Prosím o kontrolu logu, je to desktop WIN XP SP3, děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Anys at 2011-10-13 14:00:55
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 27 GB (70%) free of 38 GB
Total RAM: 2047 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:09, on 13.10.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SUPERAntiSpyware\be120f5c-2e70-45d8-9597-2531a715a279.com
D:\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
d:\Soft VIRY\RSIT32\RSIT.exe
C:\Program Files\trend micro\Anys.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-507921405-343818398-725345543-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
--
End of file - 4780 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default
prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.3&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-08-03 13892200]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-17 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-10-13 14:00:56 ----D---- C:\Program Files\trend micro
2011-10-13 14:00:55 ----D---- C:\rsit
2011-09-28 02:20:47 ----A---- C:\WINDOWS\ODBC.INI
2011-09-28 02:20:44 ----A---- C:\WINDOWS\system32\mdimon.dll
2011-09-28 02:20:11 ----D---- C:\Program Files\Common Files\DESIGNER
2011-09-28 02:19:56 ----D---- C:\WINDOWS\SHELLNEW
2011-09-28 02:19:55 ----D---- C:\Program Files\Microsoft.NET
2011-09-28 02:19:55 ----D---- C:\Program Files\Microsoft Office
2011-09-28 02:17:30 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-09-28 02:17:21 ----D---- C:\Program Files\DAEMON Tools Lite
2011-09-28 02:16:59 ----D---- C:\Documents and Settings\Anys\Data aplikací\DAEMON Tools Lite
2011-09-28 02:16:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-09-28 02:09:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-09-28 02:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2011-09-24 22:09:36 ----D---- C:\Documents and Settings\Anys\Data aplikací\SUPERAntiSpyware.com
2011-09-24 22:09:11 ----D---- C:\Program Files\SUPERAntiSpyware
2011-09-24 22:09:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-09-24 22:08:22 ----D---- C:\WINDOWS\system32\XPSViewer
2011-09-24 22:08:19 ----D---- C:\Program Files\MSBuild
2011-09-24 22:08:18 ----D---- C:\WINDOWS\system32\en-US
2011-09-24 22:08:13 ----D---- C:\Program Files\Reference Assemblies
2011-09-24 22:07:58 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-09-24 22:07:58 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-09-24 22:07:57 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-09-24 22:02:55 ----A---- C:\WINDOWS\imsins.BAK
2011-09-24 22:02:51 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2011-09-24 22:02:47 ----D---- C:\Program Files\MSXML 6.0
2011-09-18 18:35:31 ----D---- C:\Program Files\FileHippo.com
2011-09-18 18:33:51 ----RSD---- C:\WINDOWS\assembly
2011-09-18 18:33:31 ----D---- C:\WINDOWS\Microsoft.NET
2011-09-18 18:25:51 ----D---- C:\Program Files\Defraggler
2011-09-18 18:24:38 ----D---- C:\Program Files\CCleaner
2011-09-18 18:17:48 ----A---- C:\WINDOWS\WININIT.INI
2011-09-18 18:14:49 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2011-09-18 18:14:48 ----D---- C:\Program Files\VS Revo Group
2011-09-17 10:04:09 ----D---- C:\Program Files\Google
2011-09-17 10:04:03 ----D---- C:\Documents and Settings\Anys\Data aplikací\Skype
2011-09-17 10:03:55 ----RD---- C:\Program Files\Skype
2011-09-17 10:03:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-09-16 07:05:36 ----A---- C:\WINDOWS\UIA200.exe
======List of files/folders modified in the last 1 month======
2011-10-13 14:01:04 ----D---- C:\WINDOWS\Prefetch
2011-10-13 14:00:56 ----RD---- C:\Program Files
2011-10-13 13:08:25 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-13 13:06:38 ----D---- C:\WINDOWS\system32
2011-10-13 13:06:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-13 13:06:11 ----D---- C:\WINDOWS\Temp
2011-10-02 02:54:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-01 18:33:30 ----D---- C:\Program Files\Mozilla Firefox
2011-09-30 03:36:46 ----D---- C:\Documents and Settings\Anys\Data aplikací\ICQ
2011-09-28 14:21:36 ----D---- C:\WINDOWS
2011-09-28 03:42:43 ----SD---- C:\Documents and Settings\Anys\Data aplikací\Microsoft
2011-09-28 02:20:47 ----SHD---- C:\WINDOWS\Installer
2011-09-28 02:20:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-09-28 02:20:24 ----RSD---- C:\WINDOWS\Fonts
2011-09-28 02:20:11 ----D---- C:\Program Files\Common Files
2011-09-28 02:20:10 ----HD---- C:\WINDOWS\inf
2011-09-28 02:18:44 ----D---- C:\WINDOWS\system
2011-09-28 02:17:32 ----D---- C:\WINDOWS\system32\drivers
2011-09-28 02:10:39 ----D---- C:\WINDOWS\WinSxS
2011-09-28 02:09:15 ----D---- C:\WINDOWS\system32\CatRoot
2011-09-28 02:09:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-28 02:09:08 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-26 03:11:31 ----D---- C:\Program Files\ICQ7.5
2011-09-24 22:08:05 ----D---- C:\WINDOWS\system32\spool
2011-09-24 22:07:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-09-24 22:03:43 ----D---- C:\Program Files\Internet Explorer
2011-09-18 18:33:32 ----D---- C:\WINDOWS\system32\mui
2011-09-18 18:33:31 ----D---- C:\WINDOWS\pchealth
2011-09-18 18:26:12 ----D---- C:\WINDOWS\Minidump
2011-09-18 18:26:12 ----D---- C:\WINDOWS\Debug
2011-09-18 18:17:08 ----D---- C:\Program Files\ATI Technologies
2011-09-17 10:04:13 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-05-17 92800]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-09-28 232512]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-08-03 12542592]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
S3 atirage3;atirage3; C:\WINDOWS\system32\DRIVERS\atimpae.sys [2001-10-24 75136]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 Iprip;Naslouchání RIP; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-17 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-17 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 p2pgasvc;Ověřování v síti skupiny rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 p2psvc;Síť rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Kontrola logu
Zdravím. 
SUPERAntiSpyware odeber ze spouštění po startu - zbytečnost! Spouštěj tento program jen jednou za čas, řekněme za měsíc, na občasné scany.
Nevidím žádný antivir - to je chyba! Doporučuji nainstalovat Avast, Avira nebo MSE. Více informací zde. Osobně doporučuji Avast.
Až to všechno provedeš, hoď mi sem log z OTL, smažeme pár drobností.
Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.
Tak především tam jako první ten SP3 doinstaluj, protože tam není.Kronos píše:Prosím o kontrolu logu, je to desktop WIN XP SP3, děkuji.
Systém Microsoft Windows XP Professional Service Pack 2
...
Platform: Windows XP SP2 (WinNT 5.01.2600)
SUPERAntiSpyware odeber ze spouštění po startu - zbytečnost! Spouštěj tento program jen jednou za čas, řekněme za měsíc, na občasné scany. Nevidím žádný antivir - to je chyba! Doporučuji nainstalovat Avast, Avira nebo MSE. Více informací zde. Osobně doporučuji Avast. Až to všechno provedeš, hoď mi sem log z OTL, smažeme pár drobností. Pro začátek stáhni OTL z tohoto odkazu a ulož jej na Plochu.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Zaškrtni okénko Pro všechny uživatele.
- Zaškrtni okénko Kontrola na havěť "LOP".
- Zaškrtni okénko Kontrola na havěť "Purity".
- Stáři souborů změň z 30 dnů na 7 dnů.
- Do spodního okénka Vlastní skenování/opravy vlož tento script:
Kód: Vybrat vše
safebootminimal
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*nocd* /s
*AutoKMS* /s
*minodlogin* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5- Klikni na tlačítko Prohledat.
- Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
- Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Kontrola logu
Dobrý den,
SP3 nainstalován, dále AV Avira, log přikládám:
OTL Extras logfile created on: 16.10.2011 7:06:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Anys\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,45% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,13 Gb Total Space | 25,39 Gb Free Space | 68,38% Space Free | Partition Type: NTFS
Drive D: | 74,64 Gb Total Space | 58,26 Gb Free Space | 78,05% Space Free | Partition Type: NTFS
Drive F: | 37,13 Gb Total Space | 6,38 Gb Free Space | 17,19% Space Free | Partition Type: NTFS
Drive G: | 41,00 Gb Total Space | 3,38 Gb Free Space | 8,24% Space Free | Partition Type: NTFS
Computer Name: ANETA | User Name: Anys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes
"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.5
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery
"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATF" = ATF
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"DesetiPrsty5" = DesetiPrsty5 5.3
"Google Chrome" = Google Chrome
"lgooblivionshiveringislesczech_is1" = Lightning Oblivion Shivering Isles Czech
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Totalcmd" = Total Commander (Remove or Repair)
"Tweak-XP Pro 4" = Tweak-XP Pro 4
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.7.2011 16:17:09 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 5.0.0.4183, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 21.7.2011 16:18:19 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 5.0.0.4183, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 24.7.2011 15:51:59 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.5.2.1029, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:48:57 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:48:59 | Computer Name = ANETA | Source = Application Hang | ID = 1001
Description = Chybný blok -1734604888
Error - 19.8.2011 21:49:19 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:49:20 | Computer Name = ANETA | Source = Application Hang | ID = 1001
Description = Chybný blok -1734604888
Error - 19.8.2011 21:49:26 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:50:11 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 18.9.2011 15:25:27 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 8.9.2011 0:34:18 | Computer Name = ANETA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 8.9.2011 0:34:18 | Computer Name = ANETA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 18.9.2011 12:10:14 | Computer Name = ANETA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 18.9.2011 12:10:14 | Computer Name = ANETA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 18.9.2011 12:11:06 | Computer Name = ANETA | Source = W32Time | ID = 39452706
Description = Služba Systémový čas zjistila, že je nutné změnit systémový čas o
+415238 sekund. Služba Systémový čas nemění systémový čas o více než +54000 sekund.
Ověřte správnost času a časového pásma, a zda zdroj času time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.21.13:123)
pracuje správně.
Error - 24.9.2011 16:04:25 | Computer Name = ANETA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800706be): Aktualizace Microsoft .NET Framework 3.5 Service Pack
1 a .NET Framework 3.5 Family Update pro verze rozhraní .NET 2.0 až 3.5 (KB951847)
x86.
Error - 25.9.2011 20:23:47 | Computer Name = ANETA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 25.9.2011 20:23:47 | Computer Name = ANETA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 25.9.2011 20:24:55 | Computer Name = ANETA | Source = W32Time | ID = 39452706
Description = Služba Systémový čas zjistila, že je nutné změnit systémový čas o
+654899 sekund. Služba Systémový čas nemění systémový čas o více než +54000 sekund.
Ověřte správnost času a časového pásma, a zda zdroj času time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.59.58:123)
pracuje správně.
Error - 29.9.2011 20:51:25 | Computer Name = ANETA | Source = IPRIP | ID = 29053
Description = Protokol se nemohl připojit ke skupině vícesměrového vysílání 224.0.0.9
na
místním rozhraní s adresou IP 192.168.1.100. Uvedený údaj je kód chyby.
< End of report >
SP3 nainstalován, dále AV Avira, log přikládám:
OTL Extras logfile created on: 16.10.2011 7:06:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Anys\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,45% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,13 Gb Total Space | 25,39 Gb Free Space | 68,38% Space Free | Partition Type: NTFS
Drive D: | 74,64 Gb Total Space | 58,26 Gb Free Space | 78,05% Space Free | Partition Type: NTFS
Drive F: | 37,13 Gb Total Space | 6,38 Gb Free Space | 17,19% Space Free | Partition Type: NTFS
Drive G: | 41,00 Gb Total Space | 3,38 Gb Free Space | 8,24% Space Free | Partition Type: NTFS
Computer Name: ANETA | User Name: Anys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes
"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.5
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery
"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATF" = ATF
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"DesetiPrsty5" = DesetiPrsty5 5.3
"Google Chrome" = Google Chrome
"lgooblivionshiveringislesczech_is1" = Lightning Oblivion Shivering Isles Czech
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0 (x86 cs)" = Mozilla Firefox 6.0 (x86 cs)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Totalcmd" = Total Commander (Remove or Repair)
"Tweak-XP Pro 4" = Tweak-XP Pro 4
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.7.2011 16:17:09 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 5.0.0.4183, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 21.7.2011 16:18:19 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 5.0.0.4183, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 24.7.2011 15:51:59 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.5.2.1029, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:48:57 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:48:59 | Computer Name = ANETA | Source = Application Hang | ID = 1001
Description = Chybný blok -1734604888
Error - 19.8.2011 21:49:19 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:49:20 | Computer Name = ANETA | Source = Application Hang | ID = 1001
Description = Chybný blok -1734604888
Error - 19.8.2011 21:49:26 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.8.2011 21:50:11 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 18.9.2011 15:25:27 | Computer Name = ANETA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 6.0.0.4240, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 8.9.2011 0:34:18 | Computer Name = ANETA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 8.9.2011 0:34:18 | Computer Name = ANETA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 18.9.2011 12:10:14 | Computer Name = ANETA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 18.9.2011 12:10:14 | Computer Name = ANETA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 18.9.2011 12:11:06 | Computer Name = ANETA | Source = W32Time | ID = 39452706
Description = Služba Systémový čas zjistila, že je nutné změnit systémový čas o
+415238 sekund. Služba Systémový čas nemění systémový čas o více než +54000 sekund.
Ověřte správnost času a časového pásma, a zda zdroj času time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.21.13:123)
pracuje správně.
Error - 24.9.2011 16:04:25 | Computer Name = ANETA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800706be): Aktualizace Microsoft .NET Framework 3.5 Service Pack
1 a .NET Framework 3.5 Family Update pro verze rozhraní .NET 2.0 až 3.5 (KB951847)
x86.
Error - 25.9.2011 20:23:47 | Computer Name = ANETA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)
Error - 25.9.2011 20:23:47 | Computer Name = ANETA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.
Error - 25.9.2011 20:24:55 | Computer Name = ANETA | Source = W32Time | ID = 39452706
Description = Služba Systémový čas zjistila, že je nutné změnit systémový čas o
+654899 sekund. Služba Systémový čas nemění systémový čas o více než +54000 sekund.
Ověřte správnost času a časového pásma, a zda zdroj času time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.59.58:123)
pracuje správně.
Error - 29.9.2011 20:51:25 | Computer Name = ANETA | Source = IPRIP | ID = 29053
Description = Protokol se nemohl připojit ke skupině vícesměrového vysílání 224.0.0.9
na
místním rozhraní s adresou IP 192.168.1.100. Uvedený údaj je kód chyby.
< End of report >
Re: Kontrola logu
a OTL log 1.část:
OTL logfile created on: 16.10.2011 7:06:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Anys\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,45% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,13 Gb Total Space | 25,39 Gb Free Space | 68,38% Space Free | Partition Type: NTFS
Drive D: | 74,64 Gb Total Space | 58,26 Gb Free Space | 78,05% Space Free | Partition Type: NTFS
Drive F: | 37,13 Gb Total Space | 6,38 Gb Free Space | 17,19% Space Free | Partition Type: NTFS
Drive G: | 41,00 Gb Total Space | 3,38 Gb Free Space | 8,24% Space Free | Partition Type: NTFS
Computer Name: ANETA | User Name: Anys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.16 04:40:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anys\Dokumenty\Downloads\OTL.exe
PRC - [2011.09.30 17:12:41 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.23 11:38:21 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.09.16 02:34:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.08.03 13:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.30 17:12:40 | 000,412,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\ppgooglenaclpluginchrome.dll
MOD - [2011.09.30 17:12:39 | 003,696,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011.09.30 17:11:32 | 000,339,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\Locales\cs.dll
MOD - [2011.09.30 17:11:13 | 000,142,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011.09.30 17:11:12 | 000,253,320 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011.09.30 17:11:10 | 002,403,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011.09.16 02:05:58 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.08.03 13:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2008.04.14 08:51:54 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008.04.14 08:51:46 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
========== Driver Services (SafeList) ==========
DRV - [2011.09.28 02:17:30 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.18 08:39:27 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.09.15 23:55:04 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.15 23:55:03 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.06.23 06:02:30 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.12.30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2006.08.18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.05.17 11:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2005.04.05 21:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.05 21:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2001.10.24 11:46:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.3.3&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.17 22:38:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011.07.09 19:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Extensions
[2011.09.22 19:17:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions
[2011.09.22 19:17:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.09.22 19:17:12 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2011.06.20 14:09:22 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\conduit.xml
[2011.10.13 16:33:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin-1.xml
[2011.09.25 17:27:46 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.gif
[2011.09.25 17:27:46 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.src
[2011.08.17 17:47:16 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.xml
[2011.06.23 06:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.09.17 10:04:04 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ANYS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\R1CHA1PR.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ANYS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\R1CHA1PR.DEFAULT\EXTENSIONS\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[2011.09.28 02:07:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.08.17 22:38:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Anys\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Click to call with Skype = C:\Documents and Settings\Anys\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\
O1 HOSTS File: ([2011.08.20 19:48:52 | 000,436,873 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15032 more lines...
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-343818398-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D938A9AE-D7A0-44B8-91D2-410C565748DF}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Anys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.19 18:10:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.16 07:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anys\Data aplikací\Avira
[2011.10.16 07:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
[2011.10.16 07:00:39 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.10.16 07:00:38 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.10.16 07:00:38 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.10.16 07:00:38 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011.10.16 07:00:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.10.16 07:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2011.10.16 06:57:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.10.16 06:35:19 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011.10.16 06:35:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011.10.16 06:35:16 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2011.10.16 06:35:15 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2011.10.16 06:35:15 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2011.10.16 06:35:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2011.10.16 06:35:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2011.10.16 06:35:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2011.10.16 06:35:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2011.10.16 06:35:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2011.10.16 06:35:11 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2011.10.16 06:35:11 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2011.10.16 06:35:11 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2011.10.16 06:35:11 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011.10.16 06:35:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2011.10.16 06:35:11 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2011.10.16 06:35:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2011.10.16 06:35:11 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2011.10.16 06:35:11 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2011.10.16 06:35:11 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011.10.16 06:35:11 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2011.10.16 06:35:11 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2011.10.16 06:35:11 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011.10.16 06:35:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2011.10.16 06:35:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2011.10.16 06:35:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2011.10.16 06:35:11 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2011.10.16 06:35:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2011.10.16 06:35:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2011.10.16 06:35:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2011.10.16 06:35:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2011.10.16 06:35:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2011.10.16 06:35:11 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2011.10.16 06:35:11 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2011.10.16 06:35:11 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2011.10.16 06:35:11 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2011.10.16 06:35:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2011.10.16 06:35:10 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2011.10.16 06:35:10 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2011.10.16 06:35:10 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011.10.16 06:35:10 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2011.10.16 06:35:10 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2011.10.16 06:35:10 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2011.10.16 06:35:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2011.10.16 06:35:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2011.10.16 06:35:10 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2011.10.16 06:35:10 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2011.10.16 06:35:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2011.10.16 06:35:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011.10.16 06:35:10 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2011.10.16 06:35:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2011.10.16 06:35:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2011.10.16 06:35:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011.10.16 06:35:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2011.10.16 06:35:09 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.10.16 06:32:55 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2011.10.16 06:31:35 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2011.10.16 06:31:35 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2011.10.16 06:31:35 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2011.10.16 06:31:35 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2011.10.16 06:31:35 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2011.10.16 06:31:35 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2011.10.16 06:31:35 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2011.10.16 06:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011.10.16 06:31:34 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011.10.16 06:31:34 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011.10.16 06:31:34 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011.10.16 06:31:34 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011.10.16 06:31:34 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011.10.16 06:31:34 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011.10.16 06:31:34 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011.10.16 06:31:34 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011.10.16 06:31:34 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011.10.16 06:31:34 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011.10.16 06:31:34 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011.10.16 06:31:34 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011.10.16 06:31:34 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011.10.16 06:31:34 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011.10.16 06:31:34 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011.10.16 06:31:34 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011.10.16 06:31:34 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011.10.16 06:31:34 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011.10.16 06:31:33 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011.10.16 06:31:33 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011.10.16 06:31:33 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2011.10.16 06:31:33 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011.10.16 06:31:33 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2011.10.16 06:31:33 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2011.10.16 06:31:33 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2011.10.16 06:31:33 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2011.10.16 06:31:33 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2011.10.16 06:31:33 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2011.10.16 06:31:32 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011.10.16 06:31:31 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011.10.16 06:31:31 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011.10.16 06:31:31 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011.10.16 06:31:31 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011.10.16 06:31:31 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2011.10.16 06:31:31 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011.10.16 06:31:31 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2011.10.16 06:31:31 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2011.10.16 06:31:30 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011.10.16 06:31:30 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011.10.16 06:31:30 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011.10.16 06:31:30 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011.10.16 06:31:30 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011.10.16 06:31:30 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011.10.16 06:31:30 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011.10.16 06:31:30 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011.10.16 06:31:30 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011.10.16 06:31:30 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2011.10.16 06:31:30 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011.10.16 06:31:30 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2011.10.16 06:24:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Anys\UserData
[2011.10.16 05:58:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.10.13 15:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\lightning group shared files
[2011.10.13 14:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Bethesda Softworks
[2011.10.13 14:05:00 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2011.10.13 14:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anys\Local Settings\Data aplikací\Oblivion
[2011.10.13 14:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anys\Dokumenty\My Games
[2011.10.13 14:00:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.13 14:00:55 | 000,000,000 | ---D | C] -- C:\rsit
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
OTL logfile created on: 16.10.2011 7:06:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Anys\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,45% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,13 Gb Total Space | 25,39 Gb Free Space | 68,38% Space Free | Partition Type: NTFS
Drive D: | 74,64 Gb Total Space | 58,26 Gb Free Space | 78,05% Space Free | Partition Type: NTFS
Drive F: | 37,13 Gb Total Space | 6,38 Gb Free Space | 17,19% Space Free | Partition Type: NTFS
Drive G: | 41,00 Gb Total Space | 3,38 Gb Free Space | 8,24% Space Free | Partition Type: NTFS
Computer Name: ANETA | User Name: Anys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.16 04:40:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anys\Dokumenty\Downloads\OTL.exe
PRC - [2011.09.30 17:12:41 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.23 11:38:21 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.09.16 02:34:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011.08.03 13:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.09.30 17:12:40 | 000,412,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\ppgooglenaclpluginchrome.dll
MOD - [2011.09.30 17:12:39 | 003,696,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011.09.30 17:11:32 | 000,339,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\Locales\cs.dll
MOD - [2011.09.30 17:11:13 | 000,142,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011.09.30 17:11:12 | 000,253,320 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011.09.30 17:11:10 | 002,403,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011.09.16 02:05:58 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.08.03 13:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2008.04.14 08:51:54 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008.04.14 08:51:46 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
========== Driver Services (SafeList) ==========
DRV - [2011.09.28 02:17:30 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.18 08:39:27 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.09.15 23:55:04 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.15 23:55:03 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.06.23 06:02:30 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.12.30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2006.08.18 07:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.05.17 11:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2005.04.05 21:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.05 21:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2001.10.24 11:46:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.3.3&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.17 22:38:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011.07.09 19:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Extensions
[2011.09.22 19:17:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions
[2011.09.22 19:17:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.09.22 19:17:12 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2011.06.20 14:09:22 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\conduit.xml
[2011.10.13 16:33:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin-1.xml
[2011.09.25 17:27:46 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.gif
[2011.09.25 17:27:46 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.src
[2011.08.17 17:47:16 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.xml
[2011.06.23 06:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.09.17 10:04:04 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ANYS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\R1CHA1PR.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ANYS\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\R1CHA1PR.DEFAULT\EXTENSIONS\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[2011.09.28 02:07:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.08.17 22:38:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Anys\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Click to call with Skype = C:\Documents and Settings\Anys\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\
O1 HOSTS File: ([2011.08.20 19:48:52 | 000,436,873 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15032 more lines...
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-343818398-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D938A9AE-D7A0-44B8-91D2-410C565748DF}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Anys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Anys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.19 18:10:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.16 07:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anys\Data aplikací\Avira
[2011.10.16 07:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avira
[2011.10.16 07:00:39 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.10.16 07:00:38 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.10.16 07:00:38 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.10.16 07:00:38 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011.10.16 07:00:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.10.16 07:00:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2011.10.16 06:57:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.10.16 06:35:19 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011.10.16 06:35:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011.10.16 06:35:16 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2011.10.16 06:35:15 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2011.10.16 06:35:15 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2011.10.16 06:35:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2011.10.16 06:35:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2011.10.16 06:35:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2011.10.16 06:35:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2011.10.16 06:35:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2011.10.16 06:35:11 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2011.10.16 06:35:11 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2011.10.16 06:35:11 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2011.10.16 06:35:11 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011.10.16 06:35:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2011.10.16 06:35:11 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2011.10.16 06:35:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2011.10.16 06:35:11 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2011.10.16 06:35:11 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2011.10.16 06:35:11 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011.10.16 06:35:11 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2011.10.16 06:35:11 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2011.10.16 06:35:11 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011.10.16 06:35:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2011.10.16 06:35:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2011.10.16 06:35:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2011.10.16 06:35:11 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2011.10.16 06:35:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2011.10.16 06:35:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2011.10.16 06:35:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2011.10.16 06:35:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2011.10.16 06:35:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2011.10.16 06:35:11 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2011.10.16 06:35:11 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2011.10.16 06:35:11 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2011.10.16 06:35:11 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2011.10.16 06:35:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2011.10.16 06:35:11 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2011.10.16 06:35:10 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2011.10.16 06:35:10 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2011.10.16 06:35:10 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011.10.16 06:35:10 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2011.10.16 06:35:10 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2011.10.16 06:35:10 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2011.10.16 06:35:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2011.10.16 06:35:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2011.10.16 06:35:10 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2011.10.16 06:35:10 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2011.10.16 06:35:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2011.10.16 06:35:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011.10.16 06:35:10 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2011.10.16 06:35:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2011.10.16 06:35:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2011.10.16 06:35:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011.10.16 06:35:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2011.10.16 06:35:09 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2011.10.16 06:35:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.10.16 06:32:55 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2011.10.16 06:31:35 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2011.10.16 06:31:35 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2011.10.16 06:31:35 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2011.10.16 06:31:35 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2011.10.16 06:31:35 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2011.10.16 06:31:35 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2011.10.16 06:31:35 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2011.10.16 06:31:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011.10.16 06:31:34 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011.10.16 06:31:34 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011.10.16 06:31:34 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011.10.16 06:31:34 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011.10.16 06:31:34 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011.10.16 06:31:34 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011.10.16 06:31:34 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011.10.16 06:31:34 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011.10.16 06:31:34 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011.10.16 06:31:34 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011.10.16 06:31:34 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011.10.16 06:31:34 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011.10.16 06:31:34 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011.10.16 06:31:34 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011.10.16 06:31:34 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011.10.16 06:31:34 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011.10.16 06:31:34 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011.10.16 06:31:34 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011.10.16 06:31:33 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011.10.16 06:31:33 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011.10.16 06:31:33 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2011.10.16 06:31:33 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011.10.16 06:31:33 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2011.10.16 06:31:33 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2011.10.16 06:31:33 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2011.10.16 06:31:33 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2011.10.16 06:31:33 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2011.10.16 06:31:33 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2011.10.16 06:31:32 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011.10.16 06:31:31 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011.10.16 06:31:31 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011.10.16 06:31:31 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011.10.16 06:31:31 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011.10.16 06:31:31 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2011.10.16 06:31:31 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011.10.16 06:31:31 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2011.10.16 06:31:31 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2011.10.16 06:31:30 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011.10.16 06:31:30 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011.10.16 06:31:30 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011.10.16 06:31:30 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011.10.16 06:31:30 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011.10.16 06:31:30 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011.10.16 06:31:30 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011.10.16 06:31:30 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011.10.16 06:31:30 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011.10.16 06:31:30 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2011.10.16 06:31:30 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011.10.16 06:31:30 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2011.10.16 06:24:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Anys\UserData
[2011.10.16 05:58:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.10.13 15:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\lightning group shared files
[2011.10.13 14:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Bethesda Softworks
[2011.10.13 14:05:00 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2011.10.13 14:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anys\Local Settings\Data aplikací\Oblivion
[2011.10.13 14:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anys\Dokumenty\My Games
[2011.10.13 14:00:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.13 14:00:55 | 000,000,000 | ---D | C] -- C:\rsit
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
Re: Kontrola logu
a druhá část:
========== Files - Modified Within 7 Days ==========
[2011.10.16 07:07:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.16 07:05:15 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Anys\Plocha\Zástupce - OTL.lnk
[2011.10.16 07:02:05 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.16 07:02:05 | 000,429,024 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.10.16 07:02:05 | 000,078,052 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.10.16 07:02:05 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.16 07:00:47 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2011.10.16 06:58:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.10.16 06:58:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.16 06:58:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.16 06:57:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.16 06:57:28 | 000,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.16 06:31:14 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2011.10.16 05:19:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 06:34:01 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2011.10.13 22:09:06 | 000,076,151 | ---- | M] () -- C:\Documents and Settings\Anys\Plocha\zlato.jpg
[2011.10.13 14:36:40 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Oblivion.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.16 07:07:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.16 07:05:15 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Anys\Plocha\Zástupce - OTL.lnk
[2011.10.16 07:00:47 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2011.10.16 06:35:18 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011.10.16 06:35:18 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011.10.16 06:35:18 | 000,001,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011.10.16 06:35:17 | 000,674,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011.10.16 06:35:17 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011.10.16 06:35:17 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011.10.16 06:35:17 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011.10.16 06:35:17 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011.10.16 06:35:17 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011.10.16 06:35:17 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011.10.16 06:35:17 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011.10.16 06:35:17 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011.10.16 06:35:17 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011.10.16 06:35:17 | 000,069,570 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011.10.16 06:35:17 | 000,058,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011.10.16 06:35:17 | 000,028,164 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011.10.16 06:35:17 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011.10.16 06:35:16 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011.10.16 06:35:16 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011.10.16 06:35:16 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011.10.16 06:35:16 | 000,086,446 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011.10.16 06:35:16 | 000,066,170 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011.10.16 06:35:16 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011.10.16 06:35:16 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011.10.16 06:35:16 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011.10.16 06:35:16 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011.10.16 06:35:16 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011.10.16 06:35:16 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011.10.16 06:35:16 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011.10.16 06:35:16 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011.10.16 06:35:16 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011.10.16 06:35:16 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011.10.16 06:35:16 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011.10.16 06:35:16 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011.10.16 06:35:16 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011.10.16 06:35:16 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011.10.16 06:35:16 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011.10.16 06:35:16 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011.10.16 06:35:16 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011.10.16 06:35:16 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011.10.16 06:35:16 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011.10.16 06:35:16 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011.10.16 06:35:16 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011.10.16 06:35:16 | 000,001,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011.10.16 06:35:16 | 000,001,480 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011.10.16 06:35:16 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011.10.16 06:35:16 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011.10.16 06:35:16 | 000,001,462 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011.10.16 06:35:16 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011.10.16 06:35:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011.10.16 06:35:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011.10.16 06:35:16 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011.10.16 06:35:16 | 000,001,263 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011.10.16 06:35:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011.10.16 06:35:16 | 000,001,059 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011.10.16 06:35:16 | 000,001,042 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011.10.16 06:35:16 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011.10.16 06:35:16 | 000,000,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011.10.16 06:35:16 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011.10.16 06:35:16 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011.10.16 06:35:16 | 000,000,777 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011.10.16 06:35:16 | 000,000,774 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011.10.16 06:35:16 | 000,000,722 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011.10.16 06:35:16 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011.10.16 06:35:15 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011.10.16 06:35:15 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011.10.16 06:35:15 | 000,184,130 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011.10.16 06:35:15 | 000,036,870 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011.10.16 06:35:15 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011.10.16 06:35:15 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011.10.16 06:35:15 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011.10.16 06:35:15 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011.10.16 06:35:15 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011.10.16 06:35:15 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011.10.16 06:35:15 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011.10.16 06:35:15 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011.10.16 06:35:15 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011.10.16 06:35:15 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011.10.16 06:35:15 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011.10.16 06:35:15 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011.10.16 06:31:33 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011.10.16 06:31:33 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011.10.16 06:31:31 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011.10.13 22:09:05 | 000,076,151 | ---- | C] () -- C:\Documents and Settings\Anys\Plocha\zlato.jpg
[2011.10.13 15:16:20 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2011.10.13 14:36:40 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Oblivion.lnk
[2011.09.28 02:20:47 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.09.18 18:17:48 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011.08.30 18:56:05 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.08.30 18:56:05 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.08.30 18:56:05 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.08.30 18:55:55 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.08.30 00:47:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.07.28 17:49:12 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.07.12 11:42:23 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Anys\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.09 20:01:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.06.23 06:04:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.06.23 06:02:48 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2011.06.23 06:00:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.06.23 06:00:21 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011.06.23 06:00:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.06.19 19:51:48 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.06.19 19:49:12 | 000,118,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.06.19 18:12:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.06.19 18:08:01 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.05.04 17:08:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL
[2004.08.17 15:58:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,429,024 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,078,052 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.09.28 02:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.07.09 19:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.07.25 23:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer
[2011.07.12 11:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer Pro
[2011.09.28 02:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\DAEMON Tools Lite
[2011.08.30 19:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\GHISLER
[2011.10.16 04:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\ICQ
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CSRSS.EXE >
[2004.08.17 15:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NTFS.SYS >
[2007.02.09 13:23:36 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=05AB81909514BFD69CBB1F2C147CF6B9 -- C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[2007.02.09 13:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2004.08.17 15:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2004.08.17 15:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
[2005.06.11 02:17:13 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[2008.04.14 08:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2008.04.14 08:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\system32\spoolsv.exe
[2005.06.11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2003.06.19 01:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 08:51:38 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 08:51:38 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 08:51:38 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 08:51:38 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 08:51:38 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 08:51:38 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 08:51:38 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2006.01.18 08:57:42 | 001,114,674 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.cpa
[2006.01.18 08:57:44 | 000,000,929 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.vp
[2005.10.14 08:10:12 | 000,058,560 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativckxx.vp
[2006.12.29 20:21:08 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2006.02.21 20:58:34 | 000,027,264 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativvpxx.vp
[2008.04.14 08:51:38 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 08:51:38 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 08:51:38 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 08:51:38 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 08:51:38 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 08:51:40 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007.04.02 21:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2001.10.25 15:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 15:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2006.12.29 20:02:50 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 08:51:56 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 08:52:06 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.10.16 06:57:28 | 000,118,152 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.10.16 07:02:05 | 000,078,052 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.10.16 07:02:05 | 000,067,448 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.10.16 07:02:05 | 000,429,024 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.10.16 07:02:05 | 000,432,492 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.10.16 07:02:05 | 001,020,324 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.10.16 06:58:09 | 000,000,249 | ---- | M] () -- C:\WINDOWS\system32\spupdwxp.log
[2011.10.16 06:58:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2011.06.19 19:47:41 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.06.19 19:47:41 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.06.19 19:47:41 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.06.19 19:51:24 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.08.03 13:49:00 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\NVIDIA\Updatus\WLMerger.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2011.07.12 11:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Adobe
[2011.10.16 07:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Avira
[2011.07.25 23:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer
[2011.07.12 11:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer Pro
[2011.09.28 02:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\DAEMON Tools Lite
[2011.08.30 19:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\GHISLER
[2011.10.16 04:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\ICQ
[2011.07.09 19:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Identities
[2011.07.09 19:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Macromedia
[2011.09.28 03:42:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Anys\Data aplikací\Microsoft
[2011.07.09 19:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Mozilla
[2011.09.25 05:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Skype
[2011.09.24 22:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\SUPERAntiSpyware.com
< %APPDATA%\*.* >
[2011.06.19 19:51:24 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Anys\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
< %SYSTEMDRIVE%\*.exe >
< *crack* /s >
< *keygen* /s >
< *nocd* /s >
< *AutoKMS* /s >
< *minodlogin* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-16 02:43:36
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
PENDINGFILERENAMEOPERATIONS REG_MULTI_SZ \??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\64bitProxy.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\addr_file.html\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aebb.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aecore.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeemu.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aegen.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aehelp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeheur.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aelidb.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeoffice.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aepack.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aerdl.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aesbx.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aescn.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aescript.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeset.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aevdf.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aevdf.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\antivir.oem\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\antivir0.rdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\apnic.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\apnstub.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\apntoolbarinstaller.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_64.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_API.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_CLI.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_EULA.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_Excluded.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avacl.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avadmin.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avarkt.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avbb.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avcenter.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig.cpl\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig64.cpl\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avesvc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avevtlog.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avghook.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avgio.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avgnt.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avguard.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avguard.xml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avhlp.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avinet.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avipc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AVManagerUnified.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avmres.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avnotify.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avpref.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avreg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avreg.yml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avrep.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avrestart.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avscan.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avscan.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avscplr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avsda.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avsda64.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AVSDKList.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avsmtp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avupgsvc.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebgrd.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebloader.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebloader.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebloadergui.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwinll.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwmi.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwsc.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\build.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccavscanex.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccev.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccevw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccgen.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccgenw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccgrdw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccguard.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cchips.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cclic.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cclicw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccmsg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccprofil.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccquamgr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccquaw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccreport.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccrepow.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccscanw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccsched.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccschedw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccupdate.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccupdw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccwgrd.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccwgrdw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccwkrlib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cfglib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\default.wav\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\doSilent.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\efc.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\about.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alertcat.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alerttyp.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alertvir.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alldiscs.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alldrives.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avconfigrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avesvcr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avevtrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avnotify.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avscan.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avwebgrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avwin.chm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccavscanexrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccevrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccgenrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccgrdrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\cchipsrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\cclicrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccmainrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccmsgrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccplg.xml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccquarc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccreporc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccscanrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccscherc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccupdrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccwgrdrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\defaults.ini\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\eula.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\factrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\folder.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\guardmsg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\licmgr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\lukeres.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\mydocs.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\prefix_msg.avr\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\process.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\prodinfo.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\produpd.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\quicksysscan.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rchelp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rcimage.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rctext.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\readme.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\restartrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rmdiscs.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rootkit.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\scanjob.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\schedr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\setup.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\setupprf.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\startupd.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\sweb.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\sysdir.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\sysscan.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\toolbar_eula.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updatemsg.avr\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updaterc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updguirc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updjob.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\webcatrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\weblink.url\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\extdlgfw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\fact.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\filelist.ini\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gavid.xsl\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpavgio.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpevtlog.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgavid.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgen.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgenrep.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgrd.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgui.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpipc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gplegacy.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpschd.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\grdcore.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\guardgui.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\hbedv.key\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\imp64b.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_AntiphishingLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_AntivirusLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_FirewallLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_SoftwareProductLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\inetset.bin\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\inssda64.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\insthlp.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ipmgui.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\libdb44.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\license.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\licmgr.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\luke.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ManualUninstallConfig.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\mgrs.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Microsoft.VC80.CRT.manifest\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\msgclient.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\msvcp80.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\msvcr80.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\netnt.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\OESISCore.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\onlcfg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\pinfo.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\pmap.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\presetup.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ProductReleaseNotes.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\QATestedProducts.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_de.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_en.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_es.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_fr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_it.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_jp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_ko.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_nl.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_pt.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_ru.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_tr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_zhcn.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_zhtw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\redist.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\scewxmlw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\sched.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\sched.xml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\scpt.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\setup.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\shlext.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\shlext64.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\sqlite3.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ssmdrv.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ssmdrv.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\tables.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\thorwac.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\unacev2.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\update.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\update.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\updext.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\updgui.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\updrgui.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase000.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase001.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase002.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase003.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase004.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase005.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase006.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase007.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase008.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase009.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase010.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase011.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase012.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase013.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase014.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase015.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase016.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase017.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase018.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase019.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase020.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase021.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase022.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase023.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase024.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase025.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase026.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase027.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase028.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase029.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase030.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase031.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vcredist_x86.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avgntflt.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avgntflt.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avgntflt.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipbb.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipbb.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipbb.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipc64.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avkmgr.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avkmgr.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avkmgr.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avshadow.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vmap.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat0.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat1.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat2.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat3.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat4.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\wksstats.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\wsctool.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avgntflt.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avgntflt.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avipbb.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avipbb.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avkmgr.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avkmgr.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avkmgr.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avshadow.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avgntflt.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avgntflt.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avgntflt.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avipbb.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avipbb.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\0\0\??\C:\Program Files\Avira\AntiVir Desktop\aeheur.dll.tmp\0\0\??\C:\Program Files\Avira\AntiVir Desktop\aescript.dll.tmp\0\0\0
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.16 07:07:36 | 000,000,512 | ---- | M] () MD5=FED649E69465051883F9636EB6F013CB -- C:\PhysicalMBR.bin
< End of report >
========== Files - Modified Within 7 Days ==========
[2011.10.16 07:07:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.16 07:05:15 | 000,000,850 | ---- | M] () -- C:\Documents and Settings\Anys\Plocha\Zástupce - OTL.lnk
[2011.10.16 07:02:05 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.16 07:02:05 | 000,429,024 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.10.16 07:02:05 | 000,078,052 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.10.16 07:02:05 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.16 07:00:47 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2011.10.16 06:58:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.10.16 06:58:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.16 06:58:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.16 06:57:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.16 06:57:28 | 000,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.16 06:31:14 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2011.10.16 05:19:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 06:34:01 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2011.10.13 22:09:06 | 000,076,151 | ---- | M] () -- C:\Documents and Settings\Anys\Plocha\zlato.jpg
[2011.10.13 14:36:40 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Oblivion.lnk
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.16 07:07:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.16 07:05:15 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Anys\Plocha\Zástupce - OTL.lnk
[2011.10.16 07:00:47 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2011.10.16 06:35:18 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011.10.16 06:35:18 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011.10.16 06:35:18 | 000,001,746 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011.10.16 06:35:17 | 000,674,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011.10.16 06:35:17 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011.10.16 06:35:17 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011.10.16 06:35:17 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011.10.16 06:35:17 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011.10.16 06:35:17 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011.10.16 06:35:17 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011.10.16 06:35:17 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011.10.16 06:35:17 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011.10.16 06:35:17 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011.10.16 06:35:17 | 000,069,570 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011.10.16 06:35:17 | 000,058,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011.10.16 06:35:17 | 000,028,164 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011.10.16 06:35:17 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011.10.16 06:35:16 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011.10.16 06:35:16 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011.10.16 06:35:16 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011.10.16 06:35:16 | 000,086,446 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011.10.16 06:35:16 | 000,066,170 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011.10.16 06:35:16 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011.10.16 06:35:16 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011.10.16 06:35:16 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011.10.16 06:35:16 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011.10.16 06:35:16 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011.10.16 06:35:16 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011.10.16 06:35:16 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011.10.16 06:35:16 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011.10.16 06:35:16 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011.10.16 06:35:16 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011.10.16 06:35:16 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011.10.16 06:35:16 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011.10.16 06:35:16 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011.10.16 06:35:16 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011.10.16 06:35:16 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011.10.16 06:35:16 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011.10.16 06:35:16 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011.10.16 06:35:16 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011.10.16 06:35:16 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011.10.16 06:35:16 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011.10.16 06:35:16 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011.10.16 06:35:16 | 000,001,483 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011.10.16 06:35:16 | 000,001,480 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011.10.16 06:35:16 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011.10.16 06:35:16 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011.10.16 06:35:16 | 000,001,462 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011.10.16 06:35:16 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011.10.16 06:35:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011.10.16 06:35:16 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011.10.16 06:35:16 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011.10.16 06:35:16 | 000,001,263 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011.10.16 06:35:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011.10.16 06:35:16 | 000,001,059 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011.10.16 06:35:16 | 000,001,042 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011.10.16 06:35:16 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011.10.16 06:35:16 | 000,000,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011.10.16 06:35:16 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011.10.16 06:35:16 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011.10.16 06:35:16 | 000,000,777 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011.10.16 06:35:16 | 000,000,774 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011.10.16 06:35:16 | 000,000,722 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011.10.16 06:35:16 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011.10.16 06:35:15 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011.10.16 06:35:15 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011.10.16 06:35:15 | 000,184,130 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011.10.16 06:35:15 | 000,036,870 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011.10.16 06:35:15 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011.10.16 06:35:15 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011.10.16 06:35:15 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011.10.16 06:35:15 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011.10.16 06:35:15 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011.10.16 06:35:15 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011.10.16 06:35:15 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011.10.16 06:35:15 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011.10.16 06:35:15 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011.10.16 06:35:15 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011.10.16 06:35:15 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011.10.16 06:35:15 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011.10.16 06:31:33 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011.10.16 06:31:33 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011.10.16 06:31:31 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011.10.13 22:09:05 | 000,076,151 | ---- | C] () -- C:\Documents and Settings\Anys\Plocha\zlato.jpg
[2011.10.13 15:16:20 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2011.10.13 14:36:40 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Oblivion.lnk
[2011.09.28 02:20:47 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.09.18 18:17:48 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011.08.30 18:56:05 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.08.30 18:56:05 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.08.30 18:56:05 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.08.30 18:55:55 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.08.30 00:47:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.07.28 17:49:12 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.07.12 11:42:23 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Anys\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.09 20:01:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.06.23 06:04:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.06.23 06:02:48 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2011.06.23 06:00:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.06.23 06:00:21 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011.06.23 06:00:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.06.19 19:51:48 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.06.19 19:49:12 | 000,118,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.06.19 18:12:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.06.19 18:08:01 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.05.04 17:08:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL
[2004.08.17 15:58:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,429,024 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,078,052 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.09.28 02:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.07.09 19:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.07.25 23:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer
[2011.07.12 11:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer Pro
[2011.09.28 02:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\DAEMON Tools Lite
[2011.08.30 19:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\GHISLER
[2011.10.16 04:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\ICQ
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CSRSS.EXE >
[2004.08.17 15:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 08:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NTFS.SYS >
[2007.02.09 13:23:36 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=05AB81909514BFD69CBB1F2C147CF6B9 -- C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[2007.02.09 13:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.14 00:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2004.08.17 15:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2004.08.17 15:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
[2005.06.11 02:17:13 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[2008.04.14 08:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2008.04.14 08:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\system32\spoolsv.exe
[2005.06.11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2003.06.19 01:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 08:51:38 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 08:51:38 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 08:51:38 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 08:51:38 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 08:51:38 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 08:51:38 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 08:51:38 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2006.01.18 08:57:42 | 001,114,674 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.cpa
[2006.01.18 08:57:44 | 000,000,929 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativcaxx.vp
[2005.10.14 08:10:12 | 000,058,560 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativckxx.vp
[2006.12.29 20:21:08 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2006.02.21 20:58:34 | 000,027,264 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativvpxx.vp
[2008.04.14 08:51:38 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 08:51:38 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 08:51:38 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 08:51:38 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 08:51:38 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 08:51:40 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007.04.02 21:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfs2.cty
[2001.10.25 15:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 15:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2006.12.29 20:02:50 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 08:51:56 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 08:52:06 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.10.16 06:57:28 | 000,118,152 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.10.16 07:02:05 | 000,078,052 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.10.16 07:02:05 | 000,067,448 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.10.16 07:02:05 | 000,429,024 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.10.16 07:02:05 | 000,432,492 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.10.16 07:02:05 | 001,020,324 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.10.16 06:58:09 | 000,000,249 | ---- | M] () -- C:\WINDOWS\system32\spupdwxp.log
[2011.10.16 06:58:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2011.06.19 19:47:41 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2011.06.19 19:47:41 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2011.06.19 19:47:41 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2011.06.19 19:51:24 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.08.03 13:49:00 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\NVIDIA\Updatus\WLMerger.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2011.07.12 11:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Adobe
[2011.10.16 07:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Avira
[2011.07.25 23:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer
[2011.07.12 11:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\BSplayer Pro
[2011.09.28 02:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\DAEMON Tools Lite
[2011.08.30 19:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\GHISLER
[2011.10.16 04:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\ICQ
[2011.07.09 19:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Identities
[2011.07.09 19:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Macromedia
[2011.09.28 03:42:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Anys\Data aplikací\Microsoft
[2011.07.09 19:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Mozilla
[2011.09.25 05:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\Skype
[2011.09.24 22:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anys\Data aplikací\SUPERAntiSpyware.com
< %APPDATA%\*.* >
[2011.06.19 19:51:24 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Anys\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
< %SYSTEMDRIVE%\*.exe >
< *crack* /s >
< *keygen* /s >
< *nocd* /s >
< *AutoKMS* /s >
< *minodlogin* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-16 02:43:36
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
PENDINGFILERENAMEOPERATIONS REG_MULTI_SZ \??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\64bitProxy.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\addr_file.html\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aebb.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aecore.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeemu.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aegen.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aehelp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeheur.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aelidb.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeoffice.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aepack.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aerdl.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aesbx.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aescn.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aescript.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aeset.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aevdf.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\aevdf.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\antivir.oem\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\antivir0.rdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\apnic.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\apnstub.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\apntoolbarinstaller.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_64.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_API.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_CLI.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_EULA.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AppRemover_Excluded.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avacl.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avadmin.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avarkt.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avbb.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avcenter.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig.cpl\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avconfig64.cpl\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avesvc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avevtlog.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avghook.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avgio.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avgnt.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avguard.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avguard.xml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avhlp.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avinet.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avipc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AVManagerUnified.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avmres.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avnotify.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avpref.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avreg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avreg.yml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avrep.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avrestart.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avscan.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avscan.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avscplr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avsda.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avsda64.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\AVSDKList.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avsmtp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avupgsvc.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebgrd.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebloader.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebloader.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwebloadergui.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwinll.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwmi.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\avwsc.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\build.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccavscanex.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccev.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccevw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccgen.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccgenw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccgrdw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccguard.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cchips.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cclic.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cclicw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccmsg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccprofil.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccquamgr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccquaw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccreport.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccrepow.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccscanw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccsched.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccschedw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccupdate.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccupdw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccwgrd.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccwgrdw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ccwkrlib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\cfglib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\default.wav\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\doSilent.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\efc.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\about.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alertcat.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alerttyp.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alertvir.htm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alldiscs.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\alldrives.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avconfigrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avesvcr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avevtrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avnotify.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avscan.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avwebgrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\avwin.chm\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccavscanexrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccevrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccgenrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccgrdrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\cchipsrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\cclicrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccmainrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccmsgrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccplg.xml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccquarc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccreporc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccscanrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccscherc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccupdrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\ccwgrdrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\defaults.ini\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\eula.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\factrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\folder.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\guardmsg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\licmgr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\lukeres.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\mydocs.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\prefix_msg.avr\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\process.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\prodinfo.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\produpd.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\quicksysscan.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rchelp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rcimage.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rctext.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\readme.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\restartrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rmdiscs.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\rootkit.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\scanjob.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\schedr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\setup.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\setupprf.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\startupd.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\sweb.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\sysdir.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\sysscan.avp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\toolbar_eula.txt\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updatemsg.avr\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updaterc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updguirc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\updjob.avj\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\webcatrc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\weblink.url\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\en-us\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\extdlgfw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\fact.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\filelist.ini\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gavid.xsl\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpavgio.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpevtlog.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgavid.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgen.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgenrep.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgrd.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpgui.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpipc.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gplegacy.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\gpschd.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\grdcore.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\guardgui.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\hbedv.key\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\imp64b.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_AntiphishingLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_AntivirusLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_FirewallLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Impl_SoftwareProductLib.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\inetset.bin\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\inssda64.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\insthlp.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ipmgui.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\libdb44.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\license.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\licmgr.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\luke.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ManualUninstallConfig.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\mgrs.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\Microsoft.VC80.CRT.manifest\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\msgclient.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\msvcp80.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\msvcr80.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\netnt.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\OESISCore.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\onlcfg.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\pinfo.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\pmap.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\presetup.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ProductReleaseNotes.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\QATestedProducts.zip\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_de.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_en.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_es.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_fr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_it.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_jp.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_ko.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_nl.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_pt.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_ru.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_tr.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_zhcn.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\rcnwload_zhtw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\redist.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\scewxmlw.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\sched.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\sched.xml\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\scpt.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\setup.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\shlext.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\shlext64.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\sqlite3.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ssmdrv.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\ssmdrv.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\tables.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\thorwac.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\unacev2.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\update.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\update.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\updext.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\updgui.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\updrgui.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase000.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase001.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase002.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase003.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase004.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase005.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase006.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase007.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase008.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase009.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase010.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase011.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase012.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase013.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase014.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase015.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase016.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase017.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase018.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase019.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase020.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase021.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase022.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase023.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase024.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase025.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase026.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase027.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase028.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase029.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase030.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vbase031.vdf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vcredist_x86.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avgntflt.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avgntflt.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avgntflt.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipbb.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipbb.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipbb.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avipc64.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avkmgr.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avkmgr.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avkmgr.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\avshadow.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vista64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\vmap.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat0.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat1.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat2.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat3.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\webcat4.dat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\wksstats.dll\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\wsctool.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avgntflt.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avgntflt.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avipbb.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avipbb.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avkmgr.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avkmgr.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avkmgr.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\avshadow.exe\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avgntflt.cat\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avgntflt.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avgntflt.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avipbb.inf\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\avipbb.sys\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\xp64\0\0\??\C:\DOCUME~1\Anys\LOCALS~1\Temp\RarSFX0\0\0\??\C:\Program Files\Avira\AntiVir Desktop\aeheur.dll.tmp\0\0\??\C:\Program Files\Avira\AntiVir Desktop\aescript.dll.tmp\0\0\0
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.16 07:07:36 | 000,000,512 | ---- | M] () MD5=FED649E69465051883F9636EB6F013CB -- C:\PhysicalMBR.bin
< End of report >
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Kontrola logu
Znovu spusť OTL.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Do spodního okénka Vlastní skenování/opravy vlož tento skript:
Kód: Vybrat vše
:OTL
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKU\S-1-5-21-507921405-343818398-725345543-1003\..\URLSearchHook: - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
[2011.09.22 19:17:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.09.22 19:17:12 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2011.06.20 14:09:22 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\conduit.xml
[2011.10.13 16:33:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin-1.xml
[2011.09.25 17:27:46 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.gif
[2011.09.25 17:27:46 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.src
[2011.08.17 17:47:16 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.xml
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Anys\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]- Klikni na tlačítko [Opravit].
- Po dokončení skenu se objeví log, ten mi sem vlož.
- Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Kontrola logu
Omlouvám se za prodlení, ale nedostal jsem se k PC, jak jsem předpokládal. Hned jak budu moct, vše udělám.
Hezký víkend přeji.
Hezký víkend přeji.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Kontrola logu
Není žádný problém. Všichni máme přece soukromý život a ne vždy jde všechno tak, jak jsme si naplánovali nebo přáli. 
Až to tu bude, tak na to mrknu. Tobě přeji také, pokud možno, krásný a pohodový víkend.
Až to tu bude, tak na to mrknu. Tobě přeji také, pokud možno, krásný a pohodový víkend.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Kontrola logu
Po restartu PC mám tento log:
All processes killed
========== OTL ==========
HKU\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-507921405-343818398-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BS Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.1&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.3&q=" removed from keyword.URL
Folder C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Folder C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\conduit.xml not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin-1.xml not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.gif not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.src not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.xml not found.
File C:\Documents and Settings\Anys\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp not found.
File/Folder C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp not found.
File/Folder C:\WINDOWS\Temp\*.tmp not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========
All processes killed
========== OTL ==========
HKU\S-1-5-21-507921405-343818398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-507921405-343818398-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BS Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.1&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.3&q=" removed from keyword.URL
Folder C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Folder C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\conduit.xml not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin-1.xml not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.gif not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.src not found.
File C:\Documents and Settings\Anys\Data aplikací\Mozilla\Firefox\Profiles\r1cha1pr.default\searchplugins\icqplugin.xml not found.
File C:\Documents and Settings\Anys\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\713c2511ec90ac237e663a2c667aebb3\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\9434f38734605ee74bf380b05e9ff9a2\download\*.tmp not found.
File/Folder C:\WINDOWS\SoftwareDistribution\Download\ed476d6c3767ce82048580a8ee41dcf5\*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp not found.
File/Folder C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp not found.
File/Folder C:\WINDOWS\Temp\*.tmp not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Kontrola logu
Log není celý, ale to hlavní je vidět.
Jak se chová počítač?
Jak se chová počítač?--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Kontrola logu
Tento log to vyplivlo, počítač se chová v pořádku (je to PC dcery - ICQ, Facebook,atd,) žádné potíže neregistruju. Mám udělat nový log?
Díky
Díky
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Kontrola logu
Nemusíš, jen dočistíme a máme hotovo. 
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
CCleaner doporučuji používat cca jednou za týden.
A pokud nejsou žádné dotazy, bylo by to z mé strany vše.
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stáhni a spusť.
- Klikni na CleanUp a potvrď YES.
- Program uklidí a může (nemusí) restartovat PC.
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stáhni a spusť.
- Klikni na Start a potvrď OK.
- Program uklidí a může (nemusí) restartovat PC.
- Po použití utilitu smaž.
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
- Panel čistič
- Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
- Panel registry
- Klikni na Hledej problémy.
- Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
- Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
- Panel nástroje
- Zde můžeš odinstalovat nepotřebné programy.
CCleaner doporučuji používat cca jednou za týden.A pokud nejsou žádné dotazy, bylo by to z mé strany vše.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Kontrola logu
Všem jsem provedl a moc Vám děkuji, z mé strany také vše.
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Kontrola logu
Není vůbec zač a rádo se stalo. 
Přeji pěkný den. 
Přeji pěkný den. --- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Přispějete na provoz fóra?