Xp home security 2012 - nelze vypnout

Zpráva

#16 Příspěvek od **stell** » 17 črc 2011 16:41

Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
do okna >vloz zeleny text a klik Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt a Extras.txt

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Nift · #17 Příspěvek od **Nift** » 17 črc 2011 17:07

Skenuje to celý disk - je to tak správně?

#18 Příspěvek od **stell** » 17 črc 2011 17:13

jasne, pockaj logy. a vloz ich sem

Nift · #19 Příspěvek od **Nift** » 17 črc 2011 17:14

OTL.txt má přes 200KB a extras.txt asi 60KB - to sem asi nedostanu.
Co s tím?

#20 Příspěvek od **stell** » 17 črc 2011 17:15

no rozdel ich do viac prispevkov,

Nift · #21 Příspěvek od **Nift** » 17 črc 2011 17:17

OK.

OTL logfile created on: 17.7.2011 17:48:46 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = H:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,93% Memory free
2,85 Gb Paging File | 2,34 Gb Available in Paging File | 81,94% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 174,96 Gb Free Space | 75,13% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 337,43 Gb Free Space | 36,22% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 112,88 Gb Free Space | 37,87% Space Free | Partition Type: NTFS
Drive H: | 7,39 Gb Total Space | 7,38 Gb Free Space | 99,80% Space Free | Partition Type: FAT32

Computer Name: PK1 | User Name: Pavel Kácha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.17 17:44:34 | 000,579,584 | ---- | M] (OldTimer Tools) -- H:\OTL.exe
PRC - [2010.07.06 18:02:11 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010.06.23 13:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009.11.26 17:45:48 | 000,661,008 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.16 20:04:12 | 001,094,936 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2007.05.07 08:55:50 | 000,516,096 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
PRC - [2006.09.26 18:45:32 | 000,561,213 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\AirLive\Bluetooth Software\BTTray.exe
PRC - [2006.09.26 18:37:24 | 000,266,295 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe
PRC - [2006.02.16 07:54:00 | 000,842,788 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\TC PowerPack\TOTALCMD.EXE
PRC - [2003.12.19 02:49:10 | 000,447,492 | ---- | M] (MetaProducts corp) -- C:\Program Files\Net Activity Diagram\nad.exe
PRC - [2003.05.29 16:28:32 | 000,790,528 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

========== Modules (SafeList) ==========

MOD - [2011.07.17 17:44:34 | 000,579,584 | ---- | M] (OldTimer Tools) -- H:\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006.09.26 18:49:46 | 000,077,824 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2006.09.26 18:47:00 | 000,053,248 | ---- | M] () -- C:\Program Files\AirLive\Bluetooth Software\BTKeyInd.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (OMSI download service)
SRV - File not found [Auto | Stopped] -- -- (Creative Service for CDROM Access)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.03.01 09:56:36 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010.10.26 17:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010.07.06 18:02:11 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.06.23 13:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009.11.26 17:45:48 | 000,661,008 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2007.10.16 20:04:12 | 001,094,936 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2007.05.07 08:55:50 | 000,516,096 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe -- (nlsvc)
SRV - [2006.09.26 18:37:24 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

========== Driver Services (SafeList) ==========

DRV - [2011.05.08 23:01:56 | 000,070,001 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer)
DRV - [2010.07.06 18:02:13 | 000,160,288 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2010.07.06 18:02:04 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV - [2010.07.06 18:02:02 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.07.06 18:01:47 | 000,158,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010.04.02 04:05:36 | 000,642,560 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.12.30 12:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.08.26 14:07:40 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.08.26 14:07:40 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.08.05 16:06:30 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.08.05 16:06:28 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.08.05 16:06:28 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008.08.10 22:52:35 | 000,021,672 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008.08.10 22:52:35 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008.05.16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008.05.16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008.05.16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008.05.16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008.04.13 21:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.06.19 09:51:20 | 000,107,304 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdm.sys -- (s816mdm)
DRV - [2007.06.19 09:51:18 | 000,099,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.19 09:51:18 | 000,097,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)
DRV - [2007.06.19 09:51:18 | 000,097,320 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816obex.sys -- (s816obex)
DRV - [2007.06.19 09:51:18 | 000,021,928 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816nd5.sys -- (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)
DRV - [2007.06.19 09:51:18 | 000,013,864 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdfl.sys -- (s816mdfl)
DRV - [2007.06.19 09:51:16 | 000,081,832 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)
DRV - [2007.04.23 13:03:04 | 000,082,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi)
DRV - [2007.04.09 14:27:07 | 000,031,548 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006.12.25 03:35:22 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2006.11.02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
DRV - [2006.09.26 18:20:48 | 000,329,901 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.09.26 18:18:12 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006.09.26 18:16:24 | 000,862,490 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.09.26 18:12:38 | 000,030,459 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.09.26 18:12:24 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006.09.26 18:11:36 | 000,067,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.09.26 18:09:46 | 000,149,028 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006.09.26 18:08:04 | 000,047,875 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006.09.24 15:28:47 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.02.20 20:01:01 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2005.08.09 20:40:43 | 000,010,345 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.05.31 00:58:52 | 000,028,160 | ---- | M] (W1zzard) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2005.05.03 17:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.02.01 16:46:00 | 000,056,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atineuxx.sys -- (ATITUNEP)
DRV - [2005.02.01 16:45:12 | 000,074,240 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinesxx.sys -- (ATIXSAudio)
DRV - [2005.02.01 16:42:58 | 000,165,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinevxx.sys -- (atinevxx)
DRV - [2005.02.01 16:41:40 | 000,015,360 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2005.02.01 16:37:46 | 000,055,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2005.02.01 16:36:04 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinttxx.sys -- (TTDec)
DRV - [2004.09.28 17:18:08 | 000,068,222 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2004.08.22 17:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004.08.22 17:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus)
DRV - [2004.08.03 21:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004.07.15 17:01:52 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2004.05.26 16:08:00 | 000,007,296 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2004.05.01 15:45:34 | 000,031,360 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ProtoWall.sys -- (ProtoWall)
DRV - [2004.04.01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.07.17 04:22:10 | 000,147,328 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EL2K_XP.sys -- (EL2000)
DRV - [2003.05.20 19:20:00 | 000,070,272 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaraid.sys -- (viaraid)
DRV - [2003.04.11 07:32:36 | 000,502,160 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2003.04.03 04:59:46 | 000,850,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003.04.01 14:07:58 | 000,142,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2003.03.31 15:29:42 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003.03.28 15:31:54 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10uif.sys -- (X10UIF)
DRV - [2003.03.25 14:13:30 | 000,144,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2003.03.25 14:13:20 | 000,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2003.03.25 14:13:02 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2003.03.25 14:12:54 | 000,190,176 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003.03.25 14:11:24 | 000,134,656 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2003.03.14 13:18:30 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003.03.09 19:42:18 | 000,008,672 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uscbs108.sys -- (uscbs108)
DRV - [2003.03.09 19:41:38 | 000,102,336 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uscsc108.sys -- (uscsc108)
DRV - [2003.03.05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\pfmodnt.sys -- (PfModNT)
DRV - [2002.09.20 04:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002.04.17 21:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (AsapiW2K)
DRV - [1999.09.10 14:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
DRV - [1997.04.22 10:16:00 | 000,006,272 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKU\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-220523388-343818398-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-220523388-343818398-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 195.175.37.8:8080

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:blank"

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.100: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

[2007.05.07 23:56:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Mozilla\Firefox\Profiles\ea0a86sk.default\extensions
[2007.04.12 08:45:31 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Mozilla\Firefox\Profiles\ea0a86sk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

O1 HOSTS File: ([2011.01.16 16:53:44 | 000,000,867 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activation.guitar-pro.com
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKLM\..\Toolbar: (NetXfer) - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll (Xi)
O3 - HKLM\..\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O3 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-220523388-343818398-839522115-1004..\Run: [1312660794] File not found
O4 - HKU\S-1-5-21-220523388-343818398-839522115-1004..\Run: [AutoPowerOn] C:\Program Files\Auto Power-on\autopoweron.exe (Lifsoft,INC)
O4 - HKU\S-1-5-21-220523388-343818398-839522115-1004..\Run: [NetXfer] C:\Program Files\Xi\NetXfer\NetTransport.exe (Xi)
O4 - HKU\S-1-5-21-220523388-343818398-839522115-1004..\Run: [TViXNetShare] C:\Program Files\DVICO\TViXNetShare\tvixnetshare.exe (DVICO)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\AirLive\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Pavel Kácha\Nabídka Start\Programy\Po spuštění\Net Activity Diagram.lnk = C:\Program Files\Net Activity Diagram\nad.exe (MetaProducts corp)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-343818398-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download All by NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download by NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\AirLive\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Stáhnout pomocí FlashGet - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: Stáhnout vše pomocí FlashGet - C:\Program Files\FlashGet\jc_all.htm ()
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - Reg Error: Key error. File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\AirLive\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\AirLive\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..Trusted Domains: dkm.cz ([kraken] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..Trusted Domains: helevole.com ([forum] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.cz/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v ... 4663535921 (WUWebControl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4896759259 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-220523388-343818398-839522115-1004..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-220523388-343818398-839522115-1004\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found

Drivers32: mixer - C:\WINDOWS\System32\DrvTrNTm.dll (High Criteria inc.)
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: wave - C:\WINDOWS\System32\DrvTrNTm.dll (High Criteria inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.07.17 17:23:57 | 001,906,176 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Pavel Kácha\Plocha\aswMBR.exe
[2011.07.17 16:55:24 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.07.17 16:17:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.07.17 16:17:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.07.17 16:17:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.07.17 16:17:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.07.17 16:17:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.07.17 16:13:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.07.17 12:25:05 | 000,000,000 | ---D | C] -- C:\rsit
[2011.06.22 21:57:27 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2009.12.18 10:46:08 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Data aplikací\hpe2.dll
[2007.09.12 22:45:27 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\pcouffin.sys
[2005.03.02 19:05:40 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2005.03.02 19:05:40 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2004.03.02 20:04:36 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2003.03.09 19:42:44 | 000,047,104 | ---- | C] ( ) -- C:\WINDOWS\uscscsi.dll
[2003.03.09 19:42:18 | 000,008,672 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\uscbs108.sys
[2003.03.09 19:41:38 | 000,102,336 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\uscsc108.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.17 17:37:58 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Plocha\MBR.dat
[2011.07.17 17:29:11 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.07.17 17:28:14 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.17 17:27:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.07.17 17:27:07 | 1609,355,264 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.17 17:22:42 | 001,906,176 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Pavel Kácha\Plocha\aswMBR.exe
[2011.07.17 16:04:56 | 000,001,297 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Plocha\fix1.reg
[2011.07.17 15:44:46 | 000,001,010 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Plocha\fix.reg
[2011.07.17 15:07:12 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.17 14:30:34 | 000,163,631 | -H-- | M] () -- C:\treeinfo.wc
[2011.07.17 13:18:49 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.07.17 12:58:45 | 000,011,974 | -HS- | M] () -- C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t
[2011.07.17 12:58:45 | 000,011,974 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t
[2011.07.14 17:19:48 | 000,248,335 | ---- | M] () -- C:\logfile
[2011.07.14 17:19:09 | 013,835,264 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mbb
[2011.07.14 17:19:09 | 006,639,616 | R--- | M] () -- C:\Documents and Settings\All Users\Dokumenty\ESBK.mb
[2011.07.14 11:34:08 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011.07.13 09:28:24 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.13 09:19:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.07.01 16:53:31 | 000,494,714 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.07.01 16:53:31 | 000,489,418 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.07.01 16:53:31 | 000,099,256 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.07.01 16:53:31 | 000,085,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.06.26 08:45:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2011.06.22 21:57:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.06.21 22:25:52 | 000,000,067 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\default.pls
[2011.06.21 22:25:18 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.17 17:31:53 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Plocha\MBR.dat
[2011.07.17 16:17:27 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.17 16:17:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.07.17 16:17:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.07.17 16:17:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.07.17 16:17:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.07.17 16:05:33 | 000,001,297 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Plocha\fix1.reg
[2011.07.17 16:02:11 | 1609,355,264 | -HS- | C] () -- C:\hiberfil.sys
[2011.07.17 15:45:42 | 000,001,010 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Plocha\fix.reg
[2011.07.17 13:18:49 | 000,000,785 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.07.17 10:32:12 | 000,011,974 | -HS- | C] () -- C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t
[2011.07.17 10:32:12 | 000,011,974 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t
[2011.05.08 23:01:56 | 000,585,791 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2011.05.08 23:01:56 | 000,581,632 | ---- | C] () -- C:\WINDOWS\gmer.exe
[2011.05.08 23:01:56 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2010.11.21 02:26:57 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.05.03 10:30:24 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.05.03 10:30:22 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.05.03 10:30:22 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.05.03 10:30:22 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.05.03 10:30:16 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.02.11 06:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.02.11 06:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.08.31 16:23:35 | 002,515,656 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.08.31 16:23:35 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.08.28 21:50:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.08.26 14:07:40 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.08.26 14:07:40 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.08.14 17:31:58 | 000,012,439 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\jigipesefy.lib
[2009.08.14 17:31:58 | 000,010,318 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\futoga.dl
[2009.08.14 17:31:57 | 000,018,986 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\tawugesodo._dl
[2009.08.14 17:31:57 | 000,018,140 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\ivawudun.inf
[2009.08.14 17:31:57 | 000,015,026 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\heveqyvij.sys
[2009.06.09 02:34:40 | 000,000,051 | ---- | C] () -- C:\WINDOWS\ScreenHunter.INI
[2009.05.22 16:21:34 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.04.30 22:22:24 | 000,000,939 | ---- | C] () -- C:\WINDOWS\PVAStrumento.ini
[2009.03.13 23:48:42 | 000,000,398 | ---- | C] () -- C:\WINDOWS\asfbinapp.INI
[2009.03.12 12:02:21 | 000,000,034 | -H-- | C] () -- C:\WINDOWS\System32\DVDRippper_sysquict.dat
[2009.03.12 11:51:48 | 000,000,034 | -H-- | C] () -- C:\WINDOWS\System32\Converter_sysquict.dat
[2009.03.10 17:41:51 | 000,000,444 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\SamsungLiveUpdateConfig.ini
[2008.06.13 00:03:16 | 000,001,366 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.04.26 22:43:45 | 000,416,152 | ---- | C] () -- C:\WINDOWS\System32\prfh0405.dat
[2008.04.26 22:43:45 | 000,081,862 | ---- | C] () -- C:\WINDOWS\System32\prfc0405.dat
[2008.04.06 00:14:01 | 000,002,655 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
[2008.02.04 19:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007.12.13 16:27:35 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2007.09.12 22:45:27 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\inst.exe
[2007.09.12 22:45:27 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\pcouffin.cat
[2007.09.12 22:45:27 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\pcouffin.inf
[2007.08.22 18:42:12 | 000,000,119 | ---- | C] () -- C:\WINDOWS\T602-Word.Ini
[2007.06.23 21:28:44 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\kodakpcd.ini
[2007.05.07 10:11:13 | 000,002,001 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2007.05.05 18:18:48 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2007.05.05 18:11:24 | 000,451,072 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v3.8.330 Uninstall.exe
[2007.04.30 11:56:04 | 000,000,376 | ---- | C] () -- C:\WINDOWS\settings.ini
[2007.02.26 15:32:12 | 000,000,315 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2007.02.26 15:30:38 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2007.02.20 13:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.02.20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007.02.20 13:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.01.13 00:48:14 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006.12.16 17:54:43 | 000,796,584 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2006.10.09 10:09:27 | 000,002,722 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Mp4 Codec.dat
[2006.10.09 09:33:48 | 000,001,039 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP AAC (AACEnc CLI).dat
[2006.09.26 18:32:06 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006.08.12 12:57:58 | 000,002,515 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP DirectShow Decoder Codec.dat
[2006.02.27 18:56:31 | 000,000,993 | ---- | C] () -- C:\WINDOWS\DVDFabGold.INI
[2006.02.26 01:40:09 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005.12.07 11:58:46 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe
[2005.12.07 11:58:00 | 000,396,800 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2005.12.07 11:57:14 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005.10.28 18:57:08 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\AutoGK.ini
[2005.10.28 15:07:20 | 000,043,602 | ---- | C] () -- C:\WINDOWS\System32\xvid-uninstall.exe
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.01 21:51:01 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005.09.29 22:21:35 | 000,000,075 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI
[2005.09.29 22:00:17 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\pwdremover.dat
[2005.09.29 22:00:17 | 000,000,036 | ---- | C] () -- C:\WINDOWS\verypdf.ini
[2005.09.16 17:54:54 | 000,000,249 | ---- | C] () -- C:\WINDOWS\maketorrent.ini
[2005.08.06 23:33:42 | 000,017,871 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Music Converter.dat
[2005.07.11 23:41:04 | 000,011,367 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dMC Power Pack.dat
[2005.06.09 11:34:54 | 000,000,037 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2005.05.28 10:46:59 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Pavel Kácha.ini
[2005.05.24 11:17:15 | 000,001,379 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
[2005.04.14 17:39:23 | 000,001,264 | ---- | C] () -- C:\WINDOWS\System32\affnow-item7041-5.sys
[2005.03.21 23:10:54 | 000,000,198 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005.03.21 23:10:54 | 000,000,159 | ---- | C] () -- C:\WINDOWS\AWSHKWV.INI
[2005.03.17 03:20:30 | 000,002,425 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Ogg Vorbis Codec.dat
[2005.03.08 19:13:25 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\adultpdf_Decrypt_reg.ini
[2005.03.08 18:46:51 | 000,001,244 | ---- | C] () -- C:\WINDOWS\APDFPRP.INI
[2005.03.08 18:44:55 | 000,000,029 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2005.03.02 22:19:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AwaHelp.INI
[2005.02.15 01:57:58 | 000,000,619 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Mp3 (Fraunhofer IIS Mp3Enc CLI).dat
[2005.02.14 11:14:11 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005.02.14 11:01:55 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.02.04 02:23:22 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.02.02 12:22:28 | 000,302,592 | ---- | C] () -- C:\WINDOWS\mauninst.exe
[2005.01.30 17:46:14 | 000,000,553 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005.01.06 21:04:01 | 000,003,452 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Musepack Codec.dat
[2004.11.15 15:57:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004.11.15 15:56:48 | 000,004,181 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2004.11.09 12:39:24 | 000,000,049 | ---- | C] () -- C:\Program Files\Sound ForgeSFLAUNCH.INI
[2004.09.05 21:35:39 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PALMDB.DLL
[2004.08.22 18:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004.08.18 01:31:06 | 000,011,270 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2004.08.12 21:00:52 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2004.08.08 22:11:57 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS
[2004.08.08 13:22:47 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2004.08.03 00:14:59 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2004.07.15 21:57:12 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2004.07.12 23:07:21 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004.06.28 10:06:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATMSTUB.INI
[2004.06.06 11:49:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2004.05.18 23:52:43 | 000,000,491 | ---- | C] () -- C:\WINDOWS\Instit.ini
[2004.05.15 16:38:14 | 000,000,471 | ---- | C] () -- C:\WINDOWS\FORGE32.INI
[2004.05.15 14:07:02 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004.05.15 14:01:38 | 000,109,056 | ---- | C] () -- C:\WINDOWS\SF97UNIN.EXE
[2004.05.14 18:24:59 | 000,001,152 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2004.05.14 01:24:14 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2004.05.13 16:34:16 | 000,118,784 | ---- | C] () -- C:\WINDOWS\dsdxirmv.exe
[2004.05.12 16:36:44 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\fusioncache.dat
[2004.05.01 15:45:34 | 000,031,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ProtoWall.sys
[2004.04.29 08:33:29 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll
[2004.04.26 02:08:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2004.04.20 10:28:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004.04.20 10:28:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004.04.19 08:19:40 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2004.04.19 08:17:24 | 000,001,134 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2004.04.19 08:17:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\WEBTRAN4.INI
[2004.04.19 08:17:02 | 000,007,681 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2004.04.19 08:17:02 | 000,002,373 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2004.04.17 12:14:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2004.04.08 23:55:10 | 000,000,036 | ---- | C] () -- C:\WINDOWS\MixBUda.INI
[2004.04.04 15:23:33 | 000,003,722 | ---- | C] () -- C:\WINDOWS\CSVOICE.INI
[2004.03.29 14:46:31 | 000,002,516 | ---- | C] () -- C:\WINDOWS\Aspiwin.INI
[2004.03.26 10:47:48 | 000,000,079 | ---- | C] () -- C:\WINDOWS\CTWave32.ini
[2004.03.21 13:08:11 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\gl.dll
[2004.03.21 13:08:11 | 000,006,138 | ---- | C] () -- C:\WINDOWS\System32\e1.ini
[2004.03.21 12:15:09 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll
[2004.03.21 12:14:45 | 000,039,095 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2004.03.21 12:13:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\barcode.ini
[2004.03.07 19:14:48 | 000,006,069 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2004.03.06 00:36:27 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004.03.04 14:50:04 | 000,000,884 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2004.03.04 09:14:38 | 000,000,035 | ---- | C] () -- C:\WINDOWS\InfModM.ini
[2004.03.03 03:33:08 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2004.03.03 02:38:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2004.03.03 01:20:35 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2004.03.03 01:12:38 | 000,000,767 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004.03.02 23:12:03 | 000,005,001 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2004.03.02 22:11:54 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2004.03.02 21:33:21 | 000,000,029 | ---- | C] () -- C:\WINDOWS\wgedit.ini
[2004.03.02 21:33:17 | 000,057,344 | ---- | C] () -- C:\WINDOWS\uninstBVRP.dll
[2004.03.02 20:08:46 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-0000000B-00001102-00000004-10071102}.dat
[2004.03.02 20:08:46 | 000,000,292 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-0000000B-00001102-00000004-10071102}.dat
[2004.03.02 20:04:40 | 000,068,908 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2004.03.02 20:04:40 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004.03.02 20:04:38 | 000,250,284 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2004.03.02 20:04:38 | 000,226,885 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2004.03.02 20:04:38 | 000,200,089 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2004.03.02 20:04:38 | 000,139,067 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2004.03.02 20:04:38 | 000,111,071 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2004.03.02 20:04:37 | 000,270,745 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2004.03.02 20:04:37 | 000,053,674 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2004.03.02 20:04:36 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2004.03.02 20:04:36 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2004.03.02 20:04:35 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2004.03.02 20:04:35 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2004.03.02 20:04:28 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\e000001.dat
[2004.03.02 20:02:08 | 000,000,011 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004.03.02 19:00:48 | 000,004,688 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.03.02 19:00:03 | 000,368,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.03.02 18:17:38 | 000,003,366 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2004.03.02 18:11:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004.03.02 18:08:42 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003.04.16 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003.04.16 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003.04.16 14:00:00 | 000,494,714 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003.04.16 14:00:00 | 000,489,418 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2003.04.16 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003.04.16 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2003.04.16 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003.04.16 14:00:00 | 000,099,256 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2003.04.16 14:00:00 | 000,085,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003.04.16 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003.04.16 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2003.04.16 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003.04.16 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003.04.16 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.10.16 00:54:04 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002.09.06 11:36:16 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.01.01 01:13:08 | 000,000,323 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000.09.08 18:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1999.01.22 22:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2010.07.06 18:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2008.08.09 18:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Diskeeper Corporation
[2009.05.28 20:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FileOpen
[2011.05.13 10:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Guitar Pro 6
[2011.03.29 17:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ImTOO
[2011.03.23 13:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
[2007.05.07 08:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Locktime
[2007.11.17 21:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2004.06.28 09:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2010.07.06 23:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2005.04.05 13:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\.ABC 3.0.0
[2007.03.15 13:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\123 Free Solitaire
[2010.07.29 14:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Acronis
[2009.09.25 16:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\adma
[2009.04.12 09:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\AutoPowerOn
[2011.03.04 15:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Balabolka
[2009.08.28 20:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Blitware
[2010.10.03 21:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer
[2010.05.03 09:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer Pro
[2006.11.08 20:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\DeskSoft
[2009.05.28 20:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\FileOpen
[2007.06.29 12:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\FlashFXP
[2011.03.29 09:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\FLV Extract
[2011.05.08 22:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\foobar2000
[2009.01.16 21:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Free Download Manager
[2007.09.19 22:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\GemX eBooks
[2007.05.16 20:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\GlarySoft
[2011.05.13 10:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Guitar Pro 6
[2005.06.12 15:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\ID3 renamer
[2011.03.29 17:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\ImTOO
[2011.03.23 13:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Kastner software
[2004.03.03 14:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Kazaa Lite
[2004.04.26 02:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Leadertech
[2004.07.08 19:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\LockTime
[2009.06.13 13:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Mobipocket
[2005.06.12 16:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Mp3tag
[2011.01.25 23:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\MyPhoneExplorer
[2004.09.22 10:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Opera
[2005.12.29 10:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Publish Providers
[2006.04.27 14:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Simple Sudoku
[2006.02.28 14:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\SlySoft
[2006.01.11 03:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Sony
[2005.12.29 01:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Sony(2)
[2005.12.07 12:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Steinberg
[2011.07.17 15:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\uTorrent
[2007.09.13 10:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Vso
[2007.06.02 01:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\VSO_HWE
[2006.08.20 17:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\WNR
[2004.04.21 02:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\X10 Commander

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"NetXfer" = C:\Program Files\Xi\NetXfer\NetTransport.exe -- [2007.04.04 13:54:27 | 001,253,376 | ---- | M] (Xi)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"AutoPowerOn" = C:\Program Files\Auto Power-on\AutoPowerOn.exe -- [2009.12.03 11:46:49 | 002,916,352 | ---- | M] (Lifsoft,INC)
"TViXNetShare" = C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe -- [2009.12.03 11:46:35 | 000,883,200 | ---- | M] (DVICO)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2011.03.29 21:51:15 | 000,039,408 | ---- | M] (Google Inc.)
"1312660794" = C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\bkb.exe

< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

Nift · #22 Příspěvek od **Nift** » 17 črc 2011 17:17

< %APPDATA%\*. >
[2005.04.05 13:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\.ABC 3.0.0
[2007.03.15 13:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\123 Free Solitaire
[2010.07.29 14:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Acronis
[2009.09.25 16:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\adma
[2011.06.30 18:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Adobe
[2011.04.11 17:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\AdobeUM
[2009.03.13 21:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Ahead
[2007.08.17 16:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Apple Computer
[2010.11.21 02:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\ATI
[2007.05.05 16:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\atitray
[2009.04.12 09:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\AutoPowerOn
[2011.03.04 15:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Balabolka
[2009.08.28 20:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Blitware
[2010.10.03 21:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer
[2010.05.03 09:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer Pro
[2004.03.21 14:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Corel
[2004.05.31 23:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Creative
[2005.03.12 13:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Creative ASR2
[2010.01.21 18:46:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\CyberLink
[2006.11.08 20:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\DeskSoft
[2010.12.04 16:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\DivX
[2009.05.28 20:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\FileOpen
[2007.06.29 12:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\FlashFXP
[2011.03.29 09:52:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\FLV Extract
[2011.05.08 22:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\foobar2000
[2009.01.16 21:51:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Free Download Manager
[2007.09.19 22:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\GemX eBooks
[2007.05.16 20:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\GlarySoft
[2011.03.29 21:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Google
[2004.05.22 10:33:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\GTek
[2011.05.13 10:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Guitar Pro 6
[2004.03.02 19:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Help
[2005.06.12 15:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\ID3 renamer
[2006.04.10 13:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Identities
[2011.03.29 17:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\ImTOO
[2008.06.20 10:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\InstallShield
[2011.03.23 13:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Kastner software
[2004.03.03 14:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Kazaa Lite
[2009.08.21 11:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Lavasoft
[2004.04.26 02:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Leadertech
[2004.07.08 19:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\LockTime
[2005.03.21 23:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Macromedia
[2009.08.15 20:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Malwarebytes
[2009.08.31 13:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Media Player Classic
[2011.03.29 21:59:58 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Microsoft
[2004.03.03 03:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Microsoft Web Folders
[2009.06.13 13:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Mobipocket
[2004.11.15 15:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Mozilla
[2005.06.12 16:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Mp3tag
[2011.01.25 23:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\MyPhoneExplorer
[2004.09.22 10:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Opera
[2008.11.18 01:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\PSpad
[2005.12.29 10:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Publish Providers
[2010.05.07 08:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Real
[2006.04.27 14:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Simple Sudoku
[2006.02.28 14:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\SlySoft
[2004.03.16 02:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\SmartFTP
[2006.01.11 03:28:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Sony
[2005.12.29 01:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Sony(2)
[2005.12.07 12:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Steinberg
[2004.09.30 00:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Sun
[2009.08.17 17:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\SUPERAntiSpyware.com
[2004.11.15 15:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Talkback
[2011.07.17 15:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\uTorrent
[2007.09.13 10:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Vso
[2007.06.02 01:11:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\VSO_HWE
[2006.08.20 17:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\WNR
[2004.04.21 02:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Kácha\Data aplikací\X10 Commander

< %APPDATA%\*.exe /s >
[2007.09.12 22:45:28 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\inst.exe
[2009.08.28 20:19:59 | 004,515,664 | ---- | M] (Blitware Technology Inc. ) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Blitware\DriverRobot\updates\7f4e6315fe2080478af4a909c12ad82f\DriverRobot_Setup.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2006.08.08 11:59:11 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
[2006.08.08 11:59:11 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
[2006.08.08 11:59:11 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
[2009.08.31 16:25:42 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe
[2010.09.08 10:04:50 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 08:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2001.08.17 21:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\AGP440.SYS
[2001.08.17 22:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\drivers\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 21:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2003.04.16 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll
[2004.08.18 00:49:03 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 00:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2003.04.16 14:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtUninstallKB820291$\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 07:59:12 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2005.02.14 11:13:04 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.04 08:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.05.08 10:23:13 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0028\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 00:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\cache\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\cache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2003.04.16 14:00:00 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
[2004.08.04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 00:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\cache\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\cache\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 00:49:27 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2005.02.14 14:46:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=3BB4B08619C111C7BE8BDA07AA0DE6A2 -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2006.01.13 19:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 04:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 21:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2005.05.25 21:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2003.04.16 14:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtUninstallKB840987$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 00:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2003.04.16 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\$NtUninstallKB817778$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\cache\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2006.12.25 03:35:22 | 000,639,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2004.03.02 18:58:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004.03.02 18:58:50 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004.03.02 18:58:50 | 000,413,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2011.07.17 17:29:11 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Files - Unicode (All) ==========
[2011.05.22 10:16:58 | 000,000,000 | ---D | M](C:\Documents and Settings\Pavel Kácha\Data aplikací\Data aplikac?) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Data aplikac�
[2011.05.22 10:16:58 | 000,000,000 | ---D | M](C:\Documents and Settings\Pavel Kácha\Data aplikací\Data aplikac?) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Data aplikac�
(C:\Documents and Settings\Pavel Kácha\Data aplikací\Data aplikac?) -- C:\Documents and Settings\Pavel Kácha\Data aplikací\Data aplikac�

========== Alternate Data Streams ==========

@Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1AAB2E68

< End of report >

Nift · #23 Příspěvek od **Nift** » 17 črc 2011 17:18

OTL Extras logfile created on: 17.7.2011 17:48:46 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = H:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,93% Memory free
2,85 Gb Paging File | 2,34 Gb Available in Paging File | 81,94% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 174,96 Gb Free Space | 75,13% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 337,43 Gb Free Space | 36,22% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 112,88 Gb Free Space | 37,87% Space Free | Partition Type: NTFS
Drive H: | 7,39 Gb Total Space | 7,38 Gb Free Space | 99,80% Space Free | Partition Type: FAT32

Computer Name: PK1 | User Name: Pavel Kácha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [RapidShareManagerMail] -- C:\Program Files\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0
"C:\Program Files\FlashFXP\flashfxp.exe" = C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0
"C:\Program Files\FlashFXP\flashfxp.exe" = C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe" = C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) -- (Activision)
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe" = C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) -- (Activision)
"C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe" = C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable -- (Gas Powered Games)
"C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe" = C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe:*:Enabled:Hellgate: London -- (Flagship Studios)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0712667C-A171-49AE-A098-4ACDA28625F8}" = Sony Sound Forge 7.0
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{14F364F8-34FE-4754-AB6B-5598E8937F54}" = GameJack 4
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}" = HDD Regenerator
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.012.00
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{35A501AD-C538-4286-9A45-AAF5514A482D}" = Universal SCSI Controller
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = AirLive BT-201USB /BT-202USB
"{43002AE2-4093-49E0-A03D-990EE184C568}" = Lyrics Plugin for Windows Media Player
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4837718C-5B6E-4496-B283-FFFB5A937825}" = ABBYY PDF Transformer 1.0
"{491A2E98-1E87-4FA0-B71A-607724BDA8C0}_is1" = ProtoWall 2.0 Beta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{4F896DE0-EF26-11D5-BBEC-00D0B740900A}" = Multimedia keyboard driver Ver1.07
"{512D0FB7-4104-46BA-BE72-3A1633E7946C}" = Dolet Light for Finale 2004
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{5FAAF230-8E1C-4295-ADFA-829BFE895850}" = SAPI51
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.0
"{67A48ED5-0B6A-470A-995C-B8F1942E8AB9}" = Diskeeper 2008 Pro Premier
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}" = Sony Sound Forge 8.0
"{77FB26DF-10D9-45FF-BA74-6278DB55130F}" = Delete FXP Files
"{82D8304F-73D7-4EE6-8472-D0684BAA2865}" = AGEIA PhysX v7.05.06
"{837B34E3-7C30-493C-8F6A-2B0F04E2912C}" = Microsoft Visual C++ 2005 Redistributable
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90AF0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9E34B40D-CFF3-11D3-8302-00A024A89C17}" = VeloMaster Lite CW
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0000-7EC8-7489-000000000702}" = Adobe Acrobat 7.0.1 and Reader 7.0.1 Update
"{AC76BA86-0000-7EC8-7489-000000000703}" = Adobe Acrobat 7.0.2 and Reader 7.0.2 Update
"{AC76BA86-0000-7EC8-7489-000000000704}" = Adobe Acrobat 7.0.3 and Reader 7.0.3 Update
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B0D70D61-B14C-49C1-BE47-262A1BF82FB3}" = VIA RAID Driver Setup Wizard
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E3436EE2-D5CB-4249-840B-3A0140CC34C1}" = WinPhone
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EDCBAB86-104A-4A03-B7D6-DFD783573933}" = oggcodecs
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.078
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = Rozšíření HighMAT průvodce zápisem na disk CD systému Microsoft Windows XP
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"µTorrent CZ_is1" = µTorrent CZ 1.8.1 (build 12639)
"42 Bit Scanner" = 42 Bit Scanner
"ABC Amber Palm Converter" = ABC Amber Palm Converter
"Adobe Acrobat 7.0 Professional - Czech, Polish, Greek - V" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adult PDF Password Recovery v2.2.0_is1" = Adult PDF Password Recovery v2.2.0
"Adult PDF Password Recovery_is1" = Adult PDF Password Recovery v2.3.0
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"All Video Joiner_is1" = All Video Joiner 1.6.2
"AnalogX Vocal Remover" = AnalogX Vocal Remover
"Any FLV Player" = Any FLV Player 1.1.2
"AnyDVD" = AnyDVD
"AP PDF Password Recovery_is1" = AP PDF Password Recovery v3.0.0
"ASAPI Update" = ASAPI Update
"AsusUpdate" = AsusUpdate
"ATI Display Driver" = ATI Display Driver
"AutoGK" = Auto Gordian Knot 2.40
"avast!" = avast! Antivirus
"AviSynth" = AviSynth 2.5
"Balabolka" = Balabolka
"Bink and Smacker" = Bink and Smacker
"BSPlayerf" = BS.Player FREE
"bsplayerv2_is1" = BS.Player 2.43.1008
"CCleaner" = CCleaner (remove only)
"Clean 5" = Clean 5
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Corel Uninstaller" = Corel Uninstaller
"dBpowerAMP AAC (AACEnc CLI)" = dBpowerAMP AAC (AACEnc CLI)
"dBpowerAMP DirectShow Decoder Codec" = dBpowerAMP DirectShow Decoder Codec
"dBpowerAMP FLAC Codec" = dBpowerAMP FLAC Codec
"dBpowerAMP Mp3 (Fraunhofer IIS Mp3Enc CLI)" = dBpowerAMP Mp3 (Fraunhofer IIS Mp3Enc CLI)
"dBpowerAMP Mp4 Codec" = dBpowerAMP Mp4 Codec
"dBpowerAMP Musepack Codec" = dBpowerAMP Musepack Codec
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"dBpowerAMP Ogg Vorbis Codec" = dBpowerAMP Ogg Vorbis Codec
"dBpowerAMP WMA V9.1 Codec" = dBpowerAMP WMA V9.1 Codec
"Dir2Mht_is1" = Dir2Mht 2.1
"dMC Power Pack" = dMC Power Pack
"Drakensang_is1" = Drakensang
"DungeonSiege2" = Dungeon Siege 2
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVDFab Platinum_is1" = DVDFab Platinum 3.1.6.0
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"eDonkey2000" = eDonkey2000
"eMule" = eMule
"Feng Šuej Mahjong" = Feng Šuej Mahjong
"Finale 2004" = Finale 2004
"FlashGet(JetCar)" = FlashGet(JetCar)
"Flv Audio Video Extractor_is1" = Flv Audio Video Extractor 2.0
"foobar2000" = foobar2000 v0.9.5.1
"Free Download Manager_is1" = Free Download Manager 2.1
"FSCZ_is1" = FORM studio
"Gordian Knot" = Gordian Knot Rip Pack 0.35.0
"HD Tune Pro_is1" = HD Tune Pro 3.10
"HTML Splitter_is1" = HTML Splitter version 1.5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImTOO Video Converter Ultimate 6" = ImTOO Video Converter Ultimate 6
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 1.5
"iZotope RX_is1" = iZotope RX
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.0
"MakeTorrent 2" = MakeTorrent v2.1 (Pouze odebrat)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.21
"MetaProducts Net Activity Diagram" = MetaProducts Net Activity Diagram
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"MKVtoolnix" = MKVtoolnix 1.7.0
"MMJP2KAX" = Morgan JPEG2000 Plug-in V1
"Mp3tag" = Mp3tag V.2.31
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NetLimiter 2 Pro" = NetLimiter 2 Pro (remove only)
"NetXfer (Multilingual)_is1" = NetXfer 2.30.352
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Opera" = Opera
"PC Zeitschaltuhr_is1" = PC Zeitschaltuhr 2.04
"Peer2Mail" = Peer2Mail (remove only)
"PicoZip Recovery Tool 1.02" = PicoZip Recovery Tool 1.02
"PowerISO" = PowerISO
"ProxySwitcher Standard_is1" = ProxySwitcher Standard
"PSPad editor_is1" = PSPad editor
"QuickPar" = QuickPar 0.9
"RapidShare Manager" = RapidShare Manager
"ReadManiac_is1" = ReadManiac 2.6 beta 13
"Recognita Standard OCR 4.0" = Recognita Standard OCR 4.0
"SpeedFan" = SpeedFan (remove only)
"Style Enhancer Micro 2.0" = Style Enhancer Micro 2.0
"Subtitle Studio_is1" = Subtitle Studio 2.0 R-2
"TC PowerPack" = TC PowerPack 1.7
"The Blocklist Manager_is1" = BLM 2.6.5
"TimeAdjuster" = Time Adjuster v2.9 (STANDARD)
"Totalcmd" = Total Commander (Remove or Repair)
"TotalRecorder" = Total Recorder 5.3
"Two Worlds" = Two Worlds
"VIA_{BB7D68E9-93AE-4118-85FF-6DAF1FD1731D}" = VIA VT6410 RAID Driver(Remove)
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Web Translator" = Web Translator
"whereisit-lite_is1" = WhereIsIt? Lite 3.50
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"yBook_is1" = yBook
"ZoneAlarm" = ZoneAlarm
"ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced PDF Password Recovery" = Advanced PDF Password Recovery
"TimeAdjuster" = Time Adjuster STANDARD 3.1
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 13.7.2011 17:11:33 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
failed, 00000005.

Error - 13.7.2011 17:36:47 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
failed, 00000005.

Error - 14.7.2011 6:55:02 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
failed, 00000005.

Error - 14.7.2011 11:14:51 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
failed, 00000005.

Error - 14.7.2011 16:54:24 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
failed, 00000005.

Error - 15.7.2011 15:48:05 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
failed, 00000005.

Error - 15.7.2011 17:49:25 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_Updater.CZE
failed, 00000005.

Error - 15.7.2011 18:35:14 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_weblink.CZE
failed, 00000005.

Error - 15.7.2011 18:35:14 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_EScript.CZE
failed, 00000005.

Error - 15.7.2011 19:32:56 | Computer Name = PK1 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
failed, 00000005.

[ Application Events ]
Error - 4.4.2011 9:56:14 | Computer Name = PK1 | Source = Google Update | ID = 20
Description =

Error - 8.4.2011 11:58:55 | Computer Name = PK1 | Source = Application Error | ID = 1000
Description = Chybující aplikace twoworlds.exe, verze 1.5.0.0, chybující modul twoworlds.exe,
verze 1.5.0.0, adresa chyby 0x00349271.

Error - 15.4.2011 18:28:36 | Computer Name = PK1 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.19046, adresa chyby 0x000679b8.

Error - 17.4.2011 20:54:48 | Computer Name = PK1 | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.5721.5145, chybující modul
ntdll.dll, verze 5.1.2600.6055, adresa chyby 0x0001168b.

Error - 22.4.2011 16:03:06 | Computer Name = PK1 | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x01c18f67.

[ System Events ]
Error - 17.7.2011 10:07:50 | Computer Name = PK1 | Source = Service Control Manager | ID = 7000
Description = Služba Sony Ericsson OMSI download service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 17.7.2011 10:08:21 | Computer Name = PK1 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: d347bus

Error - 17.7.2011 10:49:01 | Computer Name = PK1 | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 17.7.2011 10:49:01 | Computer Name = PK1 | Source = Service Control Manager | ID = 7000
Description = Služba Creative Service for CDROM Access neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 17.7.2011 10:49:01 | Computer Name = PK1 | Source = Service Control Manager | ID = 7000
Description = Služba Sony Ericsson OMSI download service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 17.7.2011 10:49:33 | Computer Name = PK1 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: d347bus

Error - 17.7.2011 11:27:55 | Computer Name = PK1 | Source = Service Control Manager | ID = 7000
Description = Služba ASInsHelp neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 17.7.2011 11:27:55 | Computer Name = PK1 | Source = Service Control Manager | ID = 7000
Description = Služba Creative Service for CDROM Access neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 17.7.2011 11:27:55 | Computer Name = PK1 | Source = Service Control Manager | ID = 7000
Description = Služba Sony Ericsson OMSI download service neuspěla při spuštění v
důsledku následující chyby: %%2

Error - 17.7.2011 11:28:31 | Computer Name = PK1 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: d347bus

< End of report >

#24 Příspěvek od **stell** » 17 črc 2011 17:39

Spust OTL>do okna skopiruj zeleny text a klikni na gombik, knoflik>>Opravit
log po restarte vloz sem

Kód: Vybrat vše

:OTL
IE - HKU\S-1-5-21-220523388-343818398-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 195.175.37.8:8080
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - No CLSID value found.
O4 - HKU\S-1-5-21-220523388-343818398-839522115-1004..\Run: [1312660794] File not found
O15 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..Trusted Domains: dkm.cz ([kraken] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..Trusted Domains: helevole.com ([forum] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-343818398-839522115-1004\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.cz/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4896759259 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinsta ... s-i586.cab (Reg Error: Key error.)
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2011.07.17 12:58:45 | 000,011,974 | -HS- | M] () -- C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t
[2011.07.17 12:58:45 | 000,011,974 | -HS- | M] () -- C:\Documents and Settings\All Users\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t
[2011.07.14 11:34:08 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
@Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1AAB2E68
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"1312660794" =-
:Files 
ipconfig /flushdns /c 
C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\bkb.exe
:Commands 
[purity] 
[resethosts] 
[emptytemp] 
[start explorer]
[Reboot]

Nift · #25 Příspěvek od **Nift** » 17 črc 2011 17:48

OK.

All processes killed
========== OTL ==========
HKU\S-1-5-21-220523388-343818398-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5366673-E8CA-11D3-9CD9-0090271D075B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5366673-E8CA-11D3-9CD9-0090271D075B}\ not found.
Registry value HKEY_USERS\S-1-5-21-220523388-343818398-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\1312660794 deleted successfully.
Registry key HKEY_USERS\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dkm.cz\kraken\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\helevole.com\forum\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-220523388-343818398-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\office\ deleted successfully.
Starting removal of ActiveX control {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}
C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}\ not found.
Starting removal of ActiveX control {62475759-9E84-458E-A1AB-5D2C442ADFDE}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{62475759-9E84-458E-A1AB-5D2C442ADFDE}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{62475759-9E84-458E-A1AB-5D2C442ADFDE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62475759-9E84-458E-A1AB-5D2C442ADFDE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{62475759-9E84-458E-A1AB-5D2C442ADFDE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62475759-9E84-458E-A1AB-5D2C442ADFDE}\ not found.
Starting removal of ActiveX control {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {9F1C11AA-197B-4942-BA54-47A8489BB47F}
C:\WINDOWS\Downloaded Program Files\iuctl.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\002496_.tmp deleted successfully.
C:\WINDOWS\005699_.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET7.tmp deleted successfully.
C:\WINDOWS\System32\drivers\SET4.tmp deleted successfully.
C:\WINDOWS\System32\drivers\SET8.tmp deleted successfully.
C:\WINDOWS\System32\drivers\SETC.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SETA9.tmp deleted successfully.
C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t moved successfully.
C:\Documents and Settings\All Users\Data aplikací\1dbsjffjrbovwdql1a0i843xh8205y6t moved successfully.
C:\WINDOWS\QTFont.qfn moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:1AAB2E68 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\1312660794 not found.
========== FILES ==========
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS byla úspěšně vyprázdněna.
H:\cmd.bat deleted successfully.
H:\cmd.txt deleted successfully.
File\Folder C:\Documents and Settings\Pavel Kácha\Local Settings\Data aplikací\bkb.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 393216 bytes
->Temporary Internet Files folder emptied: 33237 bytes
->Flash cache emptied: 405 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 49286 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Pavel K cha
->Temporary Internet Files folder emptied: 33170 bytes

User: Pavel Kácha
->Temp folder emptied: 542374 bytes
->Temporary Internet Files folder emptied: 10198188 bytes
->Java cache emptied: 719508 bytes
->FireFox cache emptied: 1218300 bytes
->Flash cache emptied: 145754 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 132474 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12707 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34282 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 13,00 mb

OTL by OldTimer - Version 3.2.26.1 log created on 07172011_184157

Files\Folders moved on Reboot...
C:\Documents and Settings\Pavel Kácha\Local Settings\Temp\~DF267B.tmp moved successfully.
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_240.dat moved successfully.
File\Folder C:\WINDOWS\temp\ZLT05f9c.TMP not found!

Registry entries deleted on Reboot...

#26 Příspěvek od **stell** » 17 črc 2011 17:52

dobre. prejdi do nudzoveho rezimu s pracou v sieti,a spust combofix, ak by po skene restartoval pocitac, musis vypnut ZA firewall, lebo ti neda log, potom log vloz sem

Nift · #27 Příspěvek od **Nift** » 17 črc 2011 18:02

Combofix mi vyhodil hlášku o spuštěném avastu, ale nevím jak ho v nouzovém režimu odstavit.

#28 Příspěvek od **stell** » 17 črc 2011 18:05

ignoruj pripadne hlasky, a klikaj stale na ok,ok

Nift · #29 Příspěvek od **Nift** » 17 črc 2011 18:28

OK.

ComboFix 11-07-17.03 - Administrator 17.07.2011 19:08:22.11.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1535.1222 [GMT 2:00]
Spuštěný z: H:\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 110717-0] *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\system\BCBSMP35.BPL
c:\windows\system32\ctfmon(2).exe
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-17 do 2011-07-17 )))))))))))))))))))))))))))))))
.
.
2011-07-17 12:30 . 2011-07-17 12:30 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\GHISLER
2011-07-17 11:18 . 2011-07-17 11:18 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2011-07-17 10:25 . 2011-07-17 10:25 -------- d-----w- C:\rsit
2011-06-22 19:57 . 2011-06-22 19:57 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-06 11:35 . 2003-04-16 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-02 15:32 . 2004-06-07 12:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-03-21 10:16 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2003-04-16 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2003-04-16 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-26 11:07 . 2003-04-16 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-25 16:06 . 2004-12-07 18:15 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2002-10-02 16:07 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2003-04-16 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2002-11-19 14:01 . 2004-09-22 08:27 28672 ----a-w- c:\program files\opera\program\plugins\PlugDef.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\drivers\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2003-04-16 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2003-04-16 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\cache\beep.sys
[-] 2003-04-16 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
[-] 2003-04-16 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 167552 . . [------] . . c:\windows\$NtUninstallKB826942$\ndis.sys
.
[-] 2009-08-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys
.
[-] 2003-04-16 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2003-04-16 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\cache\null.sys
[-] 2003-04-16 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-17 . F219E27E88107A50544153898DD8178E . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\lsass.exe
[-] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 86AD5B0E02F2C968FBB096AB4C555C9C . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . BB0557B62B95F366464C3C60A0BD6BDF . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-17 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll
.
[-] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\cache\comres.dll
[-] 2004-08-17 22:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\cache\qmgr.dll
[-] 2004-08-17 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2003-04-16 . D8681F65568AC0C6C7ED11E028EE3503 . 221184 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\cache\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . DBDE980506B54AE928D151D12419B425 . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . 46C3197AAC32EBA82453ACDD84114DC2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . 5DE239E9CC9DB7430233EA7BE10EAD32 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . 676E6C3C8F3B4F8B64BE33FD20ADFCE2 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 . F6A9A9EF24527C69DDAA576D965EBC39 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll
[-] 2005-01-14 . F6A9A9EF24527C69DDAA576D965EBC39 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . EB83A54CC8C1F0DF70EA67199747BCA0 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll
[-] 2004-03-06 . 8B48B080B8B3BD5349300C8FE361CEB5 . 263680 . . [5.1.2600.1361] . . c:\windows\$NtUninstallKB873333_0$\rpcss.dll
[-] 2003-08-25 21:09 . !HASH: COULD NOT OPEN FILE !!!!! . 260608 . . [------] . . c:\windows\$NtUninstallKB828741$\rpcss.dll
[-] 2003-04-16 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 260608 . . [------] . . c:\windows\$NtUninstallKB826939$\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\cache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\winlogon.exe
[-] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2003-04-16 . FF8857D1AF59071F172C0FAD0FD33E87 . 516608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\winlogon.exe
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-17 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
[-] 2003-04-16 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 53248 . . [------] . . c:\windows\$NtUninstallKB826939$\cryptsvc.dll
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:42 . 8B1B932554B6317E97AE3B9D05344470 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2005-07-26 04:30 . 7B9199B6809586DC2CF30D411CECBD33 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-17 22:49 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll
[-] 2003-04-16 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 225280 . . [------] . . c:\windows\$NtUninstallKB828741$\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\imm32.dll
[-] 2004-08-17 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\cache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 2B33979FDE5D1B9293ADB025F323B0D9 . 984576 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . C23A84D7AB99678B2F1A52080280E4ED . 983040 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . A0B58CBB3ADCD79F1414A8E62D2F719F . 983552 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2003-04-16 . B977278E24481FB1F0C11A1BD6B8F762 . 928768 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\kernel32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 3E611531CC70649635FC890B421AECD0 . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . B5DE324E0F9AEBEC885ABF5DB6B2F73D . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2004-08-17 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll
[-] 2003-04-16 . 1D42E5A5211753D568921B97B4705EB3 . 15360 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB841356$\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\lpk.dll
[-] 2004-08-17 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-17 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2003-04-16 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2003-04-16 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\netlogon.dll
[-] 2004-08-17 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\cache\powrprof.dll
[-] 2004-08-17 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\scecli.dll
[-] 2004-08-17 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\sfc.dll
[-] 2004-08-17 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\svchost.exe
[-] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 2EB5536278D697C5895A48514682BF64 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 250241D65CCF692AEACC318A266413C2 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2004-08-17 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\user32.dll
[-] 2007-03-08 . 5393076FDCD6DAEB82814688DDE3E9A2 . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . 43240B12D220F30C7C75EA69B2E806B0 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . 3EF380290CE2CA8598E475CEAC4ADB13 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 9267BC598E271BC3FA69F36CF1C8BD36 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2004-06-17 . EDA6F9B309CC19567D7727A4992ADEF0 . 560128 . . [5.1.2600.1561] . . c:\windows\$NtUninstallKB891711$\user32.dll
[-] 2003-09-25 . 9120F1C8C8C5C186D69E65F86C188E93 . 560128 . . [5.1.2600.1255] . . c:\windows\$NtUninstallKB840987$\user32.dll
[-] 2003-04-16 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 560128 . . [------] . . c:\windows\$NtUninstallKB826939$\user32.dll
[-] 2002-11-22 19:33 . !HASH: COULD NOT OPEN FILE !!!!! . 528896 . . [------] . . c:\windows\$NtUninstallKB824141$\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\userinit.exe
[-] 2004-08-17 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ws2_32.dll
[-] 2004-08-17 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2003-04-16 . 748494B94A871A828C64D1D5C738D2B7 . 75264 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB817778$\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-17 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\cache\explorer.exe
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2003-04-16 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB820291$\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\wscntfy.exe
[-] 2004-08-17 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-17 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-17 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\sfcfiles.dll
[-] 2004-08-17 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ctfmon.exe
[-] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-17 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-17 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
[-] 2003-04-16 . 426D5FC7DD903DFA12123C8C9B818CD5 . 159232 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841873$\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-17 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\termsrv.dll
[-] 2004-08-17 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-17 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2003-04-16 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\dllcache\cache\acpiec.sys
[-] 2003-04-16 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\cache\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
[-] 2001-08-17 . 65880045C51AA36184841CEE915A61DF . 25472 . . [5.1.2600.0] . . c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\AGP440.SYS
[-] 2001-08-17 . 65880045C51AA36184841CEE915A61DF . 25472 . . [5.1.2600.0] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\AGP440.SYS
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\msgsvc.dll
[-] 2004-08-17 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2003-04-16 12:00 . !HASH: COULD NOT OPEN FILE !!!!! . 34304 . . [------] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll
.
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-10-11 09:20 . C9BF4BC4D24A3A25E4A4894499FD9A6A . 25088 . . [10.0.3790.3650] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-10-11 09:20 . C9BF4BC4D24A3A25E4A4894499FD9A6A . 25088 . . [10.0.3790.3650] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-17 22:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[-] 2004-08-17 22:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
[-] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\cache\ntmssvc.dll
[-] 2004-08-17 22:49 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 6FD45FDC0C32BC4E81F718B671A3E017 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . 0C0C2C77C6B52181369594F2AA36AF40 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2004-08-17 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-17 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2002-12-11 23:14 . 1E97BD58ABAC42A4C2FB3167D6567BBF . 336384 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-17 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-17 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2002-12-11 23:14 . 182262B38B87F2AC567D05AEDE02E1C7 . 257536 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
.
[-] 2008-04-14 03:21 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 03:21 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-17 22:49 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-17 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-17 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-17 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . 1F3BB7CB8064B3EC143D291F7222DF4B . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B824215A934A24928CDDD1EF7E113035 . 334336 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2004-08-17 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-17 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2006-06-26 . 907E7787538EDDAAA2EA88A01B4E2F53 . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
[-] 2006-06-26 . 408B05D8104FB3C19403450FDA953C7C . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
[-] 2004-08-17 . 630A1012AF129918D2E2D70727D69351 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 790528]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Pavel K cha\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Net Activity Diagram.lnk - c:\program files\Net Activity Diagram\nad.exe [2003-12-19 447492]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\AirLive\Bluetooth Software\BTTray.exe [2006-9-26 561213]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Corel MEDIA FOLDERS INDEXER 8.LNK]
backup=c:\windows\pss\Corel MEDIA FOLDERS INDEXER 8.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Kodak EasyShare software.lnk]
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Net Activity Diagram.lnk]
backup=c:\windows\pss\Net Activity Diagram.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Pavel Kácha^Nabídka Start^Programy^Po spuštění^ikowin32.exe]
path=c:\documents and settings\Pavel Kácha\Nabídka Start\Programy\Po spuštění\ikowin32.exe
backup=c:\windows\pss\ikowin32.exeStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Pavel Kácha^Nabídka Start^Programy^Po spuštění^Net Activity Diagram.lnk]
path=c:\documents and settings\Pavel Kácha\Nabídka Start\Programy\Po spuštění\Net Activity Diagram.lnk
backup=c:\windows\pss\Net Activity Diagram.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Pavel Kácha^Nabídka Start^Programy^Po spuštění^UCmore XP - The Search Accelerator.lnk]
backup=c:\windows\pss\UCmore XP - The Search Accelerator.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-14 09:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-06-01 11:32 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2005-05-19 13:47 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2003-04-10 08:36 28672 ----a-w- c:\windows\system32\CTHELPER.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
2008-07-07 12:12 675935 ----a-w- c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SoundMAX Agent Service (default)"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"SunJavaUpdateSched"=c:\program files\Java\j2re1.4.2_05\bin\jusched.exe
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe"
"TotalRecorderScheduler"="c:\program files\HighCriteria\TotalRecorder\TotRecSched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\FlashFXP\\flashfxp.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe"=
"c:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe"=
"c:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"=
"c:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25.12.2006 3:35 639224]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [6.7.2010 18:02 911680]
R0 viaraid;viaraid;c:\windows\system32\drivers\viaraid.sys [2.3.2004 20:15 70272]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [23.4.2007 13:03 82200]
R3 ProtoWall;ProtoWall Network Service;c:\windows\system32\drivers\ProtoWall.sys [1.5.2004 15:45 31360]
R3 uscsc108;uscsc108;c:\windows\system32\drivers\uscsc108.sys [9.3.2003 19:41 102336]
S0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2.3.2005 19:05 155136]
S0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2.3.2005 19:05 5248]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.4.2008 10:41 114768]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5.8.2009 16:06 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5.8.2009 16:06 74480]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [6.7.2010 18:02 2480048]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.4.2008 10:41 20560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.3.2011 21:51 136176]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe --> c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [?]
S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [15.7.2004 17:01 2368]
S3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [6.7.2010 18:02 160288]
S3 AVerAF35;AVerMedia A835 USB DVB-T;c:\windows\system32\drivers\AVerAF35.sys [1.3.2011 16:52 642560]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.8.2008 22:52 13352]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29.3.2011 21:51 136176]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [16.4.2003 14:00 14336]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [7.7.2010 22:47 27064]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [25.1.2011 23:03 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [26.1.2011 0:19 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [26.1.2011 0:19 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [26.1.2011 0:19 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [25.1.2011 23:03 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [26.1.2011 0:19 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [25.1.2011 23:03 115752]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [20.6.2008 9:44 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [20.6.2008 9:47 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [20.6.2008 9:47 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [20.6.2008 9:49 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [20.6.2008 9:50 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [20.6.2008 9:49 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [20.6.2008 9:50 97704]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5.8.2009 16:06 7408]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [26.1.2011 0:18 155344]
S3 TTDec;ATI WDM Teletext Decoder;c:\windows\system32\drivers\atinttxx.sys [12.8.2004 22:47 13824]
S3 VICHW00;VICHW00;\??\c:\windows\SYSTEM32\DRIVERS\VICHW00.SYS --> c:\windows\SYSTEM32\DRIVERS\VICHW00.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2010-08-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
.
2011-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-29 19:51]
.
2011-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-29 19:51]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-braviax - braviax.exe
MSConfigStartUp-CTDVDDet - c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
MSConfigStartUp-CTSysVol - c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
MSConfigStartUp-DiskeeperSystray - c:\program files\Executive Software\Diskeeper\DkIcon.exe
MSConfigStartUp-MessengerPlus3 - c:\program files\Messenger Plus! 3\MsgPlus.exe
MSConfigStartUp-msnappau - c:\program files\MSN Apps\Updater\01.02.3000.1001\cs-cz\msnappau.exe
MSConfigStartUp-SBDrvDet - c:\program files\Creative\SB Drive Det\SBDrvDet.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
AddRemove-bsplayerv2_is1 - c:\program files\BS.Player\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-17 19:20
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-220523388-343818398-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,75,3e,bf,04,35,ba,45,9f,af,bd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,75,3e,bf,04,35,ba,45,9f,af,bd,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ů•Ów*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1292)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-07-17 19:26:33
ComboFix-quarantined-files.txt 2011-07-17 17:26
.
Před spuštěním: Volných bajtů: 189 419 380 736
Po spuštění: Volných bajtů: 189 353 148 416
.
Current=2 Default=2 Failed=1 LastKnownGood=3 Sets=1,2,3,4
- - End Of File - - 7B6A66ACACFA589AB89C6CD0E093138D

#30 Příspěvek od **stell** » 17 črc 2011 18:39

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Driver::
SVKP
Rootkit::
c:\windows\system32\SVKP.sys 
RegLock::
[HKEY_USERS\S-1-5-21-220523388-343818398-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
FixCSet::

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

VIRY.CZ

Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout

Re: Xp home security 2012 - nelze vypnout