Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
UFA.EXE
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: UFA.EXE
Pokračujte podle návodu http://www.viry.cz/forum/viewtopic.php?f=29&t=62878, oba logy mi sem vložte.
Re: UFA.EXE
potřeboval bych doporučit nějaký FREE antivirus..
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: UFA.EXE
Antivirus zatím neinstalujte. Až dokončíme léčení, tak vám poradím celkově o zabezpečení PC.
Re: UFA.EXE
Po prvním scanu mi nenaběhne nic a při druhém se mi restartoval pc a napsalo to chybu.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: UFA.EXE
Ahoj, muzu poprosit o pomoc ? mam stejnej problem..logy z OTL:
OTL.txt
OTL logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
PRC - [2011.07.20 13:32:37 | 000,177,664 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
PRC - [2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
PRC - [2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
PRC - [2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.tray-2-0\svchost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010.09.22 09:51:21 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.10.15 19:08:04 | 005,822,464 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009.10.02 16:17:22 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2009.09.17 21:11:40 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009.09.17 21:11:38 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006.10.11 13:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ==========
MOD - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2010.12.10 00:01:33 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.05.24 20:30:43 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.14 21:28:24 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.04.05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.03.16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.03.01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.02.22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.02.10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.01.07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010.12.21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.08.25 21:08:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.07.12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2009.12.19 10:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.08.17 23:32:44 | 001,311,616 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2005.11.03 16:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2005.08.10 14:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.05.16 15:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.23 18:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F1 53 DC 97 DF AB CA 01 [binary data]
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63455
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50826.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.22 09:51:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 08:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.19 21:30:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.09.22 09:51:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.09.22 09:51:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions
[2010.02.16 12:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions
[2011.04.18 22:02:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.16 18:28:22 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\2020Player@2020Technologies.com
[2010.10.24 21:07:36 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.18 19:50:14 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\radiobar@toolbar
[2011.04.13 20:59:06 | 000,002,557 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\askcom.xml
[2011.07.16 11:11:20 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-1.xml
[2011.03.07 09:42:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-2.xml
[2011.03.09 00:51:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-3.xml
[2011.04.14 06:09:43 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-4.xml
[2011.06.23 08:46:42 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-5.xml
[2011.04.18 22:02:43 | 000,000,168 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.gif
[2011.04.18 22:02:43 | 000,000,618 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.src
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.xml
[2010.03.15 23:38:05 | 000,001,589 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\web-search.xml
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.23 18:56:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.22 09:51:48 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\RADIOBAR@TOOLBAR
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.10.21 20:06:16 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.21 20:06:16 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010.10.21 20:06:16 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.10.21 20:06:16 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.10.21 20:06:16 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.20 15:46:29 | 000,203,160 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] File not found
O4 - HKLM..\Run: [conhost] C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\Windows\systemup.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
F3:64bit: - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
F3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.10 10.1.62.66
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (C:\Users\Uživatel\AppData\Roaming\dwm.exe) - C:\Users\Uživatel\AppData\Roaming\dwm.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell - "" = AutoRun
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell\AutoRun\command - "" = G:\SetupLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\NUVYUV.DLL (Nogatech Ltd.)
Drivers32: VIDC.NTN1 - C:\Windows\SysWow64\Nuvision.ax (Nogatech Ltd.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0-lnk
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0
[2011.07.20 15:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011.07.19 16:54:48 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.07.19 16:29:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0-lnk
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0
[2011.07.19 16:12:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011.07.19 15:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.07.19 15:18:42 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.19 15:18:41 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.18 22:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.18 17:24:48 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.18 16:59:33 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.18 16:59:17 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.18 16:58:16 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.18 16:56:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.07.05 01:39:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.05 01:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2011.07.05 01:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2011.06.20 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\2011_06_20
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:46:29 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.07.20 15:46:29 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011.07.20 15:45:46 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.20 15:45:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.20 15:45:37 | 1609,961,472 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.20 15:33:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.20 15:24:31 | 000,007,607 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2011.07.20 14:57:36 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.20 13:57:01 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.20 13:57:01 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.20 13:57:01 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.20 13:57:01 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.20 13:57:01 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.20 13:32:31 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 21:16:05 | 000,000,179 | ---- | M] () -- C:\Windows\info1
[2011.07.19 16:57:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 16:54:50 | 000,002,332 | ---- | M] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:27:01 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-170747.backup
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.19 14:52:07 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.07.19 10:12:53 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-142939.backup
[2011.07.18 22:49:46 | 000,002,218 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 22:42:15 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2011.07.18 22:42:15 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.18 21:28:36 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:40 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:44:37 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-212453.backup
[2011.07.18 20:27:34 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.18 17:00:10 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-170630.backup
[2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011.07.05 01:37:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.07.04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.07.04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.07.02 18:33:22 | 000,042,207 | -HS- | M] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | M] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.20 09:57:31 | 000,180,736 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 16:54:50 | 000,002,332 | ---- | C] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:52:40 | 000,000,974 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.19 16:52:40 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 15:18:55 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.18 22:49:46 | 000,002,218 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:25 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:25:57 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.07.18 20:25:55 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.07.18 20:25:55 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.07.18 17:00:14 | 000,110,592 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.07.18 16:59:57 | 000,114,176 | ---- | C] () -- C:\Windows\systemup.exe
[2011.07.18 16:59:16 | 000,000,179 | ---- | C] () -- C:\Windows\info1
[2011.07.18 16:58:40 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:26 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.07.18 16:49:34 | 000,006,868 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.05 01:37:42 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.02 18:33:22 | 000,042,207 | -HS- | C] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | C] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[2011.03.12 20:28:00 | 000,007,607 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2010.08.23 21:30:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.31 16:09:15 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2010.03.31 15:32:59 | 000,004,608 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.10 15:22:24 | 002,407,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010.02.24 15:43:33 | 000,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.02.20 00:27:50 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2010.02.17 17:18:01 | 000,190,160 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.02.17 17:17:57 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.02.17 17:17:57 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.02.16 20:43:03 | 000,000,632 | ---- | C] () -- C:\Windows\Thps3.INI
[2010.02.12 16:44:17 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2010.02.12 14:28:43 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.02.12 14:28:43 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.02.12 14:28:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.02.12 14:28:39 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.02.07 04:13:58 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.29 15:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
========== LOP Check ==========
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.06.10 14:28:46 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"WinFast Schedule" = C:\Program Files\WinFast\WFDTV\WFWIZ.exe -- [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.06.03 07:28:18 | 000,136,176 | ---- | M] (Google Inc.)
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2011.07.20 13:32:37 | 000,177,664 | ---- | M] () MD5=14C37D7485988E3D851E2F6184BDA108 -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\SysNative\drivers\ntfs.sys
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SPOOLSV.EXE >
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\SysNative\spoolsv.exe
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.1\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0-lnk\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011.07.19 21:16:05 | 000,340,480 | ---- | M] () MD5=BD0ACD06341E69D226259858DA331359 -- C:\Windows\update.5.0\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011.07.18 16:59:33 | 000,483,328 | ---- | M] () MD5=EFB19E06A994F184B781A3C948E77E6E -- C:\Windows\update.2\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 03:40:18 | 000,084,992 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,027,136 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,028,672 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,080,896 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,083,968 | ---- | M] (CANON INC.) --
[2009.07.14 03:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2009.07.14 03:41:56 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009.07.14 17:17:26 | 000,003,584 | ---- | M] (Lexmark International Inc.) --
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
OTL.txt
OTL logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
PRC - [2011.07.20 13:32:37 | 000,177,664 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
PRC - [2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
PRC - [2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
PRC - [2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.tray-2-0\svchost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010.09.22 09:51:21 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.10.15 19:08:04 | 005,822,464 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009.10.02 16:17:22 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2009.09.17 21:11:40 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009.09.17 21:11:38 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006.10.11 13:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ==========
MOD - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2010.12.10 00:01:33 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.05.24 20:30:43 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.14 21:28:24 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.04.05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.03.16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.03.01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.02.22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.02.10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.01.07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010.12.21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.08.25 21:08:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.07.12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2009.12.19 10:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.08.17 23:32:44 | 001,311,616 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2005.11.03 16:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2005.08.10 14:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.05.16 15:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.23 18:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F1 53 DC 97 DF AB CA 01 [binary data]
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63455
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50826.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.22 09:51:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 08:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.19 21:30:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.09.22 09:51:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.09.22 09:51:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions
[2010.02.16 12:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions
[2011.04.18 22:02:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.16 18:28:22 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\2020Player@2020Technologies.com
[2010.10.24 21:07:36 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.18 19:50:14 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\radiobar@toolbar
[2011.04.13 20:59:06 | 000,002,557 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\askcom.xml
[2011.07.16 11:11:20 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-1.xml
[2011.03.07 09:42:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-2.xml
[2011.03.09 00:51:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-3.xml
[2011.04.14 06:09:43 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-4.xml
[2011.06.23 08:46:42 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-5.xml
[2011.04.18 22:02:43 | 000,000,168 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.gif
[2011.04.18 22:02:43 | 000,000,618 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.src
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.xml
[2010.03.15 23:38:05 | 000,001,589 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\web-search.xml
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.23 18:56:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.22 09:51:48 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\RADIOBAR@TOOLBAR
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.10.21 20:06:16 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.21 20:06:16 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010.10.21 20:06:16 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.10.21 20:06:16 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.10.21 20:06:16 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.20 15:46:29 | 000,203,160 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] File not found
O4 - HKLM..\Run: [conhost] C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\Windows\systemup.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
F3:64bit: - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
F3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.10 10.1.62.66
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (C:\Users\Uživatel\AppData\Roaming\dwm.exe) - C:\Users\Uživatel\AppData\Roaming\dwm.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell - "" = AutoRun
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell\AutoRun\command - "" = G:\SetupLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\NUVYUV.DLL (Nogatech Ltd.)
Drivers32: VIDC.NTN1 - C:\Windows\SysWow64\Nuvision.ax (Nogatech Ltd.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0-lnk
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0
[2011.07.20 15:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011.07.19 16:54:48 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.07.19 16:29:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0-lnk
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0
[2011.07.19 16:12:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011.07.19 15:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.07.19 15:18:42 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.19 15:18:41 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.18 22:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.18 17:24:48 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.18 16:59:33 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.18 16:59:17 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.18 16:58:16 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.18 16:56:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.07.05 01:39:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.05 01:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2011.07.05 01:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2011.06.20 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\2011_06_20
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:46:29 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.07.20 15:46:29 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011.07.20 15:45:46 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.20 15:45:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.20 15:45:37 | 1609,961,472 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.20 15:33:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.20 15:24:31 | 000,007,607 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2011.07.20 14:57:36 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.20 13:57:01 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.20 13:57:01 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.20 13:57:01 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.20 13:57:01 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.20 13:57:01 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.20 13:32:31 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 21:16:05 | 000,000,179 | ---- | M] () -- C:\Windows\info1
[2011.07.19 16:57:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 16:54:50 | 000,002,332 | ---- | M] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:27:01 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-170747.backup
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.19 14:52:07 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.07.19 10:12:53 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-142939.backup
[2011.07.18 22:49:46 | 000,002,218 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 22:42:15 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2011.07.18 22:42:15 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.18 21:28:36 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:40 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:44:37 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-212453.backup
[2011.07.18 20:27:34 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.18 17:00:10 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-170630.backup
[2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011.07.05 01:37:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.07.04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.07.04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.07.02 18:33:22 | 000,042,207 | -HS- | M] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | M] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.20 09:57:31 | 000,180,736 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 16:54:50 | 000,002,332 | ---- | C] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:52:40 | 000,000,974 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.19 16:52:40 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 15:18:55 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.18 22:49:46 | 000,002,218 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:25 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:25:57 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.07.18 20:25:55 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.07.18 20:25:55 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.07.18 17:00:14 | 000,110,592 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.07.18 16:59:57 | 000,114,176 | ---- | C] () -- C:\Windows\systemup.exe
[2011.07.18 16:59:16 | 000,000,179 | ---- | C] () -- C:\Windows\info1
[2011.07.18 16:58:40 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:26 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.07.18 16:49:34 | 000,006,868 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.05 01:37:42 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.02 18:33:22 | 000,042,207 | -HS- | C] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | C] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[2011.03.12 20:28:00 | 000,007,607 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2010.08.23 21:30:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.31 16:09:15 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2010.03.31 15:32:59 | 000,004,608 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.10 15:22:24 | 002,407,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010.02.24 15:43:33 | 000,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.02.20 00:27:50 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2010.02.17 17:18:01 | 000,190,160 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.02.17 17:17:57 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.02.17 17:17:57 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.02.16 20:43:03 | 000,000,632 | ---- | C] () -- C:\Windows\Thps3.INI
[2010.02.12 16:44:17 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2010.02.12 14:28:43 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.02.12 14:28:43 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.02.12 14:28:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.02.12 14:28:39 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.02.07 04:13:58 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.29 15:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
========== LOP Check ==========
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.06.10 14:28:46 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"WinFast Schedule" = C:\Program Files\WinFast\WFDTV\WFWIZ.exe -- [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.06.03 07:28:18 | 000,136,176 | ---- | M] (Google Inc.)
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2011.07.20 13:32:37 | 000,177,664 | ---- | M] () MD5=14C37D7485988E3D851E2F6184BDA108 -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\SysNative\drivers\ntfs.sys
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SPOOLSV.EXE >
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\SysNative\spoolsv.exe
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.1\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0-lnk\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011.07.19 21:16:05 | 000,340,480 | ---- | M] () MD5=BD0ACD06341E69D226259858DA331359 -- C:\Windows\update.5.0\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011.07.18 16:59:33 | 000,483,328 | ---- | M] () MD5=EFB19E06A994F184B781A3C948E77E6E -- C:\Windows\update.2\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 03:40:18 | 000,084,992 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,027,136 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,028,672 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,080,896 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,083,968 | ---- | M] (CANON INC.) --
[2009.07.14 03:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2009.07.14 03:41:56 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009.07.14 17:17:26 | 000,003,584 | ---- | M] (Lexmark International Inc.) --
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
Re: UFA.EXE
< %APPDATA%\*. >
[2010.02.18 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Adobe
[2010.02.17 10:43:53 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ArcSoft
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.14 22:03:00 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\AVS4YOU
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2010.03.02 23:41:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DivX
[2010.07.12 22:16:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\dvdcss
[2011.07.05 01:39:28 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.02.12 19:52:24 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Identities
[2010.02.12 14:43:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\InstallShield
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2010.02.12 15:28:21 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Center Programs
[2010.06.28 22:53:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Player Classic
[2011.07.20 13:32:28 | 000,000,000 | --SD | M] -- C:\Users\Uživatel\AppData\Roaming\Microsoft
[2010.02.12 14:37:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2011.06.19 15:54:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Nero
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.11.13 21:56:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Real
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2011.03.27 16:40:01 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Skype
[2010.09.06 08:08:36 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\skypePM
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2011.01.03 19:16:02 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\vlc
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.07.19 22:58:39 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2010.06.22 16:25:38 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
< %APPDATA%\*.exe /s >
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
[2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
[2010.03.16 22:20:16 | 000,010,134 | R--- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2010.06.28 23:00:21 | 002,228,534 | ---- | M] ( ) -- C:\Users\Uživatel\AppData\Roaming\OpenCandy\OpenCandy_EC22156BF8CA4B5F943BA0D99DF93464\audacity-win-1.2.6.exe
[2010.12.04 21:57:05 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.24 18:01:13 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2010.05.13 13:09:52 | 000,220,272 | ---- | M] (Google Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb_helper\LaunchHelper.exe
[2010.03.25 12:08:26 | 013,407,072 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr\ChromeInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr_helper\LaunchHelper.exe
[2010.12.18 12:06:01 | 025,809,040 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\rp\RealPlayer.exe
[2010.11.04 19:05:08 | 000,092,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\ui_data\vista.exe
[2011.07.17 17:45:27 | 000,308,864 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.01\rnupgagent.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () MD5=EAF9D5F496D53877A45710D6CB52F651 -- C:\PhysicalMBR.bin
< End of report >
Extras.txt
OTL Extras logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180" = Canon MP180
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"doPDF 7 printer_is1" = doPDF 7.1 printer
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-6009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2008 - English
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{5DA1C66B-EAD2-4A2A-B277-5E8710C580F8}" = CODEC(NogaTech)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6f01ffd3-a191-40a5-a881-9544c392b5a5}" = Nero 9 Lite
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Disc-Direct SDK
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD LT 2008 - English" = AutoCAD LT 2008 - English
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cute MP4 Video Converter_is1" = Cute MP4 Video Converter version 3.6.6.0
"DzSoftPPSlideShowConv_is1" = PowerPoint Slide Show Converter 3.0
"EADM" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EAX Unified" = EAX Unified
"GameSpy Arcade" = GameSpy Arcade
"GOM Player" = GOM Player
"ICQToolbar" = ICQ Toolbar
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP180" = Registrace uživatele zařízení Canon MP180
"Registrace uživatele zařízení Canon MP250 series" = Registrace uživatele zařízení Canon MP250 series
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
[2010.02.18 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Adobe
[2010.02.17 10:43:53 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ArcSoft
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.14 22:03:00 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\AVS4YOU
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2010.03.02 23:41:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DivX
[2010.07.12 22:16:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\dvdcss
[2011.07.05 01:39:28 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.02.12 19:52:24 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Identities
[2010.02.12 14:43:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\InstallShield
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2010.02.12 15:28:21 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Center Programs
[2010.06.28 22:53:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Player Classic
[2011.07.20 13:32:28 | 000,000,000 | --SD | M] -- C:\Users\Uživatel\AppData\Roaming\Microsoft
[2010.02.12 14:37:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2011.06.19 15:54:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Nero
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.11.13 21:56:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Real
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2011.03.27 16:40:01 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Skype
[2010.09.06 08:08:36 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\skypePM
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2011.01.03 19:16:02 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\vlc
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.07.19 22:58:39 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2010.06.22 16:25:38 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
< %APPDATA%\*.exe /s >
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
[2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
[2010.03.16 22:20:16 | 000,010,134 | R--- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2010.06.28 23:00:21 | 002,228,534 | ---- | M] ( ) -- C:\Users\Uživatel\AppData\Roaming\OpenCandy\OpenCandy_EC22156BF8CA4B5F943BA0D99DF93464\audacity-win-1.2.6.exe
[2010.12.04 21:57:05 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.24 18:01:13 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2010.05.13 13:09:52 | 000,220,272 | ---- | M] (Google Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb_helper\LaunchHelper.exe
[2010.03.25 12:08:26 | 013,407,072 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr\ChromeInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr_helper\LaunchHelper.exe
[2010.12.18 12:06:01 | 025,809,040 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\rp\RealPlayer.exe
[2010.11.04 19:05:08 | 000,092,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\ui_data\vista.exe
[2011.07.17 17:45:27 | 000,308,864 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.01\rnupgagent.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () MD5=EAF9D5F496D53877A45710D6CB52F651 -- C:\PhysicalMBR.bin
< End of report >
Extras.txt
OTL Extras logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180" = Canon MP180
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"doPDF 7 printer_is1" = doPDF 7.1 printer
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-6009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2008 - English
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{5DA1C66B-EAD2-4A2A-B277-5E8710C580F8}" = CODEC(NogaTech)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6f01ffd3-a191-40a5-a881-9544c392b5a5}" = Nero 9 Lite
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Disc-Direct SDK
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD LT 2008 - English" = AutoCAD LT 2008 - English
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cute MP4 Video Converter_is1" = Cute MP4 Video Converter version 3.6.6.0
"DzSoftPPSlideShowConv_is1" = PowerPoint Slide Show Converter 3.0
"EADM" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EAX Unified" = EAX Unified
"GameSpy Arcade" = GameSpy Arcade
"GOM Player" = GOM Player
"ICQToolbar" = ICQ Toolbar
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP180" = Registrace uživatele zařízení Canon MP180
"Registrace uživatele zařízení Canon MP250 series" = Registrace uživatele zařízení Canon MP250 series
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Re: UFA.EXE
Sorry za vstup.
Založte si prosím vlastní téma, takto by se to pletlo. Děkujeme za pochopení.
Založte si prosím vlastní téma, takto by se to pletlo. Děkujeme za pochopení.
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Přispějete na provoz fóra?