17 | 000,007,897 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\A Clone DVD - Clone CD and Any DVD + cracks april 2007.rar.torrent
[2008.02.29 16:34:56 | 000,008,804 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Ad-Aware 2007 + working crack.rar.torrent
[2007.10.22 18:22:41 | 000,037,790 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Sega Rally [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com].torrent
< *keygen* /s >
[2007.05.31 06:33:37 | 000,169,865 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] Battlestations - Midway.-.Keygen. .Crack.Testato!.by.summerinitaly.rar.torrent
[2007.05.12 12:17:53 | 000,020,124 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] PC Translator 2007 full ISO(CZ) Keygen.torrent
[2008.05.18 11:46:29 | 000,015,722 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Nero 8 Ultra Edition v8.3.2.1 + Keygen.torrent
[2007.09.15 08:09:57 | 000,000,867 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\NHL_08_Keygen-HATRED.torrent
[2009.04.26 13:53:06 | 000,000,807 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\PowerISO4.3+keygen.rar.torrent
[2009.04.25 18:15:17 | 000,019,261 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Zoner Photo Studio Enterprise X (v10)+Keygen-HeartBug.torrent
< *loader* /s >
[2007.03.09 21:07:27 | 000,005,482 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\ZlobDownloader.zip
[2009.08.18 16:47:08 | 001,716,224 | ---- | M] () -- \Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader.exe
[2009.08.18 16:47:08 | 001,064,960 | ---- | M] () -- \Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
[2008.02.28 13:26:06 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2004.11.25 15:27:26 | 000,011,481 | ---- | M] () -- \Program Files\Sony\SonicStage\Data\XML\AppEMDDownLoader.xml
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2005.06.07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.08.18 16:47:01 | 000,421,888 | ---- | M] () -- \WINDOWS\NEXON_EU_DownloaderUpdater.exe
[5850 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\System32\dmloader.dll
[1 \WINDOWS\System32\*.tmp files -> \WINDOWS\System32\*.tmp -> ]
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\System32\dllcache\dmloader.dll
[2007.04.30 15:43:12 | 000,009,622 | ---- | M] () -- \WINDOWS\System32\MACROMED\Shockwave 10\shockwave_Projector_Loader.dcr
========== Files - Unicode (All) ==========
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\???????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϯϸϹϴϴϵϾϻϵЉ
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\?????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρЂϻϵЉЃϵϳЅ
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\?????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϴϱЄϱЃϵϳЅ
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϯϸϹϴϴϵϾ
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\CURSORS\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
< End of report >
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\a\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Czech Republic | Language: csy | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 93,95 Mb Available Physical Memory | 18,37% Memory free
1,22 Gb Paging File | 0,82 Gb Available in Paging File | 67,37% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 43,90 Gb Free Space | 29,45% Space Free | Partition Type: NTFS
Computer Name: AMD | User Name: a | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.05.14 21:19:19 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.10 18:04:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.12.24 21:07:16 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.24 14:45:32 | 000,124,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mdm.exe
PRC - [2007.04.26 17:43:50 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2007.02.14 13:27:46 | 000,688,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2007.01.23 16:44:00 | 000,101,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.exe
PRC - [2006.08.03 05:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.02.10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005.01.24 20:58:02 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2005.01.24 19:36:52 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
========== Modules (No Company Name) ==========
MOD - [2012.05.14 09:31:05 | 001,759,232 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12051400\algo.dll
MOD - [2011.11.11 15:58:11 | 008,527,008 | ---- | M] () -- C:\WINDOWS\System32\MACROMED\FLASH\NPSWF32.dll
MOD - [2011.11.10 18:04:03 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010.04.03 09:42:41 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
MOD - [2008.12.24 21:07:09 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2007.12.23 20:24:31 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2007.12.23 20:24:31 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2007.12.23 20:24:24 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2007.12.23 20:24:24 | 000,376,832 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqedit.resources.dll
MOD - [2007.12.23 20:24:23 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2007.12.23 20:24:23 | 000,258,048 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqbakup.resources.dll
MOD - [2007.12.23 20:24:21 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2007.12.23 20:24:19 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2007.12.23 20:24:19 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2007.12.23 20:24:19 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqprrsc.resources.dll
MOD - [2007.12.23 20:24:18 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2007.12.23 20:24:18 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2007.12.23 20:24:18 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2007.12.23 20:24:17 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2007.12.23 20:24:17 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2007.12.23 20:24:17 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2007.12.23 20:24:17 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2007.12.23 20:24:17 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2007.12.23 20:24:17 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2007.12.23 20:24:17 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2007.12.23 20:24:16 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2007.12.23 20:24:15 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2007.12.23 20:24:14 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2007.12.23 20:24:13 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2007.12.23 20:24:13 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2007.12.23 20:24:13 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2007.12.23 20:24:13 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2007.12.23 20:24:13 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2007.12.23 20:24:13 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2007.12.23 20:24:12 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2007.12.23 20:24:12 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2007.12.23 20:24:12 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2007.12.23 20:24:12 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2007.12.23 20:24:12 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2007.12.23 20:24:12 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2007.12.23 20:24:12 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2007.12.23 20:24:11 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2007.12.23 20:24:11 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2007.12.23 20:24:11 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcc2.resources.dll
MOD - [2007.12.07 02:18:16 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_cs_b77a5c561934e089\system.resources.dll
MOD - [2007.07.11 21:23:28 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e3174d18\mscorlib.dll
MOD - [2007.07.11 21:23:24 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_641f3ced\system.drawing.dll
MOD - [2007.07.11 21:23:12 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_27487380\system.xml.dll
MOD - [2007.07.11 21:23:02 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c3c64091\system.windows.forms.dll
MOD - [2007.07.11 21:22:52 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_396cf086\system.dll
MOD - [2007.07.11 21:22:43 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2007.04.26 17:43:53 | 000,122,880 | ---- | M] () -- C:\WINDOWS\lcmmfu.cpl
MOD - [2007.04.26 17:43:50 | 000,048,640 | ---- | M] () -- C:\WINDOWS\mmfs.dll
MOD - [2007.04.26 17:43:50 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
MOD - [2006.10.28 08:46:26 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006.10.28 08:46:24 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2006.10.28 08:46:23 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2006.10.16 12:11:12 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2005.10.20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005.10.20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
MOD - [2005.01.24 20:58:02 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
MOD - [2004.12.27 12:46:04 | 000,311,296 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2004.12.26 20:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.04.26 17:43:50 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2006.05.10 11:59:04 | 000,353,912 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\WINDOWS\System32\sfrem01.exe -- (sfrem01) SF FrontLine Drivers Auto Removal (v1)
SRV - [2005.01.26 16:30:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2005.01.26 16:25:34 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2005.01.26 16:20:14 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2005.01.24 19:36:52 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2003.01.07 19:22:52 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\Drivers\papycpu2.sys -- (papycpu2)
SRV - [2003.01.07 19:22:52 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\Drivers\papyjoy.sys -- (papyjoy)
SRV - [2001.10.25 16:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (NOD32FiXTemDono)
SRV - [2001.10.25 16:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DRIVERS\VGAUTI.sys -- (VGAUTI)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\VClone.sys -- (VClone)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys -- (SYMIDSCO)
DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\sm56pci.sys -- (sm56pci)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (k750mdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (jnv4_mib)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.03.07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.11.08 14:45:03 | 000,137,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009.09.23 11:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\hamachi.sys -- (hamachi)
DRV - [2008.04.13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\gameenum.sys -- (gameenum)
DRV - [2007.09.21 18:49:10 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\videX32.sys -- (videX32)
DRV - [2007.07.10 17:42:45 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\atksgt.sys -- (atksgt)
DRV - [2007.07.10 17:42:44 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.06.18 11:45:54 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.04.03 13:53:13 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2007.03.31 15:31:30 | 000,094,080 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ezplay.sys -- (ezplay)
DRV - [2007.01.23 16:45:00 | 000,078,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007.01.23 16:45:00 | 000,034,576 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.01.23 16:45:00 | 000,028,176 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.01.23 16:44:00 | 000,062,992 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007.01.23 16:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2007.01.12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006.10.09 18:03:43 | 000,097,056 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700mdm.sys -- (W700mdm)
DRV - [2006.10.09 18:03:43 | 000,088,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700mgmt.sys -- (W700mgmt) Sony Ericsson W700 USB WMC Device Management Drivers (WDM)
DRV - [2006.10.09 18:03:43 | 000,086,368 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700obex.sys -- (W700obex)
DRV - [2006.10.09 18:03:43 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700bus.sys -- (W700bus) Sony Ericsson W700 Driver driver (WDM)
DRV - [2006.10.09 18:03:43 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\W700mdfl.sys -- (W700mdfl)
DRV - [2006.08.18 13:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.07.10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006.07.05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.05.10 10:39:38 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.12.09 16:45:57 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\afc.sys -- (Afc)
DRV - [2004.07.19 16:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\prosync1.sys -- (prosync1)
DRV - [2003.07.01 22:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2003.01.07 19:22:52 | 000,001,984 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\System32\Drivers\papycpu2.sys -- (papycpu2)
DRV - [2003.01.07 19:22:52 | 000,001,856 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\WINDOWS\System32\Drivers\papyjoy.sys -- (papyjoy)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\${searchCLSID}: "URL" = http://search.yahoo.com/search?ei=ISO-8 ... earchTerms}
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 3E2C6492C6&
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60076
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{ADB3B143-6E53-4FE1-A6F9-5713C7C50607}: "URL" = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" = http://www.icq.com/search/results.php?q ... &ch_id=osd
IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: File not found
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.05.14 12:56:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.10 18:04:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 20:15:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2008.07.05 08:53:38 | 000,000,000 | ---D | M] (No name found) -- C:\WINDOWS\Application Data\Mozilla\Extensions
[2012.05.14 11:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions
[2007.05.15 15:20:02 | 000,000,000 | ---D | M] (WebTran) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2009.09.02 17:24:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.02 00:28:50 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.09.29 16:59:15 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.26 10:46:45 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\plugin2@gameplaylabs.com
[2011.08.23 22:16:36 | 000,002,333 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\askcom.xml
[2012.05.14 11:52:37 | 000,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-1.xml
[2007.07.31 18:50:06 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-2.xml
[2007.09.19 17:54:06 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-3.xml
[2007.10.20 16:04:37 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-4.xml
[2007.11.28 17:58:01 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-5.xml
[2007.12.11 18:34:14 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-6.xml
[2007.12.12 18:09:58 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-7.xml
[2008.02.08 21:51:13 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-8.xml
[2008.03.26 22:13:18 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-9.xml
[2007.06.30 09:12:59 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin.xml
[2011.03.10 19:39:18 | 000,002,062 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\qip-search.xml
[2011.11.10 18:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.14 11:50:04 | 000,279,187 | ---- | M] () (No name found) -- C:\WINDOWS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FLSYW2ZM.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
[2011.11.10 18:04:06 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.01.04 03:29:08 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.02 21:37:48 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npgcplug.dll
[2005.04.27 22:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2011.09.03 18:02:30 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.09.03 18:02:30 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.03 18:02:30 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.09.03 18:02:30 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.09.03 18:02:30 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.17 13:27:51 | 000,435,581 | R--- | M]) - C:\WINDOWS\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 15016 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (GamePlayLabsBHO Class) - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - Reg Error: Value error. File not found
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKU\S-1-5-19\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-20\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html File not found
O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7944229D-3C94-48FF-8B24-F93FAF7535FF}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///D:/ppkplus/obrazky/g0134907.WMF
O24 - Desktop Components:1 () - file:///D:/P6.jpg
O24 - Desktop Components:2 () - http://vsemix.site.cz/tapety/priroda/4.jpg
O24 - Desktop Components:3 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\a\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\a\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O30 - LSA: Authentication Packages - (C:\windows\system32\ljJDwXno) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8f7be6a4-4958-11da-9c03-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{8f7be6a4-4958-11da-9c03-806d6172696f}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Toshiba\more4you.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (iolobtdfg C:\windows\system32)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1056
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\LHACM.ACM (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSACM.VOXACM160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.I263 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\WINDOWS\System32\KMVIDC32.DLL ()
Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\x264vfw.dll ()
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.14 21:19:07 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
[2012.05.14 13:35:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\a\Recent
[2012.05.14 12:57:14 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.05.14 12:57:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2012.05.14 12:57:13 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.05.14 12:57:10 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.05.14 12:57:09 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.05.14 12:57:08 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.05.14 12:57:08 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.05.14 12:57:08 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.05.14 12:57:07 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.05.14 12:56:18 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.05.14 12:56:16 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.05.14 12:55:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.05.14 12:55:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.05.14 12:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[5850 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.05.14 21:28:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.14 21:19:19 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\a\Plocha\OTL.exe
[2012.05.14 21:15:58 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012.05.14 21:15:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.05.14 16:59:40 | 002,176,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.14 16:58:31 | 000,000,825 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2012.05.14 16:58:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.14 16:57:56 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.14 16:33:30 | 000,437,730 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.14 16:33:30 | 000,435,228 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.05.14 16:33:30 | 000,081,384 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.05.14 16:33:30 | 000,070,042 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.14 16:25:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.05.14 13:31:52 | 000,001,779 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2012.05.14 12:57:15 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2012.05.14 12:57:08 | 000,002,876 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[5850 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.05.14 21:28:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.14 16:11:22 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.05.14 12:57:15 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2011.01.27 17:34:10 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2010.06.24 12:31:42 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
========== LOP Check ==========
[2007.06.01 10:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Application Data\Spyware Terminator
[2007.06.02 08:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michala\Application Data\Spyware Terminator
[2007.02.21 08:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Taťka\Application Data\Spyware Terminator
[2012.05.14 21:15:58 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\Drivers\atapi.sys
[2004.08.17 15:57:28 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.17 15:57:28 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\System32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\System32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\System32\Drivers\cdrom.sys
[2004.08.17 15:57:28 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.06.14 22:14:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\System32\HAL.DLL
[2004.08.17 15:57:28 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\System32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\System32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\System32\Drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\System32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\System32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[5850 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\All users\DRM\Cache\*.tmp files -> C:\WINDOWS\All users\DRM\Cache\*.tmp -> ]
[1 C:\WINDOWS\Application Data\Google\GoogleEarth\*.tmp files -> C:\WINDOWS\Application Data\Google\GoogleEarth\*.tmp -> ]
[1 C:\WINDOWS\Application Data\Microsoft\Office\*.tmp files -> C:\WINDOWS\Application Data\Microsoft\Office\*.tmp -> ]
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.10.07 07:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.09.05 11:51:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Adobe
[2008.07.28 06:48:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\AdobeUM
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Anvil Studio
[2010.03.09 10:44:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\AnvSoft
[2006.10.16 12:10:26 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Apple Computer
[2009.08.30 09:54:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ArcSoft
[2007.05.13 13:10:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Ashampoo
[2011.02.26 12:45:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Azureus
[2007.02.22 20:17:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\BitTorrent
[2009.10.28 20:27:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Canneverbe_Limited
[2008.05.18 10:10:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\CDBurnerXP_Soft
[2007.04.14 08:09:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Command & Conquer 3 Tiberium Wars Demo
[2009.04.24 15:54:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Comodo
[2010.01.11 16:44:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Creative
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\CyberLink
[2006.12.04 16:36:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DeepBurner
[2009.06.24 16:06:03 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Desktopicon
[2007.05.30 07:55:47 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Disney Interactive Studios
[2010.06.03 16:24:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DivX
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DVD Shrink
[2010.09.29 16:59:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\DVDVideoSoftIEHelpers
[2008.03.26 09:40:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Elaborate Bytes
[2007.12.03 08:56:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ESET
[2009.04.18 19:25:18 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\FarmingSimulator2008
[2007.01.26 14:56:48 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\flightgear.org
[2009.06.27 20:10:32 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Google
[2009.12.12 17:18:19 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Hamachi
[2005.08.14 08:48:21 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Help
[2007.12.23 20:30:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\HP
[2007.03.23 17:40:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ICQ Toolbar
[2007.02.20 18:47:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ICQLite
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Identities
[2009.09.12 09:15:00 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\IMSIDesign
[2005.07.13 23:49:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\InfoTurist
[2008.04.09 17:58:09 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\InstallShield
[2011.04.05 20:11:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Jpeg Resampler
[2007.04.14 10:16:10 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Lavasoft
[2006.03.08 14:30:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Leadertech
[2008.12.24 21:07:41 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Logitech
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Macromedia
[2008.11.01 16:41:25 | 000,000,000 | --SD | M] -- C:\WINDOWS\Application Data\Microsoft
[2008.04.20 08:28:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Microsoft Games
[2006.03.22 18:51:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Microsoft Web Folders
[2011.03.11 22:36:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Miranda
[2008.07.05 08:53:38 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Mozilla
[2007.04.23 15:25:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\My Games
[2008.05.18 12:35:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Nero
[2008.12.03 17:58:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Nvu
[2008.04.12 17:06:43 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Off Road
[2006.04.08 07:51:02 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Opera
[2007.06.06 17:11:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Pamela
[2009.11.07 15:41:29 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Pinec
[2007.08.20 18:35:27 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\QIP
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Ratbag
[2010.06.28 08:54:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Real
[2011.11.11 19:09:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Rovio
[2005.10.13 17:08:42 | 000,000,000 | RH-D | M] -- C:\WINDOWS\Application Data\SecuROM
[2007.02.16 13:10:40 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Simply Super Software
[2010.01.17 01:00:57 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\skypePM
[2007.03.24 08:50:16 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\SlySoft
[2011.04.25 12:35:30 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Smart PC Solutions
[2006.01.28 21:57:08 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Sony Corporation
[2007.08.01 09:43:28 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\SpieleEntwicklungsKombinat
[2007.04.20 19:46:20 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Sports Interactive
[2008.08.22 21:46:33 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Spybot - Search & Destroy
[2008.06.03 14:37:07 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Spyware Terminator
[2007.02.23 20:58:36 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Sun
[2008.05.31 06:43:53 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\SUPERAntiSpyware.com
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Symantec
[2005.07.13 23:49:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Talkback
[2008.12.03 18:10:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\teamspeak2
[2006.10.09 18:07:13 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Teleca
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Thunderbird
[2012.05.14 13:35:11 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\uTorrent
[2010.12.25 12:30:05 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Vso
[2005.07.13 23:49:56 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\Zoner
< %APPDATA%\*.exe /s >
[2010.11.07 18:32:08 | 000,081,920 | ---- | M] () -- C:\WINDOWS\Application Data\ezpinst.exe
[2010.12.25 12:29:46 | 000,087,608 | ---- | M] () -- C:\WINDOWS\Application Data\inst.exe
[2008.05.23 22:18:39 | 019,900,192 | ---- | M] ( ) -- C:\WINDOWS\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr710_en_US.exe
[2008.10.28 18:20:32 | 000,089,088 | ---- | M] () -- C:\WINDOWS\Application Data\Desktopicon\eBayShortcuts.exe
[2008.05.29 08:03:08 | 000,037,176 | ---- | M] () -- C:\WINDOWS\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2006.02.20 15:44:28 | 000,010,134 | R--- | M] () -- C:\WINDOWS\Application Data\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2008.12.24 21:04:44 | 000,010,134 | R--- | M] () -- C:\WINDOWS\Application Data\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
[2008.12.24 21:00:52 | 000,010,134 | R--- | M] () -- C:\WINDOWS\Application Data\Microsoft\Installer\{C89C8D86-4423-4A58-AA40-DD259ACE07C1}\ARPPRODUCTICON.exe
[2005.10.17 12:12:46 | 000,258,048 | ---- | M] () -- C:\WINDOWS\Application Data\uTorrent\wget.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.05.14 21:15:58 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2005.12.09 16:45:57 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys
[2007.06.18 11:45:54 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2005.07.13 23:40:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005.07.13 23:40:28 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005.07.13 23:40:28 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.14 12:57:08 | 000,002,876 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.05.14 16:59:40 | 002,176,968 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.05.14 16:58:31 | 000,000,825 | -HS- | M] () -- C:\WINDOWS\system32\mmf.sys
[2012.05.14 16:33:30 | 000,081,384 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.05.14 16:33:30 | 000,070,042 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.05.14 16:33:30 | 000,435,228 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.05.14 16:33:30 | 000,437,730 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.05.14 16:33:30 | 000,995,960 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.05.14 21:15:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.11.10 18:04:05 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=4CB4054659ABEEEF925B153E2290E634 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.02.29 13:01:00 | 000,634,680 | ---- | M] (Microsoft Corporation) MD5=50BA6A230D743A4D33BFFA2FA1113055 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.14 21:28:09 | 000,000,512 | ---- | M] () MD5=C95D40D9C71832F9DA9E0AFA4BCDC92F -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2001.12.19 00:55:10 | 000,013,312 | ---- | M] () -- \Diderot\Common\crack.exe
[2007.05.19 13:12:18 | 000,020,657 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\Bus_Driver___Crack.3656572.TPB.torrent
[2007.04.23 12:48:07 | 000,028,606 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\CIVILIZATION.4.+Patch.v1.52.+Crack.torrent
[2007.05.31 06:33:37 | 000,169,865 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] Battlestations - Midway.-.Keygen. .Crack.Testato!.by.summerinitaly.rar.torrent
[2007.05.08 10:15:33 | 000,024,924 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] Desperados 2 Coopers Revenge DVD Crack.torrent
[2007.05.30 13:14:05 | 000,013,703 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\^mininova.org^ Enlight__s_Restaurant_Empire_(Full_Game)___Crack___Cheat___Walkt.3415726.TPB.torrent
[2009.04.24 15:57:01 | 000,001,034 | ---- | M] () -- \WINDOWS\Application Data\Microsoft\Office\Naposledy otevřené\crack.LNK
[2008.03.26 09:16:17 | 000,007,897 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\A Clone DVD - Clone CD and Any DVD + cracks april 2007.rar.torrent
[2008.02.29 16:34:56 | 000,008,804 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Ad-Aware 2007 + working crack.rar.torrent
[2007.10.22 18:22:41 | 000,037,790 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Sega Rally [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com].torrent
< *keygen* /s >
[2007.05.31 06:33:37 | 000,169,865 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] Battlestations - Midway.-.Keygen. .Crack.Testato!.by.summerinitaly.rar.torrent
[2007.05.12 12:17:53 | 000,020,124 | ---- | M] () -- \WINDOWS\Application Data\Azureus\torrents\[isoHunt] PC Translator 2007 full ISO(CZ) Keygen.torrent
[2008.05.18 11:46:29 | 000,015,722 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Nero 8 Ultra Edition v8.3.2.1 + Keygen.torrent
[2007.09.15 08:09:57 | 000,000,867 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\NHL_08_Keygen-HATRED.torrent
[2009.04.26 13:53:06 | 000,000,807 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\PowerISO4.3+keygen.rar.torrent
[2009.04.25 18:15:17 | 000,019,261 | ---- | M] () -- \WINDOWS\Application Data\uTorrent\Zoner Photo Studio Enterprise X (v10)+Keygen-HeartBug.torrent
< *loader* /s >
[2007.03.09 21:07:27 | 000,005,482 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\ZlobDownloader.zip
[2009.08.18 16:47:08 | 001,716,224 | ---- | M] () -- \Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader.exe
[2009.08.18 16:47:08 | 001,064,960 | ---- | M] () -- \Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
[2008.02.28 13:26:06 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2004.11.25 15:27:26 | 000,011,481 | ---- | M] () -- \Program Files\Sony\SonicStage\Data\XML\AppEMDDownLoader.xml
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2005.06.07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.08.18 16:47:01 | 000,421,888 | ---- | M] () -- \WINDOWS\NEXON_EU_DownloaderUpdater.exe
[5850 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\System32\dmloader.dll
[1 \WINDOWS\System32\*.tmp files -> \WINDOWS\System32\*.tmp -> ]
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\System32\dllcache\dmloader.dll
[2007.04.30 15:43:12 | 000,009,622 | ---- | M] () -- \WINDOWS\System32\MACROMED\Shockwave 10\shockwave_Projector_Loader.dcr
========== Files - Unicode (All) ==========
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\???????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϯϸϹϴϴϵϾϻϵЉ
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\?????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρЂϻϵЉЃϵϳЅ
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\?????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϴϱЄϱЃϵϳЅ
File not found(C:\WINDOWS\Application Data\SecuROM\UserData\????????????????????) -- C:\WINDOWS\Application Data\SecuROM\UserData\ЃϵϳЅЂϿϽϯІχϯπρϯϸϹϴϴϵϾ
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\CURSORS\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
< End of report >
Re: Pomalý PC. Prosím o kontrolu logu
OTL Extras logfile created on: 14.5.2012 21:23:01 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\a\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Czech Republic | Language: csy | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 93,95 Mb Available Physical Memory | 18,37% Memory free
1,22 Gb Paging File | 0,82 Gb Available in Paging File | 67,37% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 43,90 Gb Free Space | 29,45% Space Free | Partition Type: NTFS
Computer Name: AMD | User Name: a | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.scr [@ = scrfile] -- "%1" /s
[HKEY_USERS\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe" = C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup -- (Kaspersky Lab)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine -- ()
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe" = C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe:*:Enabled:Need For Speed III for Win32
"C:\games\SIERRA\MaximumCueball\pool.exe" = C:\games\SIERRA\MaximumCueball\pool.exe:*:Enabled:Maximum Cueball.
"C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe" = C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe:*:Enabled:MXvsATV
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{44B68762-4AAF-4E75-A8EA-561D55EE8B42}" = Panasonic USB Storage Driver
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{68FBB7BE-34F5-4FE9-AA07-E7894533CF0E}" = TurboCAD Professional 14
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B4881BA-C7DF-4F02-87C3-9835953321F6}" = Encyklopedie Diderot 2002
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{766D51EF-3F9E-490F-8490-0F24910F18BC}" = Zoner Media Explorer 6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3F7D5D-8A53-4A7C-B6DA-22DD1212EB55}" = Internet Explorer
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8BB65964-56E7-4DC7-B65D-3EF5FEC9842A}" = Testy Autoškola
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}" = ArcSoft Software Suite
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C89C8D86-4423-4A58-AA40-DD259ACE07C1}" = KhalSetup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"µTorrent CZ_is1" = µTorrent CZ 1.7.2 (build 3458)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BCM Diagnostics 1.02" = BCM Diagnostics
"CCleaner" = CCleaner
"CodInstl" = Intel A/V Codecs V2.0
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.2
"DVDFab 8_is1" = DVDFab 8.0.6.1 (18/12/2010)
"EAX Unified" = EAX Unified
"Enable S3 for USB Device" = Enable S3 for USB Device
"GamePlayLabs Plugin" = GamePlayLabs Plugin
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.2.5
"Mafia Game" = Mafia Game
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM" = Miranda IM 0.9.17
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Mplayer.com" = Mplayer.com
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Multipath Movies" = Multipath Movies
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01
"OrganicArtMS" = Organic Art, Microsoft Edition
"PC Translator" = PC Translator
"Pure Sudoku_is1" = Pure Sudoku 1.11
"The KMPlayer" = The KMPlayer (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Wincmd" = Windows Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"ZAV1_is1" = ZAV 4.39 (32bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Starsky & Hutch" = Starsky & Hutch
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Starsky & Hutch" = Starsky & Hutch
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.5.2012 12:54:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 12:54:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 14:48:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 14:48:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 15:15:23 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 15:15:23 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 16:28:18 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 16:28:18 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 17:11:24 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 17:11:24 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ OSession Events ]
Error - 13.1.2008 13:45:20 | Computer Name = AMD | Source = Microsoft Office 12 Sessions | ID = 7001
Description =
Error - 24.3.2008 15:44:49 | Computer Name = AMD | Source = Microsoft Office 12 Sessions | ID = 7001
Description =
Error - 16.4.2008 13:50:54 | Computer Name = AMD | Source = Microsoft Office 12 Sessions | ID = 7001
Description =
[ System Events ]
Error - 14.5.2012 7:07:04 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.
Error - 14.5.2012 7:07:04 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 14.5.2012 7:08:56 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Pml Driver HPZ12.
Error - 14.5.2012 7:08:56 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Pml Driver HPZ12 neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Trial Reset.
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Eset Trial Reset neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%2
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053
< End of report >
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\a\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Czech Republic | Language: csy | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 93,95 Mb Available Physical Memory | 18,37% Memory free
1,22 Gb Paging File | 0,82 Gb Available in Paging File | 67,37% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 43,90 Gb Free Space | 29,45% Space Free | Partition Type: NTFS
Computer Name: AMD | User Name: a | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.scr [@ = scrfile] -- "%1" /s
[HKEY_USERS\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe" = C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup -- (Kaspersky Lab)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine -- ()
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe" = C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe:*:Enabled:Need For Speed III for Win32
"C:\games\SIERRA\MaximumCueball\pool.exe" = C:\games\SIERRA\MaximumCueball\pool.exe:*:Enabled:Maximum Cueball.
"C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe" = C:\Program Files\THQ\MX vs ATV Unleashed\MXvsATV.exe:*:Enabled:MXvsATV
"C:\Program Files\Miranda IM\miranda32.exe" = C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM -- ( )
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{44B68762-4AAF-4E75-A8EA-561D55EE8B42}" = Panasonic USB Storage Driver
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{68FBB7BE-34F5-4FE9-AA07-E7894533CF0E}" = TurboCAD Professional 14
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B4881BA-C7DF-4F02-87C3-9835953321F6}" = Encyklopedie Diderot 2002
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{766D51EF-3F9E-490F-8490-0F24910F18BC}" = Zoner Media Explorer 6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3F7D5D-8A53-4A7C-B6DA-22DD1212EB55}" = Internet Explorer
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8BB65964-56E7-4DC7-B65D-3EF5FEC9842A}" = Testy Autoškola
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}" = ArcSoft Software Suite
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C89C8D86-4423-4A58-AA40-DD259ACE07C1}" = KhalSetup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"µTorrent CZ_is1" = µTorrent CZ 1.7.2 (build 3458)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BCM Diagnostics 1.02" = BCM Diagnostics
"CCleaner" = CCleaner
"CodInstl" = Intel A/V Codecs V2.0
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.2
"DVDFab 8_is1" = DVDFab 8.0.6.1 (18/12/2010)
"EAX Unified" = EAX Unified
"Enable S3 for USB Device" = Enable S3 for USB Device
"GamePlayLabs Plugin" = GamePlayLabs Plugin
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.2.5
"Mafia Game" = Mafia Game
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM" = Miranda IM 0.9.17
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"Mplayer.com" = Mplayer.com
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Multipath Movies" = Multipath Movies
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01
"OrganicArtMS" = Organic Art, Microsoft Edition
"PC Translator" = PC Translator
"Pure Sudoku_is1" = Pure Sudoku 1.11
"The KMPlayer" = The KMPlayer (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Wincmd" = Windows Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"ZAV1_is1" = ZAV 4.39 (32bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Starsky & Hutch" = Starsky & Hutch
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Starsky & Hutch" = Starsky & Hutch
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.5.2012 12:54:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 12:54:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 14:48:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 14:48:15 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 15:15:23 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 15:15:23 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 16:28:18 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 16:28:18 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 17:11:24 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 14.5.2012 17:11:24 | Computer Name = AMD | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ OSession Events ]
Error - 13.1.2008 13:45:20 | Computer Name = AMD | Source = Microsoft Office 12 Sessions | ID = 7001
Description =
Error - 24.3.2008 15:44:49 | Computer Name = AMD | Source = Microsoft Office 12 Sessions | ID = 7001
Description =
Error - 16.4.2008 13:50:54 | Computer Name = AMD | Source = Microsoft Office 12 Sessions | ID = 7001
Description =
[ System Events ]
Error - 14.5.2012 7:07:04 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.
Error - 14.5.2012 7:07:04 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 14.5.2012 7:08:56 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Pml Driver HPZ12.
Error - 14.5.2012 7:08:56 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Pml Driver HPZ12 neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Trial Reset.
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Eset Trial Reset neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7023
Description = Služba HID Input Service byla ukončena s následující chybou: %%2
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.
Error - 14.5.2012 7:18:01 | Computer Name = AMD | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053
< End of report >
Re: Pomalý PC. Prosím o kontrolu logu
Cracky a keygeny jsou nejlepsi cesta do pekel a k zavirovani PC 
Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/
- C:\WINDOWS\System32\Drivers\papycpu2.sys
C:\WINDOWS\System32\Drivers\papyjoy.sys
C:\WINDOWS\Runservice.exe - Kliknete na Choose file
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Scan It
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý PC. Prosím o kontrolu logu
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DRIVERS\VGAUTI.sys -- (VGAUTI) DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\VClone.sys -- (VClone) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys -- (SYMIDSCO) DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\sm56pci.sys -- (sm56pci) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (k750mdm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (jnv4_mib) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs) IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms} IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672 IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\${searchCLSID}: "URL" = http://search.yahoo.com/search?ei=ISO-8 ... =megaup&q={searchTerms} IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=542e0df6-cfcc-4438-a02d-91dc2fb243f6&apn_sauid=A33004ED-7077-43E2-AB28-5D3E2C6492C6& IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60076 IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms} IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{ADB3B143-6E53-4FE1-A6F9-5713C7C50607}: "URL" = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta= IE - HKU\S-1-5-21-1844237615-1957994488-682003330-1003\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd FF - prefs.js..browser.search.defaultenginename: "QIP Search" FF - prefs.js..browser.search.order.1: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "megaup" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup" FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query=" [2010.08.02 00:28:50 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} [2010.09.29 16:59:15 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.03.26 10:46:45 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\extensions\plugin2@gameplaylabs.com [2011.08.23 22:16:36 | 000,002,333 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\askcom.xml [2012.05.14 11:52:37 | 000,000,950 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-1.xml [2007.07.31 18:50:06 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-2.xml [2007.09.19 17:54:06 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-3.xml [2007.10.20 16:04:37 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-4.xml [2007.11.28 17:58:01 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-5.xml [2007.12.11 18:34:14 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-6.xml [2007.12.12 18:09:58 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-7.xml [2008.02.08 21:51:13 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-8.xml [2008.03.26 22:13:18 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin-9.xml [2007.06.30 09:12:59 | 000,000,951 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\icqplugin.xml [2011.03.10 19:39:18 | 000,002,062 | ---- | M] () -- C:\WINDOWS\Application Data\Mozilla\Firefox\Profiles\flsyw2zm.default\searchplugins\qip-search.xml [2007.01.04 03:29:08 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll O2 - BHO: (GamePlayLabsBHO Class) - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - Reg Error: Value error. File not found O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\WINDOWS\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O3 - HKU\S-1-5-19\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-20\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O8 - Extra context menu item: AMV convert tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.02\AMVConverter\grab.html File not found O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: Internet Explorer Classes for Java Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.) O30 - LSA: Authentication Packages - (C:\windows\system32\ljJDwXno) - File not found O33 - MountPoints2\{8f7be6a4-4958-11da-9c03-806d6172696f}\Shell - "" = AutoRun [1 C:\WINDOWS\All users\DRM\Cache\*.tmp files -> C:\WINDOWS\All users\DRM\Cache\*.tmp -> ] [1 C:\WINDOWS\Application Data\Google\GoogleEarth\*.tmp files -> C:\WINDOWS\Application Data\Google\GoogleEarth\*.tmp -> ] [1 C:\WINDOWS\Application Data\Microsoft\Office\*.tmp files -> C:\WINDOWS\Application Data\Microsoft\Office\*.tmp -> ] [19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ] [2007.12.03 08:56:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ESET [2007.03.23 17:40:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\Application Data\ICQ Toolbar [2012.05.14 21:15:58 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job @Alternate Data Stream - 6144 bytes -> C:\WINDOWS\CURSORS\arrow_n.cur:NEDTA.DAT @Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF @Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 :services NOD32FiXTemDono .EsetTrialReset :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=- "QuickTime Task"=- "Adobe Reader Speed Launcher"=- "SunJavaUpdateSched"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=- "MSMSGS"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] :files C:\Diderot\Common\crack.exe C:\WINDOWS\Application Data\Azureus\torrents\Bus_Driver___Crack.3656572.TPB.torrent C:\WINDOWS\Application Data\Azureus\torrents\CIVILIZATION.4.+Patch.v1.52.+Crack.torrent C:\WINDOWS\Application Data\Azureus\torrents\[isoHunt] Battlestations - Midway.-.Keygen. .Crack.Testato!.by.summerinitaly.rar.torrent C:\WINDOWS\Application Data\Azureus\torrents\[isoHunt] Desperados 2 Coopers Revenge DVD Crack.torrent C:\WINDOWS\Application Data\Azureus\torrents\^mininova.org^ Enlight__s_Restaurant_Empire_(Full_Game)___Crack___Cheat___Walkt.3415726.TPB.torrent C:\WINDOWS\Application Data\Microsoft\Office\Naposledy otevřené\crack.LNK C:\WINDOWS\Application Data\uTorrent\A Clone DVD - Clone CD and Any DVD + cracks april 2007.rar.torrent C:\WINDOWS\Application Data\uTorrent\Ad-Aware 2007 + working crack.rar.torrent C:\WINDOWS\Application Data\uTorrent\Sega Rally [PCDVD + Crack][Spanish_EN_GE_FR_IT][www.newpct.com].torrent C:\WINDOWS\Application Data\Azureus\torrents\[isoHunt] Battlestations - Midway.-.Keygen. .Crack.Testato!.by.summerinitaly.rar.torrent C:\WINDOWS\Application Data\Azureus\torrents\[isoHunt] PC Translator 2007 full ISO(CZ) Keygen.torrent C:\WINDOWS\Application Data\uTorrent\Nero 8 Ultra Edition v8.3.2.1 + Keygen.torrent C:\WINDOWS\Application Data\uTorrent\NHL_08_Keygen-HATRED.torrent C:\WINDOWS\Application Data\uTorrent\PowerISO4.3+keygen.rar.torrent C:\WINDOWS\Application Data\uTorrent\Zoner Photo Studio Enterprise X (v10)+Keygen-HeartBug.torrent %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý PC. Prosím o kontrolu logu
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Doporucuji provest defragmentaci disku
- Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
- Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
- Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace
Napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Pomalý PC. Prosím o kontrolu logu
tak všechno provedeno Defragmentace programem Defraggler trvala asi 6 hodin. PC se mi zdá o něco svižnější ale pořád to neni to co bývalo. Možná tam nějakou roli hraje ta nízká operační pamět (512mb), anebo že mám PC rozdělen na 4 uživatelské profily a nestíhá to. Taky se mi občas zdá, že PC dlouho pracuje i když nemám spuštěné žádné služby a není to jen při spuštění. Ale díky moc za pomoc.
Defragmentace programem Defraggler trvala asi 6 hodin. PC se mi zdá o něco svižnější ale pořád to neni to co bývalo. Možná tam nějakou roli hraje ta nízká operační pamět (512mb), anebo že mám PC rozdělen na 4 uživatelské profily a nestíhá to. Taky se mi občas zdá, že PC dlouho pracuje i když nemám spuštěné žádné služby a není to jen při spuštění. Ale díky moc za pomoc.Re: Pomalý PC. Prosím o kontrolu logu
Ano, ty RAMky tam jsou problemem, doporucuji navysit na 1GB
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
