Prosím o kontrolu - seká se mi PC

Zpráva

lency · #16 Příspěvek od **lency** » 02 říj 2011 11:50

Mě se už od začátku nezobrazuje, že by do příspěvku někdo přispěl...asi nějaká chybka

Tady je log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lenka at 2011-10-02 12:49:05
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 24 GB (17%) free of 143 GB
Total RAM: 2039 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:49:33, on 2.10.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\vsnpstd.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Users\Lenka\Downloads\Kontrola PC\RSIT.exe
C:\Program Files\trend micro\Lenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [snpstd] C:\windows\vsnpstd.exe
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} (VitaminCtrl Class) - http://www.psslavia.cz/VitaminCtrl_2_1_0_26.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - C:\windows\SYSTEM32\DeviceNP.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: Google Update Service (gupdate1c9b06af0e15920) (gupdate1c9b06af0e15920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9951 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForLenka.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll [2011-09-05 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-21 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll [2011-09-05 220888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-05-22 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-05-22 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-05-22 133656]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-10 145184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-04-21 197904]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-11-07 177456]
"snpstd"=C:\windows\vsnpstd.exe [2007-03-30 344064]
"AAWTray"=C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe [2007-08-08 88024]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-02-21 1183744]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"PMBVolumeWatcher"=C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [2011-03-15 650080]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe [2011-09-05 362200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\windows\system32\DeviceNP.dll [2007-06-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-10-02 11:37:24 ----D---- C:\Program Files\facemoods.com
2011-10-01 12:08:41 ----D---- C:\Program Files\JDownloader
2011-09-29 17:54:23 ----D---- C:\windows\Minidump
2011-09-28 18:46:58 ----D---- C:\ProgramData\Installations
2011-09-26 20:54:42 ----D---- C:\Users\Lenka\AppData\Roaming\Nokia Ovi Suite
2011-09-26 20:54:40 ----D---- C:\Users\Lenka\AppData\Roaming\Nokia
2011-09-26 20:51:12 ----A---- C:\windows\system32\WUDFx.dll
2011-09-26 20:51:12 ----A---- C:\windows\system32\WUDFSvc.dll
2011-09-26 20:51:12 ----A---- C:\windows\system32\WUDFPlatform.dll
2011-09-26 20:51:12 ----A---- C:\windows\system32\WUDFHost.exe
2011-09-26 20:51:12 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2011-09-26 20:47:31 ----D---- C:\ProgramData\PC Suite
2011-09-26 20:47:30 ----D---- C:\Users\Lenka\AppData\Roaming\PC Suite
2011-09-26 20:45:39 ----D---- C:\Program Files\Common Files\Nokia
2011-09-26 20:45:00 ----D---- C:\Program Files\DIFX
2011-09-26 20:44:24 ----DC---- C:\windows\system32\DRVSTORE
2011-09-26 20:44:13 ----D---- C:\Program Files\PC Connectivity Solution
2011-09-26 20:43:05 ----A---- C:\windows\system32\nmwcdcls.dll
2011-09-26 20:37:20 ----D---- C:\ProgramData\NokiaInstallerCache
2011-09-26 20:37:20 ----D---- C:\Program Files\Nokia
2011-09-25 23:02:40 ----D---- C:\Users\Lenka\AppData\Roaming\URSoft
2011-09-25 23:02:35 ----D---- C:\Program Files\Your Uninstaller 2010
2011-09-25 13:15:40 ----A---- C:\windows\system32\aswBoot.exe
2011-09-25 13:06:13 ----SD---- C:\ComboFix
2011-09-25 13:04:49 ----SD---- C:\32788R22FWJFW
2011-09-24 23:22:59 ----SHD---- C:\$RECYCLE.BIN
2011-09-24 23:22:52 ----D---- C:\windows\temp
2011-09-24 21:20:14 ----A---- C:\windows\zip.exe
2011-09-24 21:20:14 ----A---- C:\windows\SWSC.exe
2011-09-24 21:20:14 ----A---- C:\windows\SWREG.exe
2011-09-24 21:20:14 ----A---- C:\windows\sed.exe
2011-09-24 21:20:14 ----A---- C:\windows\PEV.exe
2011-09-24 21:20:14 ----A---- C:\windows\NIRCMD.exe
2011-09-24 21:20:14 ----A---- C:\windows\MBR.exe
2011-09-24 21:20:14 ----A---- C:\windows\grep.exe
2011-09-24 21:19:49 ----D---- C:\windows\ERDNT
2011-09-24 21:19:45 ----D---- C:\Qoobox
2011-09-24 21:17:39 ----D---- C:\Program Files\Lavasoft
2011-09-24 20:49:45 ----D---- C:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2011-09-24 20:34:01 ----A---- C:\windows\system32\wininet.dll
2011-09-24 20:34:01 ----A---- C:\windows\system32\msls31.dll
2011-09-24 20:34:01 ----A---- C:\windows\system32\jsproxy.dll
2011-09-24 20:34:00 ----A---- C:\windows\system32\urlmon.dll
2011-09-24 20:34:00 ----A---- C:\windows\system32\msrating.dll
2011-09-24 20:34:00 ----A---- C:\windows\system32\iertutil.dll
2011-09-24 20:33:59 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2011-09-24 20:33:59 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2011-09-24 20:33:59 ----A---- C:\windows\system32\mshtmler.dll
2011-09-24 20:33:59 ----A---- C:\windows\system32\ieui.dll
2011-09-24 20:33:59 ----A---- C:\windows\system32\iesysprep.dll
2011-09-24 20:33:59 ----A---- C:\windows\system32\ieframe.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\url.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\iesetup.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\iernonce.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\iedkcs32.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\ieapfltr.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\ie4uinit.exe
2011-09-24 20:33:58 ----A---- C:\windows\system32\icardie.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\dxtrans.dll
2011-09-24 20:33:58 ----A---- C:\windows\system32\dxtmsft.dll
2011-09-24 20:33:57 ----A---- C:\windows\system32\wextract.exe
2011-09-24 20:33:57 ----A---- C:\windows\system32\webcheck.dll
2011-09-24 20:33:57 ----A---- C:\windows\system32\mshtmled.dll
2011-09-24 20:33:57 ----A---- C:\windows\system32\msfeeds.dll
2011-09-24 20:33:57 ----A---- C:\windows\system32\licmgr10.dll
2011-09-24 20:33:57 ----A---- C:\windows\system32\inseng.dll
2011-09-24 20:33:57 ----A---- C:\windows\system32\iexpress.exe
2011-09-24 20:33:56 ----A---- C:\windows\system32\vbscript.dll
2011-09-24 20:33:56 ----A---- C:\windows\system32\pngfilt.dll
2011-09-24 20:33:56 ----A---- C:\windows\system32\occache.dll
2011-09-24 20:33:56 ----A---- C:\windows\system32\mshtml.dll
2011-09-24 20:33:56 ----A---- C:\windows\system32\mshta.exe
2011-09-24 20:33:56 ----A---- C:\windows\system32\ieUnatt.exe
2011-09-24 20:33:56 ----A---- C:\windows\system32\admparse.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\msfeedssync.exe
2011-09-24 20:33:55 ----A---- C:\windows\system32\msfeedsbs.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\jscript9.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\jscript.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\imgutil.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\iepeers.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\ieakui.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\ieaksie.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\IEAdvpack.dll
2011-09-24 20:33:55 ----A---- C:\windows\system32\advpack.dll
2011-09-24 20:33:54 ----A---- C:\windows\system32\ieakeng.dll
2011-09-23 16:44:25 ----D---- C:\Users\Lenka\AppData\Roaming\MyPhoneExplorer
2011-09-23 16:44:10 ----D---- C:\Program Files\MyPhoneExplorer
2011-09-23 16:15:51 ----D---- C:\ProgramData\Avanquest Bluetooth SDK
2011-09-22 23:58:59 ----D---- C:\ProgramData\WindowsSearch
2011-09-22 22:51:33 ----A---- C:\windows\ntbtlog.txt
2011-09-22 22:41:33 ----D---- C:\ProgramData\Avanquest
2011-09-19 21:05:18 ----D---- C:\Program Files\AVAST Software
2011-09-19 19:07:16 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 months======

2011-10-02 12:49:16 ----D---- C:\windows\Prefetch
2011-10-02 12:49:06 ----D---- C:\Program Files\trend micro
2011-10-02 11:46:12 ----SHD---- C:\System Volume Information
2011-10-02 11:39:19 ----AD---- C:\ProgramData\TEMP
2011-10-02 11:37:24 ----RD---- C:\Program Files
2011-10-02 11:19:39 ----D---- C:\windows\System32
2011-10-02 11:19:39 ----D---- C:\windows\inf
2011-10-02 11:19:39 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-10-02 11:16:13 ----D---- C:\Users\Lenka\AppData\Roaming\Skype
2011-10-02 11:14:09 ----A---- C:\windows\system32\rpcnetp.exe
2011-10-02 11:14:06 ----A---- C:\windows\system32\rpcnet.dll
2011-10-01 11:54:31 ----D---- C:\Program Files\Mozilla Firefox
2011-09-29 20:57:30 ----D---- C:\windows\rescache
2011-09-29 17:55:23 ----D---- C:\windows\system32\catroot2
2011-09-29 17:54:23 ----D---- C:\Windows
2011-09-29 17:50:07 ----A---- C:\windows\system32\mrt.exe
2011-09-29 17:44:17 ----D---- C:\windows\ModemLogs
2011-09-28 22:24:12 ----D---- C:\windows\system32\wbem
2011-09-28 22:24:12 ----D---- C:\windows\system32\drivers
2011-09-28 19:03:15 ----SHD---- C:\windows\Installer
2011-09-28 18:48:36 ----D---- C:\windows\winsxs
2011-09-28 18:46:58 ----D---- C:\ProgramData
2011-09-28 18:19:06 ----D---- C:\windows\system32\catroot
2011-09-26 22:42:45 ----AD---- C:\windows\system32\cs-CZ
2011-09-26 20:45:39 ----D---- C:\Program Files\Common Files
2011-09-26 20:28:22 ----D---- C:\Program Files\Sony Ericsson
2011-09-25 19:38:16 ----D---- C:\windows\Tasks
2011-09-25 19:38:16 ----D---- C:\windows\system32\Tasks
2011-09-25 11:06:29 ----D---- C:\Program Files\Common Files\PX Storage Engine
2011-09-25 11:06:22 ----D---- C:\Program Files\Common Files\Roxio Shared
2011-09-24 23:18:02 ----A---- C:\windows\system.ini
2011-09-24 22:29:41 ----D---- C:\windows\AppPatch
2011-09-24 20:37:42 ----RD---- C:\windows\Offline Web Pages
2011-09-24 20:37:42 ----D---- C:\windows\system32\migration
2011-09-24 20:37:42 ----D---- C:\windows\system32\en-US
2011-09-24 20:37:42 ----D---- C:\windows\PolicyDefinitions
2011-09-24 20:37:42 ----D---- C:\Program Files\Internet Explorer
2011-09-24 20:37:41 ----SD---- C:\windows\Downloaded Program Files
2011-09-24 20:34:41 ----D---- C:\windows\SoftwareDistribution
2011-09-22 23:20:47 ----A---- C:\windows\system32\rpcnetp.dll
2011-09-22 22:41:35 ----D---- C:\Program Files\Avanquest update
2011-09-21 19:59:47 ----D---- C:\Program Files\IrfanView
2011-09-19 18:50:49 ----D---- C:\Program Files\Microsoft Office
2011-09-16 03:23:10 ----RSD---- C:\windows\assembly
2011-09-16 03:23:10 ----D---- C:\windows\Microsoft.NET
2011-09-16 03:14:35 ----D---- C:\Program Files\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2009-05-30 278984]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2009-05-30 25416]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-24 309248]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-04-22 80424]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2008-04-22 80936]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-04-22 16168]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\windows\system32\DRIVERS\e1e6032.sys [2007-05-24 223616]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S1 MpKsl45d4a2a0;MpKsl45d4a2a0; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5E197D10-1E36-471E-8A6A-2C10AEF2AF4A}\MpKsl45d4a2a0.sys []
S1 MpKsl82e7805e;MpKsl82e7805e; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{896289A3-1540-4006-A048-15ACAA7DFD45}\MpKsl82e7805e.sys []
S1 MpKsl8a6f29c8;MpKsl8a6f29c8; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F627B244-627E-4305-AFF2-5099CB634F59}\MpKsl8a6f29c8.sys []
S1 MpKsle8d7f926;MpKsle8d7f926; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{235D434B-6407-411E-9F7B-0E4AC1DF5D5F}\MpKsle8d7f926.sys []
S3 ajeqwvkl;ajeqwvkl; C:\windows\system32\drivers\ajeqwvkl.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\windows\system32\DRIVERS\bridge.sys [2009-04-11 93696]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-04-11 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 catchme;catchme; \??\C:\Users\Lenka\AppData\Local\Temp\catchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv.sys [2007-06-08 30008]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2010-08-14 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2010-08-14 25512]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102912]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\windows\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\windows\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\windows\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 seehcri;Sony Ericsson seehcri Device Driver; C:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 snpstd;Eye 310; C:\windows\system32\DRIVERS\snpstd.sys [2007-03-29 384384]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;Sony Ericsson USB Serial Port; C:\windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-08-27 566616]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-02-06 69632]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\windows\system32\rpcnet.exe [2011-08-26 58288]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-04-16 165192]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9b06af0e15920;Google Update Service (gupdate1c9b06af0e15920); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-29 133104]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\Windows\system32\flcdlock.exe [2007-06-08 172131]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-29 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]
S3 WPFFontCache_v0400;@C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#17 Příspěvek od **motji** » 03 říj 2011 21:16

Ještě bych ráda na něco mrkla.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

lency · #18 Příspěvek od **lency** » 04 říj 2011 23:22

OTL logfile created on: 4.10.2011 21:54:42 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Lenka\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 34,34% Memory free
4,22 Gb Paging File | 2,72 Gb Available in Paging File | 64,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,05 Gb Total Space | 22,95 Gb Free Space | 16,39% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,54 Gb Free Space | 28,24% Space Free | Partition Type: NTFS

Computer Name: LENKA-PC | User Name: Lenka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.04 21:52:44 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
PRC - [2011.10.01 11:10:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.01 14:39:54 | 000,966,712 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2011.06.16 10:24:20 | 000,141,824 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011.03.15 14:44:28 | 000,650,080 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.04.18 15:53:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.04.17 20:41:24 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.17 20:41:22 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007.08.08 15:53:16 | 000,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
PRC - [2007.05.08 17:38:44 | 000,331,552 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsty.exe
PRC - [2007.03.30 14:16:16 | 000,344,064 | ---- | M] () -- C:\Windows\vsnpstd.exe
PRC - [2007.01.10 00:52:36 | 000,145,184 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe

========== Modules (No Company Name) ==========

MOD - [2011.10.01 11:10:13 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.10.01 11:10:02 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.09.01 14:38:32 | 000,931,896 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2011.09.01 14:37:50 | 010,837,504 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2011.09.01 14:37:50 | 000,913,920 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2011.09.01 14:37:50 | 000,416,256 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll
MOD - [2011.09.01 14:37:50 | 000,196,608 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll
MOD - [2011.09.01 14:37:50 | 000,026,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll
MOD - [2011.09.01 14:37:48 | 008,166,912 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2011.09.01 14:37:48 | 002,551,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2011.09.01 14:37:48 | 002,282,496 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2011.09.01 14:37:48 | 002,246,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2011.09.01 14:37:48 | 001,288,192 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2011.09.01 14:37:48 | 000,676,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2011.09.01 14:37:48 | 000,340,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2011.09.01 14:37:48 | 000,266,752 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2011.09.01 14:37:48 | 000,190,464 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2011.09.01 14:08:58 | 000,508,416 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll
MOD - [2011.09.01 14:08:56 | 000,109,568 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll
MOD - [2011.09.01 14:08:18 | 000,378,880 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QxtCore.dll
MOD - [2011.09.01 14:08:18 | 000,159,232 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QxtWeb.dll
MOD - [2011.09.01 14:08:16 | 000,089,088 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\qjson.dll
MOD - [2011.09.01 14:08:14 | 000,392,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\ssoengine.dll
MOD - [2011.09.01 14:08:14 | 000,387,976 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2011.09.01 14:08:14 | 000,058,768 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\securestorage.dll
MOD - [2011.09.01 14:07:04 | 000,727,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2008.10.11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.17 20:34:30 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.08.08 15:53:16 | 000,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
MOD - [2007.06.08 18:05:38 | 000,274,432 | ---- | M] () -- C:\Windows\System32\flcdlmsg.dll
MOD - [2007.03.30 14:16:16 | 000,344,064 | ---- | M] () -- C:\Windows\vsnpstd.exe
MOD - [2005.07.20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\zlib1.dll

========== Driver Services (SafeList) ==========

DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.05.18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.08.14 20:11:47 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.08.14 20:11:47 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.07.23 11:57:22 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 11:57:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.05.30 00:01:59 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.05.30 00:01:56 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.10 14:28:56 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008. | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.12.10 15:22:22 | 000,110,120 | ---- | M] (MCCI C

lency · #19 Příspěvek od **lency** » 04 říj 2011 23:23

2.část

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.08.26 15:40:15 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.03.15 14:44:30 | 000,428,384 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.04.18 15:54:02 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.04.08 14:12:50 | 001,112,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.08.27 14:38:50 | 000,566,616 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2007.06.08 18:06:42 | 000,172,131 | R--- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2007.05.08 17:38:46 | 000,540,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2007.03.05 18:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2007.02.06 09:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)ADISRV.EXE -- (AEADIFilters)
SRV - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - [2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.05.18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.08.14 20:11:47 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.08.14 20:11:47 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.07.23 11:57:22 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 11:57:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.05.30 00:01:59 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.05.30 00:01:56 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.10 14:28:56 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008.01.09 13:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.12.10 15:22:22 | 000,110,120 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017unic.sys -- (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM)
DRV - [2007.12.10 15:22:22 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017obex.sys -- (s3017obex)
DRV - [2007.12.10 15:22:20 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mgmt.sys -- (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM)
DRV - [2007.12.10 15:22:20 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017nd5.sys -- (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS)
DRV - [2007.12.10 15:22:18 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mdm.sys -- (s3017mdm)
DRV - [2007.12.10 15:22:18 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mdfl.sys -- (s3017mdfl)
DRV - [2007.12.10 15:22:14 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017bus.sys -- (s3017bus) Sony Ericsson Device 3017 driver (WDM)
DRV - [2007.06.25 11:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117obex.sys -- (s117obex)
DRV - [2007.06.25 11:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007.06.25 11:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.25 11:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007.06.25 11:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007.06.25 11:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007.06.25 11:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007.06.19 01:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.06.08 17:49:46 | 000,030,008 | R--- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2007.05.24 16:07:18 | 000,223,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007.03.29 14:54:40 | 000,384,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd.sys -- (snpstd)
DRV - [2006.06.28 18:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
IE - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "www.centrum.cz"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Lenka\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.25 13:15:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.01 11:10:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.04 21:29:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.09.26 20:45:14 | 000,000,000 | ---D | M]

[2010.01.16 15:40:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenka\AppData\Roaming\Mozilla\Extensions
[2010.01.16 15:40:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenka\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.10.03 18:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\75y6ut0h.default\extensions
[2010.07.03 09:40:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\75y6ut0h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.05.10 14:32:42 | 000,002,399 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\75y6ut0h.default\searchplugins\daemon-search.xml
[2011.09.28 00:06:12 | 000,001,056 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\75y6ut0h.default\searchplugins\icqplugin.xml
[2011.10.03 20:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.02.12 11:35:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.23 18:34:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.26 22:09:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.03 20:29:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.10.03 20:33:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
[2011.09.25 13:15:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.10.01 11:10:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 20:33:38 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.09.24 23:17:49 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004..\Run: [] File not found
O4 - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {70EDCF63-CA7E-4812-8528-DA1EA2FD53B6} http://www.psslavia.cz/VitaminCtrl_2_1_0_26.cab (VitaminCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A290EAA-15A4-4987-BA2A-96DE2E375486}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9588314-E8BF-44E9-B6D1-692163D7B99D}: DhcpNameServer = 217.77.165.81 217.77.161.131
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O24 - Desktop WallPaper: C:\Users\Lenka\Leňule\Internet_Explorer_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Lenka\Leňule\Internet_Explorer_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.divxa32 - C:\windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.vorbis - C:\windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\windows\System32\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.wmv3 - C:\windows\System32\WMV9VCM.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.10.04 21:52:38 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2011.10.03 20:33:57 | 000,214,408 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2011.10.03 20:33:57 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2011.10.03 20:33:57 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2011.10.02 14:24:53 | 000,000,000 | ---D | C] -- C:\JDownloader
[2011.10.01 12:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011.09.29 17:54:23 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2011.09.28 18:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2011.09.28 18:18:31 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys
[2011.09.28 18:16:11 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Desktop\záloha paměťovky
[2011.09.26 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\Lenka\Documents\Ovi
[2011.09.26 20:54:42 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Nokia Ovi Suite
[2011.09.26 20:54:40 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\Nokia
[2011.09.26 20:51:12 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFx.dll
[2011.09.26 20:51:12 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFPlatform.dll
[2011.09.26 20:51:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFCoinstaller.dll
[2011.09.26 20:49:25 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\NokiaAccount
[2011.09.26 20:47:39 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\Nokia
[2011.09.26 20:47:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011.09.26 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\PC Suite
[2011.09.26 20:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011.09.26 20:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011.09.26 20:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011.09.26 20:44:58 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011.09.26 20:44:24 | 000,000,000 | ---D | C] -- C:\windows\System32\DRVSTORE
[2011.09.26 20:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011.09.26 20:43:05 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011.09.26 20:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011.09.26 20:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011.09.25 23:02:40 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\URSoft
[2011.09.25 23:02:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller 2010
[2011.09.25 23:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Your Uninstaller 2010
[2011.09.25 13:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.09.25 13:16:07 | 000,320,856 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2011.09.25 13:16:07 | 000,020,568 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2011.09.25 13:16:05 | 000,034,392 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys
[2011.09.25 13:16:04 | 000,442,200 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2011.09.25 13:16:04 | 000,054,616 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2011.09.25 13:16:04 | 000,052,568 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2011.09.25 13:15:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2011.09.25 13:15:40 | 000,199,304 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2011.09.25 13:06:13 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.09.25 13:04:49 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.09.24 23:22:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.09.24 23:22:52 | 000,000,000 | ---D | C] -- C:\windows\temp
[2011.09.24 21:20:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2011.09.24 21:20:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2011.09.24 21:20:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2011.09.24 21:19:49 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011.09.24 21:19:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.09.24 21:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011.09.24 21:07:19 | 004,227,131 | R--- | C] (Swearware) -- C:\Users\Lenka\Desktop\ComboFix.exe
[2011.09.24 20:34:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2011.09.24 20:34:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011.09.24 20:34:00 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2011.09.24 20:33:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011.09.24 20:33:59 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011.09.24 20:33:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2011.09.24 20:33:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2011.09.24 20:33:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2011.09.24 20:33:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2011.09.24 20:33:58 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2011.09.24 20:33:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011.09.24 20:33:58 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2011.09.24 20:33:58 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011.09.24 20:33:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011.09.24 20:33:58 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2011.09.24 20:33:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011.09.24 20:33:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011.09.24 20:33:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011.09.24 20:33:57 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011.09.24 20:33:57 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011.09.24 20:33:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2011.09.24 20:33:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2011.09.24 20:33:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2011.09.24 20:33:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011.09.24 20:33:56 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011.09.24 20:33:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011.09.24 20:33:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\admparse.dll
[2011.09.24 20:33:56 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2011.09.24 20:33:55 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2011.09.24 20:33:55 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll
[2011.09.24 20:33:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll
[2011.09.24 20:33:55 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011.09.24 20:33:55 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2011.09.24 20:33:55 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011.09.24 20:33:55 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2011.09.24 20:33:55 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011.09.24 20:33:54 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll
[2011.09.23 16:44:25 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Roaming\MyPhoneExplorer
[2011.09.23 16:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2011.09.23 16:44:10 | 000,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2011.09.23 16:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest Bluetooth SDK
[2011.09.22 23:58:59 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.09.22 22:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2011.09.19 21:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011.09.19 19:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2010.02.07 17:53:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Lenka\AppData\Roaming\pcouffin.sys
[2009.04.26 23:15:52 | 000,061,440 | ---- | C] ( ) -- C:\windows\System32\rsnpstd.dll
[2009.04.26 23:15:52 | 000,053,248 | ---- | C] ( ) -- C:\windows\System32\csnpstd.dll
[2009.04.26 23:15:52 | 000,036,864 | ---- | C] ( ) -- C:\windows\System32\vsnpstd.dll
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.04 22:00:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.04 21:56:10 | 000,644,876 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2011.10.04 21:56:10 | 000,634,650 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.10.04 21:56:10 | 000,138,142 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2011.10.04 21:56:10 | 000,120,214 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.10.04 21:52:44 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2011.10.04 21:50:56 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.04 21:29:42 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.exe
[2011.10.04 21:29:40 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\System32\rpcnet.dll
[2011.10.04 21:29:27 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.04 21:29:27 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.04 21:29:20 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.10.04 21:29:17 | 2136,317,952 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.03 22:09:07 | 000,002,528 | ---- | M] () -- C:\windows\System32\settings.aaw
[2011.10.03 22:09:06 | 000,000,960 | ---- | M] () -- C:\windows\System32\history.aaw
[2011.10.03 22:08:58 | 000,004,268 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.10.03 21:25:00 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.03 20:33:36 | 000,214,408 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2011.10.03 20:33:36 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2011.10.03 20:33:36 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2011.10.03 20:33:35 | 000,544,656 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2011.10.03 18:48:35 | 000,000,322 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForLenka.job
[2011.10.02 21:04:32 | 000,000,883 | ---- | M] () -- C:\Users\Lenka\Desktop\urmain – zástupce.lnk
[2011.10.02 14:32:29 | 000,064,512 | ---- | M] () -- C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.01 11:10:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011.09.29 17:53:53 | 232,098,176 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011.09.28 18:19:18 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.09.28 18:19:18 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011.09.27 19:06:34 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2011.09.26 20:47:22 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.09.25 13:16:08 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.09.25 13:16:04 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2011.09.24 23:17:49 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2011.09.24 21:07:38 | 004,227,131 | R--- | M] (Swearware) -- C:\Users\Lenka\Desktop\ComboFix.exe
[2011.09.24 20:46:55 | 000,001,912 | ---- | M] () -- C:\windows\epplauncher.mif
[2011.09.24 20:34:34 | 000,008,798 | ---- | M] () -- C:\windows\System32\icrav03.rat
[2011.09.24 20:34:33 | 000,001,988 | ---- | M] () -- C:\windows\System32\ticrf.rat
[2011.09.24 20:34:01 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2011.09.24 20:34:01 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011.09.24 20:34:00 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2011.09.24 20:33:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011.09.24 20:33:59 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011.09.24 20:33:59 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2011.09.24 20:33:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2011.09.24 20:33:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2011.09.24 20:33:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2011.09.24 20:33:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2011.09.24 20:33:58 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011.09.24 20:33:58 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2011.09.24 20:33:58 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011.09.24 20:33:58 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011.09.24 20:33:58 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2011.09.24 20:33:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011.09.24 20:33:58 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011.09.24 20:33:58 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011.09.24 20:33:58 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011.09.24 20:33:57 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011.09.24 20:33:57 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011.09.24 20:33:57 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2011.09.24 20:33:57 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2011.09.24 20:33:57 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2011.09.24 20:33:57 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011.09.24 20:33:56 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011.09.24 20:33:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll
[2011.09.24 20:33:56 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011.09.24 20:33:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\admparse.dll
[2011.09.24 20:33:56 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2011.09.24 20:33:55 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2011.09.24 20:33:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll
[2011.09.24 20:33:55 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011.09.24 20:33:55 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2011.09.24 20:33:55 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011.09.24 20:33:55 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2011.09.24 20:33:55 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011.09.24 20:33:54 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll
[2011.09.23 16:44:21 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\MyPhoneExplorer.lnk
[2011.09.22 23:20:47 | 000,017,408 | ---- | M] () -- C:\windows\System32\rpcnetp.dll
[2011.09.09 21:38:18 | 000,109,441 | ---- | M] () -- C:\Users\Lenka\Desktop\voucher vibrostation.jpg
[2011.09.06 22:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2011.09.06 22:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2011.09.06 22:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2011.09.06 22:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2011.09.06 22:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys
[2011.09.06 22:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2011.09.06 22:36:26 | 000,054,616 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2011.09.06 22:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.04 22:00:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.02 21:04:32 | 000,000,883 | ---- | C] () -- C:\Users\Lenka\Desktop\urmain – zástupce.lnk
[2011.10.02 14:25:29 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.10.02 14:25:29 | 000,001,456 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011.10.02 14:25:29 | 000,001,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.09.29 17:53:53 | 232,098,176 | ---- | C] () -- C:\windows\MEMORY.DMP
[2011.09.28 19:48:12 | 001,091,376 | ---- | C] () -- C:\Users\Lenka\Desktop\PowerMP3_S60_1_15b.sis
[2011.09.28 18:19:18 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.09.28 18:19:18 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011.09.28 18:18:34 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011.09.27 19:06:34 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2011.09.26 20:47:22 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2011.09.25 23:50:16 | 000,002,528 | ---- | C] () -- C:\windows\System32\settings.aaw
[2011.09.25 23:50:16 | 000,000,960 | ---- | C] () -- C:\windows\System32\history.aaw
[2011.09.25 19:38:16 | 000,000,322 | ---- | C] () -- C:\windows\tasks\HPCeeScheduleForLenka.job
[2011.09.25 13:16:08 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.09.24 21:20:14 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011.09.24 21:20:14 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011.09.24 21:20:14 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011.09.24 21:20:14 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011.09.24 21:20:14 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011.09.24 20:33:58 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011.09.23 16:44:21 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\MyPhoneExplorer.lnk
[2011.09.22 23:20:04 | 2136,317,952 | -HS- | C] () -- C:\hiberfil.sys
[2011.09.09 21:38:18 | 000,109,441 | ---- | C] () -- C:\Users\Lenka\Desktop\voucher vibrostation.jpg
[2011.06.13 18:15:24 | 000,000,680 | ---- | C] () -- C:\Users\Lenka\AppData\Local\d3d9caps.dat
[2010.05.24 10:55:00 | 000,000,528 | ---- | C] () -- C:\windows\eReg.dat
[2010.02.07 17:53:25 | 000,087,608 | ---- | C] () -- C:\Users\Lenka\AppData\Roaming\inst.exe
[2010.02.07 17:53:25 | 000,007,887 | ---- | C] () -- C:\Users\Lenka\AppData\Roaming\pcouffin.cat
[2010.02.07 17:53:25 | 000,001,144 | ---- | C] () -- C:\Users\Lenka\AppData\Roaming\pcouffin.inf
[2009.11.10 11:39:36 | 003,806,222 | ---- | C] () -- C:\Users\Lenka\AppData\Roaming\David Guetta Feat. Estelle - One Love.zip
[2009.09.26 14:02:32 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009.09.26 14:02:31 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009.09.26 12:47:13 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.exe
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\windows\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelFrench.dll
[2009.05.30 00:01:59 | 000,278,984 | ---- | C] () -- C:\windows\System32\drivers\atksgt.sys
[2009.05.30 00:01:56 | 000,025,416 | ---- | C] () -- C:\windows\System32\drivers\lirsgt.sys
[2009.05.09 14:54:30 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2009.04.26 23:15:53 | 000,344,064 | ---- | C] () -- C:\windows\vsnpstd.exe
[2009.04.26 23:15:52 | 000,384,384 | ---- | C] () -- C:\windows\System32\drivers\snpstd.sys
[2009.04.26 23:15:52 | 000,015,541 | ---- | C] () -- C:\windows\snpstd.ini
[2009.03.06 19:25:20 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2009.03.01 20:07:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.03.01 12:43:19 | 000,000,384 | ---- | C] () -- C:\windows\ODBC.INI
[2009.02.26 01:56:02 | 000,004,268 | ---- | C] () -- C:\windows\bthservsdp.dat
[2009.02.25 19:51:42 | 000,024,206 | ---- | C] () -- C:\Users\Lenka\AppData\Roaming\UserTile.png
[2009.02.25 19:30:44 | 000,064,512 | ---- | C] () -- C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.04 10:52:37 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008.08.04 10:52:37 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008.08.04 10:52:37 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008.08.04 10:52:37 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008.08.04 10:52:37 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008.08.04 10:52:37 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008.08.04 10:35:33 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008.04.17 12:02:10 | 000,644,876 | ---- | C] () -- C:\windows\System32\perfh005.dat
[2008.04.17 12:02:10 | 000,286,912 | ---- | C] () -- C:\windows\System32\perfi005.dat
[2008.04.17 12:02:10 | 000,138,142 | ---- | C] () -- C:\windows\System32\perfc005.dat
[2008.04.17 12:02:10 | 000,034,724 | ---- | C] () -- C:\windows\System32\perfd005.dat
[2008.02.11 14:55:18 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1437.dll
[2008.02.11 14:34:48 | 002,215,364 | ---- | C] () -- C:\windows\System32\igklg400.bin
[2008.02.11 14:34:48 | 001,971,732 | ---- | C] () -- C:\windows\System32\igklg450.bin
[2008.02.11 14:34:48 | 000,029,932 | ---- | C] () -- C:\windows\System32\igmedcompkrn.bin
[2007.09.27 00:07:02 | 000,007,680 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2007.06.08 18:05:38 | 000,274,432 | ---- | C] () -- C:\windows\System32\flcdlmsg.dll
[2007.04.13 15:19:52 | 000,007,680 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2007.03.10 13:51:48 | 000,282,624 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2007.02.06 02:05:26 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 14:44:53 | 000,423,200 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,634,650 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,120,214 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2006.02.25 20:09:38 | 000,774,144 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI
[2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll

========== LOP Check ==========

[2009.03.21 18:40:29 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Broad Intelligence
[2009.03.21 23:12:10 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Canneverbe_Limited
[2011.07.26 22:04:02 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Canon
[2010.07.27 20:35:39 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\COWON
[2009.05.10 14:39:27 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010.04.04 18:44:01 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Facebook
[2009.11.17 20:00:26 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Games
[2009.05.01 22:22:38 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GetRightToGo
[2009.05.03 21:11:24 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GHISLER
[2010.11.22 19:26:09 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ICQ
[2009.05.14 16:43:14 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\InterVideo
[2010.01.04 19:50:55 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\IrfanView
[2010.02.07 15:26:52 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2011.09.23 16:53:06 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\MyPhoneExplorer
[2011.09.26 20:54:40 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Nokia
[2011.09.26 20:54:42 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Nokia Ovi Suite
[2011.10.02 12:53:51 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\PC Suite
[2009.02.25 19:51:42 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\PeerNetworking
[2011.08.28 12:40:08 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\smc
[2010.08.15 15:02:22 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Sony
[2010.03.07 19:27:18 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Super-Cow
[2010.01.16 15:40:05 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Thunderbird
[2011.09.25 23:02:40 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\URSoft
[2011.07.22 23:42:40 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ValuSoft
[2010.08.20 07:10:05 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Vodafone
[2010.02.07 17:53:25 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Vso
[2011.07.22 22:26:13 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\XnView
[2011.10.04 21:49:51 | 000,032,614 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.12.03 17:46:34 | 014,944,136 | R--- | M] (Skype Technologies S.A.)
"" =
"NokiaOviSuite2" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray -- [2011.09.01 14:39:54 | 000,966,712 | ---- | M] (Nokia)

< >

< MD5 for: AGP440.SYS >
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.01.21 04:34:33 | 000,642,560 | ---- | M] () MD5=41D968409C9846B49BC5F20137C72241 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=F5D42CD92073F7A48206404C575FCAEE -- C:\Windows\System32\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=F5D42CD92073F7A48206404C575FCAEE -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008.01.21 04:34:19 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2008.01.21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008.01.21 04:34:43 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.04.11 06:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\System32\drivers\fastfat.sys
[2009.04.11 06:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6002.18005_none_b09ea48c5485f42b\fastfat.sys
[2008.01.21 04:33:52 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3C489390C2E2064563727752AF8EAB9E -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.0.6001.18000_none_aeb32b80576428df\fastfat.sys

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2008.04.15 19:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.15 19:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\SwSetup\Drivers\64\HDD\IaStor.sys
[2008.04.15 19:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\SwSetup\Drivers\Global\INTELMSM\Winall\Driver64\IaStor.sys
[2008.04.15 19:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_6917e7b0\iaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\SwSetup\Drivers\32\HDD\IaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\SwSetup\Drivers\Global\INTELMSM\Winall\Driver\IaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_054cd65f\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:32:22 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\ERDNT\cache\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:33:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NTFS.SYS >
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\ERDNT\cache\ntfs.sys
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Společnost Microsoft) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009.04.11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008.01.21 04:33:23 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys

< MD5 for: NVRAID.SYS >
[2008.01.21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SERVICES.EXE >
[2008.01.21 04:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\ERDNT\cache\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009.04.11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

lency · #20 Příspěvek od **lency** » 04 říj 2011 23:23

3.část

< MD5 for: SMSS.EXE >
[2008.01.21 04:33:22 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009.04.11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008.01.21 04:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\ERDNT\cache\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010.08.17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010.08.17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010.08.17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011.06.17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\ERDNT\cache\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\ERDNT\cache\ws2_32.dll
[2008.01.21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2007.09.14 01:04:54 | 000,252,416 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp073.dll
[2007.04.09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
[2008.04.17 11:49:59 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LMPRTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.02.25 19:14:27 | 000,000,000 | RHS- | M] () -- C:\windows\system32\drivers\103C_HP_bNB_550_Y5336AN_0U_QCNU8435DHX_E489315-021_4A_I3618_SHP_V12.00_68MVU F.02_T080820_WV2-1_L405_M2039_J160_7Intel_86FD_91.60_#090225_N14E44315_(FU412EA#AKB)_XMOBILE_CN10_Z_2F.02_G80862A12;80862A13.MRK
[2006.09.18 23:26:46 | 003,440,660 | ---- | M] () -- C:\windows\system32\drivers\gm.dls
[2006.09.18 23:26:46 | 000,000,646 | ---- | M] () -- C:\windows\system32\drivers\gmreadme.txt
[2011.09.28 18:19:18 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2009.07.14 19:45:07 | 000,000,003 | ---- | M] () -- C:\windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011.09.28 18:19:18 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.08.14 20:16:05 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2009.04.23 20:59:33 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2008.08.04 10:50:05 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.09.27 19:06:34 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2008.08.01 01:46:57 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009.11.20 19:05:11 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009.04.23 20:04:34 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009.11.20 19:05:18 | 000,000,000 | -H-- | M] () -- C:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2006.11.02 15:09:50 | 001,419,232 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\drivers\wdfcoinstaller01005.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.* /5 >
[2011.10.04 21:29:27 | 000,003,216 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.04 21:29:27 | 000,003,216 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.03 20:33:35 | 000,544,656 | ---- | M] (Oracle Corporation) -- C:\windows\system32\deployJava1.dll
[2011.10.02 19:52:03 | 000,000,052 | ---- | M] () -- C:\windows\system32\DOErrors.log
[2011.10.01 11:10:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerCPLApp.cpl
[2011.10.03 22:09:06 | 000,000,960 | ---- | M] () -- C:\windows\system32\history.aaw
[2011.10.03 20:33:36 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\windows\system32\java.exe
[2011.10.03 20:33:36 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\windows\system32\javaw.exe
[2011.10.03 20:33:36 | 000,214,408 | ---- | M] (Oracle Corporation) -- C:\windows\system32\javaws.exe
[2011.10.03 20:28:56 | 000,002,919 | ---- | M] () -- C:\windows\system32\jupdate-1.6.0_27-b07.log
[2011.10.04 21:56:10 | 000,138,142 | ---- | M] () -- C:\windows\system32\perfc005.dat
[2011.10.04 21:56:10 | 000,120,214 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2011.10.04 21:56:10 | 000,644,876 | ---- | M] () -- C:\windows\system32\perfh005.dat
[2011.10.04 21:56:10 | 000,634,650 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2011.10.04 21:56:10 | 001,532,722 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI
[2011.10.04 21:29:40 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\windows\system32\rpcnet.dll
[2011.10.04 21:29:42 | 000,017,408 | ---- | M] () -- C:\windows\system32\rpcnetp.exe
[2011.10.03 22:09:07 | 000,002,528 | ---- | M] () -- C:\windows\system32\settings.aaw
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\windows\system32\config\COMPONENTS.SAV
[2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\windows\system32\config\DEFAULT.SAV
[2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\windows\system32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\windows\system32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\windows\system32\config\SYSTEM.SAV

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[6 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\ff79deb68dd14e181249e03b765501f5\*.tmp files -> C:\windows\SoftwareDistribution\Download\ff79deb68dd14e181249e03b765501f5\*.tmp -> ]
[2 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[44 C:\windows\temp\*.tmp files -> C:\windows\temp\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.03.29 20:55:09 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Adobe
[2009.02.27 21:05:34 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Ahead
[2009.03.21 18:40:29 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Broad Intelligence
[2009.03.21 23:12:10 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Canneverbe_Limited
[2011.07.26 22:04:02 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Canon
[2010.07.27 20:35:39 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\COWON
[2009.05.10 14:39:27 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\DAEMON Tools Lite
[2010.04.04 18:44:01 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Facebook
[2010.08.20 07:16:46 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\FLEXnet
[2009.11.17 20:00:26 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Games
[2009.05.01 22:22:38 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GetRightToGo
[2009.05.03 21:11:24 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\GHISLER
[2009.04.05 20:04:35 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Hewlett-Packard
[2010.08.28 23:41:52 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\HpUpdate
[2010.11.22 19:26:09 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ICQ
[2009.02.25 19:21:20 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Identities
[2009.02.25 21:02:59 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\InstallShield
[2009.05.14 16:43:14 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\InterVideo
[2010.01.04 19:50:55 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\IrfanView
[2010.02.07 15:26:52 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Leadertech
[2009.02.25 19:18:46 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Macromedia
[2011.03.29 20:55:09 | 000,000,000 | --SD | M] -- C:\Users\Lenka\AppData\Roaming\Microsoft
[2009.05.03 18:04:16 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Mozilla
[2011.09.23 16:53:06 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\MyPhoneExplorer
[2011.09.26 20:54:40 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Nokia
[2011.09.26 20:54:42 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Nokia Ovi Suite
[2011.10.02 12:53:51 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\PC Suite
[2009.02.25 19:51:42 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\PeerNetworking
[2009.05.29 23:54:36 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Roxio
[2011.10.04 21:31:46 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Skype
[2010.12.31 13:06:56 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\skypePM
[2011.08.28 12:40:08 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\smc
[2010.08.15 15:02:22 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Sony
[2011.05.21 11:22:27 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Sony Corporation
[2010.03.07 19:27:18 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Super-Cow
[2010.01.16 15:40:05 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Thunderbird
[2011.09.25 23:02:40 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\URSoft
[2011.07.22 23:42:40 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ValuSoft
[2010.08.20 07:10:05 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Vodafone
[2010.02.07 17:53:25 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Vso
[2009.05.01 21:23:42 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\WinRAR
[2011.07.22 22:26:13 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\XnView

< %APPDATA%\*.* >
[2009.11.10 11:39:36 | 003,806,222 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\David Guetta Feat. Estelle - One Love.zip
[2010.02.07 17:53:25 | 000,087,608 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\inst.exe
[2010.02.07 17:53:25 | 000,007,887 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\pcouffin.cat
[2010.02.07 17:53:25 | 000,001,144 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\pcouffin.inf
[2010.02.07 17:53:25 | 000,000,055 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\pcouffin.log
[2010.02.07 17:53:25 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Lenka\AppData\Roaming\pcouffin.sys
[2009.02.25 19:51:42 | 000,024,206 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\UserTile.png

< %APPDATA%\*.exe /s >
[2010.02.07 17:53:25 | 000,087,608 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\inst.exe
[2010.04.04 18:44:02 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Lenka\AppData\Roaming\Facebook\uninstall.exe
[2009.08.13 17:57:12 | 000,010,134 | R--- | M] () -- C:\Users\Lenka\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-29 21:00:02

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.04.11 08:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation)
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.04 22:00:05 | 000,000,512 | ---- | M] () MD5=AE551DB8F9A79AC411D06E09FD3F9254 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >

lency · #21 Příspěvek od **lency** » 04 říj 2011 23:24

Extras:
1.část

OTL Extras logfile created on: 4.10.2011 21:54:42 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Lenka\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 34,34% Memory free
4,22 Gb Paging File | 2,72 Gb Available in Paging File | 64,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,05 Gb Total Space | 22,95 Gb Free Space | 16,39% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,54 Gb Free Space | 28,24% Space Free | Partition Type: NTFS

Computer Name: LENKA-PC | User Name: Lenka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3352399057-1610543560-1174701497-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{514FF810-A57F-46B7-95EE-96D55B6115D6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{51F6A5A1-23F0-4DFA-98FD-1736F68267D3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F205FEC-5B90-413A-A69E-B4969C38BD58}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{78A7F30A-DAC3-4780-B1EF-23595836AFA9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{93D07627-7B0C-4A60-9053-5AC6869D25B4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A0ACFDC-0E1C-4EEA-8B43-B5CBA00FAE41}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B058E688-D6D3-4D12-8532-1943C78C7231}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D59C7AA9-DC5B-4464-A152-5AAB35770FFE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C03913-8287-4FD6-A264-A328FD30415F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{0FF606A4-72B6-48FE-A5CF-BD253EAA1EA8}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{13230B5E-0F33-455A-9B7B-63299D5729E1}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{186E0E3D-4887-4B75-8FC9-016988916E46}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{2371541C-67BE-4A3C-87A5-CAFD6B84E7F7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2B3A306B-2707-48A2-B8C8-0C3749087273}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{3C72CCD5-5E3A-4008-960D-B35CC3350B6E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{3F9ACC4D-D9E9-47A7-B9BF-0C2A4DBB9C9A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{51FD51AC-84D9-4A6D-88E9-BA8DD21D4B07}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{6FF07BA2-F2C2-48C8-95A0-9F2C3242795A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{777410E0-2A47-41A5-A130-41B102BE935D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{78973B15-01FB-4DDB-A7B8-57BF7CBE5124}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{845CD9FD-EE48-4BA8-A1BD-D07B6CCAC00B}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{892CEBFF-86C3-4065-AAC1-D6C372CAD0A4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{8E2F023C-663B-4506-876A-53842D009539}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1DA0C5A-3172-455B-8BBD-FF5774FC7290}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A72EEB14-029B-4F17-9232-782085C3A1A9}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{B171CFE0-8C0C-47F6-96F6-6F2138D441D8}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{C08088E0-E724-449B-9750-0979C3398EEC}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{C90AB0D9-853D-4AB1-8B31-13BBE0847A82}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{D31CE157-96C0-45BB-A2C2-398CD1EFCE05}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D5E6CD40-1ED0-4A84-A692-F5E8776F6D2F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{D8561794-2D34-4801-8C78-2D7C7110E0B6}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{E3A30C50-06F7-408E-99FB-10C7F4468B40}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{E3E04FDE-EE33-4413-84D7-A50322640601}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{E4D0BB2B-A752-4E0E-8151-50492771AE08}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{F0A212F4-38D2-4CED-976C-FBA67DA5E23D}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{F1FFE03C-A56F-4610-8767-435631ADAE91}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F227D46F-85F3-48F0-B8EC-B07E5E9C1E7D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F52241A0-61AB-40C5-827C-42E7C217A9B0}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"TCP Query User{0B7DF72C-FB46-4D28-95DE-BDB3EADCEAA5}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
"TCP Query User{39B92187-BCB4-4626-A8B1-08575D6682CD}C:\program files\sony ericsson\update service\update service.exe" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"TCP Query User{5F86B6C9-2CC5-4F72-8244-AC159357138A}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{6039863A-B843-4CB6-8ED7-F306AD41133A}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{71B45E1F-F66F-4A2C-A34B-89B18F3C41ED}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{7408F19A-98D3-4E93-9B46-7EA11DA58EC3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{75B04859-8055-41B8-99DD-05BDC9763784}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{856EE75E-2C81-4A48-9F92-30C7E5189891}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{8B52BDDA-8AD7-45B3-8259-8C0DA3CF17B1}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{9FB10302-F7CE-4123-B46F-B12DB0E43DE4}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{AEA5F629-8A6A-4910-921D-45CEAF396333}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D7866F22-39B9-454B-ABE1-D0337C2AF515}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{EC5AF5D8-945C-4FBC-A5C7-5485B80F17E5}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{0825EEB4-F7FF-4BC4-B6EB-A92F54E7E712}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{392DBB82-3DBE-49E5-BBA5-29E7CCB3D39D}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{3C3ACADD-B98F-46CE-8B8A-2511BF7749F0}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{4210DDA0-E7D8-49CE-BEAD-07B7DF14471C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{52CF03DD-DEA9-4472-91A5-BCE71B27CEB7}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{941B2A6E-9047-48B6-8358-F6F34BDBC9FE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{AA048704-4EDA-4130-9AD5-AABF7029FE8A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AE6D73FE-2EB1-41A5-B970-AEA2E505E338}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{C4B4A984-4078-419D-97C6-721770DBCACC}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe |
"UDP Query User{CF7DECBC-8546-408A-BC5B-63016A9E67EC}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{D82FFE65-7147-40CC-A59C-9399BACC9EF7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{DA867AC1-6A79-4D04-930B-00907A23E23B}C:\program files\sony ericsson\update service\update service.exe" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"UDP Query User{E2DA3253-A7B2-4F80-939C-350475EA0E0D}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6201
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 27
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{2AD89908-0987-4B9E-8AB4-905899E4D754}_is1" = Next Video Converter 2.1.0
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{4217C49A-545A-499E-9428-6D61B004A671}" = HP User Guides 0113
"{48413BF3-5934-4ED3-8F1B-49D250BBF5AC}" = Prison Tycoon 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = Eye 310
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{93D44E47-EBE0-43FC-A427-8AC3CD026536}" = Vista Default Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{A0BB1E68-1DD0-4acd-AD82-EDA0E49F0615}" = PMB Updater
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BC1DC565-8B34-4B29-9DB2-BF281C2FB56E}" = ESU for Microsoft Vista SP1
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast" = avast! Free Antivirus
"BitLord" = BitLord 1.1
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"jetAudio 8.0.x Czech Language Pack" = jetAudio 8.0.x Czech Language Pack
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"MPE" = MyPhoneExplorer
"Nokia Ovi Suite" = Nokia Ovi Suite
"OpenAL" = OpenAL
"PDF Complete" = PDF Complete
"PROSet" = Intel(R) PRO Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Vypínač na dobrou noc_is1" = Vypínač na dobrou noc verze 2.0
"WinRAR archiver" = WinRAR
"XnView_is1" = XnView 1.96.1
"YTdetect" = Yahoo! Detect
"YU2010_is1" = Your Uninstaller! 2010
"Zuma Deluxe RA" = Zuma Deluxe RA

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3352399057-1610543560-1174701497-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"75c0e0ceac8ef0d4" = CZShare Manager
"Facebook Plug-In" = Facebook Plug-In
"Prison Tycoon 4 CZ v1.1" = Prison Tycoon 4 CZ v1.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.9.2011 11:24:43 | Computer Name = Lenka-PC | Source = WinMgmt | ID = 10
Description =

Error - 22.9.2011 11:26:06 | Computer Name = Lenka-PC | Source = ESENT | ID = 454
Description = Windows (2792) Windows: Při zotavení či obnovení databáze došlo k
neočekávané chybě -501.

Error - 22.9.2011 11:26:06 | Computer Name = Lenka-PC | Source = Windows Search Service | ID = 9000
Description = Služba Windows Search neotevřela úložiště vlastností databázového
stroje Jet. Podrobnosti: Index obsahu nelze číst. (0xc0041800)

Error - 22.9.2011 11:26:06 | Computer Name = Lenka-PC | Source = Windows Search Service | ID = 7040
Description = Vyhledávací služby zjistila, že index obsahuje poškozené datové soubory.
Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu. Podrobnosti:
Metadata
indexu obsahu nelze číst. (0xc0041801)

Error - 22.9.2011 11:26:06 | Computer Name = Lenka-PC | Source = Windows Search Service | ID = 9002
Description = Služba Windows Search nenačetla informace o úložišti vlastností. Kontext:
aplikace Windows, katalog SystemIndex Podrobnosti: 0x%08x (0xc0041800 - Index obsahu
nelze číst. )

Error - 22.9.2011 11:26:06 | Computer Name = Lenka-PC | Source = Windows Search Service | ID = 3029
Description = Modul plug-in v <Search.JetPropStore> nebyl inicializován. Kontext:
aplikace Windows, katalog SystemIndex Podrobnosti: Metadata indexu obsahu nelze číst.
(0xc0041801)

Error - 22.9.2011 11:26:08 | Computer Name = Lenka-PC | Source = Windows Search Service | ID = 3029
Description = Modul plug-in v <Search.TripoliIndexer> nebyl inicializován. Kontext:
aplikace Windows, katalog SystemIndex Podrobnosti: Prvek nebyl nalezen. (0x80070490)

Error - 22.9.2011 11:26:08 | Computer Name = Lenka-PC | Source = Windows Search Service | ID = 3028
Description = Objekt sběrače nebyl inicializován. Kontext: aplikace Windows, katalog
SystemIndex Podrobnosti: Metadata indexu obsahu nelze číst. (0xc0041801)

Error - 22.9.2011 11:26:08 | Computer Name = Lenka-PC | Source = Windows Search Service | ID = 3058
Description = Aplikace nebyla inicializována. Kontext: aplikace Windows Podrobnosti:
Metadata
indexu obsahu nelze číst. (0xc0041801)

Error - 22.9.2011 11:30:29 | Computer Name = Lenka-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2.10.2011 5:14:48 | Computer Name = Lenka-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2.10.2011 5:22:29 | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2.10.2011 5:23:41 | Computer Name = Lenka-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 2.10.2011 5:24:02 | Computer Name = Lenka-PC | Source = WinDefend | ID = 2004
Description = Program %%827 zjistil chybu při pokusu o načtení podpisů a pokusí
se vrátit zpět k poslední známé správné sadě podpisů. Vyzkoušené podpisy: %%824 Kód
chyby: 0x800703e6 Popis chyby: Nepřípustný přístup k paměťovému místu. Načítané
podpisy: %%825 Verze načítaných podpisů: 1.113.359.0 Verze načítaného modulu: 1.1.7702.0

Error - 3.10.2011 12:50:34 | Computer Name = Lenka-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 4.10.2011 15:31:13 | Computer Name = Lenka-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 4.10.2011 15:50:54 | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 4.10.2011 15:50:54 | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 4.10.2011 15:51:32 | Computer Name = Lenka-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 4.10.2011 15:51:53 | Computer Name = Lenka-PC | Source = Service Control Manager | ID = 7032
Description =

< End of report >

#22 Příspěvek od **motji** » 05 říj 2011 20:06

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:1CE11B51
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-3352399057-1610543560-1174701497-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw

:files
 C:\ProgramData\ezsidmv.dat

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

lency · #23 Příspěvek od **lency** » 05 říj 2011 21:36

Hotovo

a ten log najdu teď prosím kde?

#24 Příspěvek od **motji** » 05 říj 2011 22:08

Pokud na Vás nevyskočil, měl by být ve složce OTL

lency · #25 Příspěvek od **lency** » 06 říj 2011 16:08

Já nevím co se mi to tu děje, ale nemám k tomu OTL nikde žádnou složku...při vyhledávání mi to našlo akorát ten samotný program na spuštění...

#26 Příspěvek od **motji** » 06 říj 2011 20:54

Přímo na disku C ji nenajdete?

lency · #27 Příspěvek od **lency** » 06 říj 2011 21:16

Ne, ani v program files...stejný ,,problém" jsem měla i když jsem dělala ty scany přes Combofix, nikde se mi to neuložilo...

#28 Příspěvek od **motji** » 06 říj 2011 21:24

A ted to s pc vypadá jak?

lency · #29 Příspěvek od **lency** » 06 říj 2011 21:43

Šlape docela dobře

#30 Příspěvek od **motji** » 07 říj 2011 05:39

Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

A poprosím o nový log ze rsitu.

VIRY.CZ

Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC

Re: Prosím o kontrolu - seká se mi PC