Dobry den, prosil by som o preventivnu kontrolu lebo sa mi zda ze moj pocitac zacal nejako blbnut.
Vopred dakujem za pomoc.
Log s RSITu:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2011-12-30 11:36:00
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 79 GB (77%) free of 102 GB
Total RAM: 3582 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:36:07, on 30.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\trend micro\Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-776561741-1844237615-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: wampapache - Apache Software Foundation - d:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - d:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe
--
End of file - 6288 bytes
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default\searchplugins\
daemon-search.xml
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qstatsrv.dll [2010-12-21 48512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-17 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2010-12-21 141184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-17 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-12-17 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-06 3076144]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-07-11 74752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-14 20064872]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-08-03 13892200]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
""= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-18 15146376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\uTorrent\uTorrent.exe"="D:\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"D:\Hry\Transformers\Binaries\TWFC.exe"="D:\Hry\Transformers\Binaries\TWFC.exe:*:Enabled:Transformers(TM) - War for Cybertron(TM)"
"D:\Hry\Anno 1404\Anno4.exe"="D:\Hry\Anno 1404\Anno4.exe:*:Enabled:ANNO 1404"
"D:\Hry\Anno 1404\tools\Anno4Web.exe"="D:\Hry\Anno 1404\tools\Anno4Web.exe:*:Enabled:Web ANNO 1404"
"D:\Hry\Anno 1404\tools\Benchmark.exe"="D:\Hry\Anno 1404\tools\Benchmark.exe:*:Enabled:Anno 1404 Setup Benchmark"
"D:\Hry\Anno 2070\InitEngine.exe"="D:\Hry\Anno 2070\InitEngine.exe:*:Disabled:ANNO 2070"
"D:\Hry\Anno 2070\AutoPatcher.exe"="D:\Hry\Anno 2070\AutoPatcher.exe:*:Disabled:ANNO 2070"
"D:\Hry\Anno 2070\Anno5.exe"="D:\Hry\Anno 2070\Anno5.exe:*:Disabled:ANNO 2070"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Disabled:Ubisoft Game Launcher"
"D:\Hry\Unreal Tournament 3\Binaries\UT3.exe"="D:\Hry\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-12-30 11:36:00 ----D---- C:\rsit
2011-12-30 11:36:00 ----D---- C:\Program Files\trend micro
2011-12-30 09:24:27 ----D---- C:\Program Files\Common Files\Skype
2011-12-30 09:24:26 ----RD---- C:\Program Files\Skype
2011-12-29 10:37:22 ----D---- C:\Documents and Settings\Owner\Application Data\InstallShield Installation Information
2011-12-29 10:28:51 ----D---- C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP
2011-12-26 21:21:48 ----D---- C:\Documents and Settings\Owner\Application Data\PC Suite
2011-12-26 21:21:17 ----D---- C:\Program Files\Common Files\Nokia
2011-12-26 21:20:46 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-12-26 21:20:45 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-12-26 21:20:44 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-12-26 21:20:43 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2011-12-26 21:08:06 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-12-26 21:08:05 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-12-26 21:08:05 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-12-24 14:47:21 ----D---- C:\Documents and Settings\Owner\Application Data\ANNO 2070
2011-12-17 17:33:56 ----D---- C:\Documents and Settings\Owner\Application Data\.minecraft
2011-12-17 17:32:14 ----D---- C:\Program Files\Common Files\Java
2011-12-17 17:32:08 ----A---- C:\WINDOWS\system32\javaws.exe
2011-12-17 17:32:08 ----A---- C:\WINDOWS\system32\javaw.exe
2011-12-17 17:32:08 ----A---- C:\WINDOWS\system32\java.exe
2011-12-17 15:41:03 ----A---- C:\WINDOWS\system32\Access.dat
2011-12-17 15:40:20 ----D---- C:\Documents and Settings\All Users\Application Data\Tunngle
2011-12-17 15:13:45 ----D---- C:\Documents and Settings\Owner\Application Data\GameRanger
2011-12-14 11:13:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-14 11:13:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-14 11:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-14 11:07:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-14 11:07:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-14 11:07:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-14 11:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-13 15:20:45 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2011-12-11 20:00:06 ----D---- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
2011-12-11 17:11:51 ----D---- C:\Program Files\Common Files\Steam
2011-12-02 12:48:29 ----D---- C:\Program Files\PC Connectivity Solution
2011-12-02 12:47:35 ----D---- C:\Program Files\Nokia
======List of files/folders modified in the last 1 month======
2011-12-30 11:36:00 ----RD---- C:\Program Files
2011-12-30 11:34:14 ----D---- C:\Documents and Settings\Owner\Application Data\Skype
2011-12-30 11:31:42 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-30 11:31:14 ----D---- C:\Documents and Settings\Owner\Application Data\skypePM
2011-12-30 11:31:10 ----D---- C:\WINDOWS\Temp
2011-12-30 11:29:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-30 10:04:29 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-30 10:04:07 ----RSD---- C:\WINDOWS\assembly
2011-12-30 09:35:05 ----SHD---- C:\WINDOWS\Installer
2011-12-30 09:35:01 ----D---- C:\WINDOWS\Prefetch
2011-12-30 09:35:00 ----D---- C:\WINDOWS\system32
2011-12-30 09:34:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-30 09:34:50 ----D---- C:\WINDOWS\WinSxS
2011-12-30 09:34:08 ----D---- C:\WINDOWS
2011-12-30 09:28:30 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2011-12-30 09:24:43 ----D---- C:\Documents and Settings\All Users\Application Data\Skype Extras
2011-12-30 09:24:27 ----D---- C:\Program Files\Common Files
2011-12-30 09:24:26 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-12-29 17:45:26 ----D---- C:\Program Files\Garena Classic
2011-12-29 10:29:04 ----D---- C:\WINDOWS\system32\DirectX
2011-12-29 10:29:03 ----HD---- C:\WINDOWS\inf
2011-12-29 10:28:49 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-12-28 15:31:37 ----D---- C:\Program Files\TuneUp Utilities 2012
2011-12-28 09:53:39 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2011-12-27 16:49:23 ----D---- C:\Documents and Settings
2011-12-26 21:22:56 ----D---- C:\WINDOWS\system32\drivers
2011-12-26 21:20:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-12-26 21:08:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-22 22:26:34 ----D---- C:\Documents and Settings\Owner\Application Data\Ubisoft
2011-12-22 22:22:10 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-17 17:32:01 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-12-17 17:17:54 ----D---- C:\Program Files\Java
2011-12-17 16:25:00 ----RSD---- C:\WINDOWS\Fonts
2011-12-15 20:43:19 ----A---- C:\WINDOWS\Notepad2.ini
2011-12-15 14:00:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-12-14 22:33:14 ----D---- C:\Documents and Settings\Owner\Application Data\dvdcss
2011-12-14 11:14:01 ----D---- C:\WINDOWS\system32\en-us
2011-12-14 11:14:01 ----D---- C:\Program Files\Internet Explorer
2011-12-14 11:13:51 ----A---- C:\WINDOWS\imsins.BAK
2011-12-14 11:08:05 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-14 11:07:52 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-12 12:42:50 ----D---- C:\Program Files\Opera
2011-12-04 18:29:57 ----A---- C:\WINDOWS\iun6002.exe
2011-12-02 12:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-10-08 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2011-08-04 61936]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-11-20 281760]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2011-08-09 154136]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2011-08-04 147480]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-11-20 25888]
R3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-12-21 470048]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2011-08-04 39824]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-10-18 6439528]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-08-03 12542592]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 af1937v3;af1937v3; C:\WINDOWS\system32\drivers\af1937v3.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-12-17 17480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-08-24 323816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-09-06 974944]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-12-17 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-10-10 75136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-11-02 1479488]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 wampapache;wampapache; d:\wamp\bin\apache\apache2.2.21\bin\httpd.exe [2011-09-26 18432]
S3 wampmysqld;wampmysqld; d:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe [2011-09-26 8158720]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivna kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Preventivna kontrola
Zdravím. 
Dej mi minutku, hnedle se na to mrknu.
Dej mi minutku, hnedle se na to mrknu.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Preventivna kontrola
Předpokládám, že ESET Smart Security je legální = zakoupená licence?!
Aktualizuj MS Internet Explorer na poslední verzi. I když používáš prohlížeč Mozilla Firefox, aktualizace řeší spoustu problémů i v systému samotném. Program TuneUp Utilities 2012 bych doporučil svižně odinstalovat. Pokud budeš jeho prostřednictvím něco v systému měnit, jsi na nejlepší cestě poškodit systém. Takové jsou naše zkušenosti. Potom fixni v HJT níže uvedené položky."Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-776561741-1844237615-1801674531-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
Po fixu stáhni OTL z tohoto odkazu a ulož jej na Plochu.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Zaškrtni okénko Pro všechny uživatele.
- Zaškrtni okénko Kontrola na havěť "LOP".
- Zaškrtni okénko Kontrola na havěť "Purity".
- Stáři souborů změň z 30 dnů na 7 dnů!!
- Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):
Kód: Vybrat vše
CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5- Klikni na tlačítko [Prohledat].
- Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
- Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Preventivna kontrola
Takze: Ano Eset smart security je platena licencia...neviem ako by som to mohol dokazat ze je jedine ze by som poslal kopiu kupnej zmluvy ale to sa mi zda ako trochu blbost 
Internet explorer som aktualizoval na 8 ale neviem ci je to najnovsia verzia :/
Tak neviem teda co s tym Tune upom lebo ja ho uz pouzivam 2 roky v kuse a nemam s nim najmensi problem, praveze vzdycky ked je nejaky problem tak mi to aj pomohlo tak neviem fakt co s tym teda :/
a co sa tyka toho HJT som nepochopil lebo neviem co ten HJT je? je to ako program ci to je RSIT alebo ako?
EDIT: aha zle som cital on sa nachadza v tom program filles ale nerozumiem co tam robi?
Internet explorer som aktualizoval na 8 ale neviem ci je to najnovsia verzia :/
Tak neviem teda co s tym Tune upom lebo ja ho uz pouzivam 2 roky v kuse a nemam s nim najmensi problem, praveze vzdycky ked je nejaky problem tak mi to aj pomohlo tak neviem fakt co s tym teda :/
a co sa tyka toho HJT som nepochopil lebo neviem co ten HJT je? je to ako program ci to je RSIT alebo ako?
EDIT: aha zle som cital on sa nachadza v tom program filles
ale nerozumiem co tam robi?-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Preventivna kontrola
S ESETem Ti zkusím věřit. Ano, to je v pořádku. Pro Windows XP, která máš je MSIE 8 poslední aktuální verze. TuneUp nechám na Tobě, je to Tvůj problém, ale aby ses pak nedivil. HJT tam vytvořil RSIT, nerob z toho nervy. Prostě spusť C:\Program Files\trend micro\Owner.exe jak jsem psal a fixni všechny řádky, co jsem Ti vypsal. A pak jdi na to OTL.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Preventivna kontrola
Dakujem za doveru a pardon ze mi to posielam az dneska ale nemohol som uz vcera za pc
tu je OTL.txt:
OTL logfile created on: 31.12.2011 11:26:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
3,50 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 78,12% Memory free
5,34 Gb Paging File | 4,76 Gb Available in Paging File | 89,26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 77,03 Gb Free Space | 77,03% Space Free | Partition Type: NTFS
Drive D: | 365,75 Gb Total Space | 188,14 Gb Free Space | 51,44% Space Free | Partition Type: NTFS
Computer Name: PETER-FB54314A9 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.12.31 11:23:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011.12.30 12:59:04 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.12.30 11:36:02 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\trend micro\Owner.exe
PRC - [2011.11.02 20:29:20 | 001,479,488 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2011.11.02 20:29:20 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011.09.06 17:16:42 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011.09.06 17:16:16 | 003,076,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011.08.03 12:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.30 12:59:02 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.09.05 18:05:06 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
MOD - [2011.03.16 13:29:27 | 000,381,952 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.11.02 20:29:20 | 001,479,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.09.26 08:05:32 | 008,158,720 | ---- | M] () [On_Demand | Stopped] -- d:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe -- (wampmysqld)
SRV - [2011.09.26 07:50:40 | 000,018,432 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- d:\wamp\bin\apache\apache2.2.21\bin\httpd.exe -- (wampapache)
SRV - [2011.09.06 17:16:42 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.08.03 12:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
========== Driver Services (SafeList) ==========
DRV - [2011.12.17 15:06:09 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2011.11.20 14:25:15 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.11.20 14:25:15 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.10.31 15:00:20 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.10.18 19:53:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011.10.08 21:36:58 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.10.08 15:29:35 | 000,016,376 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2011.08.24 19:39:38 | 000,323,816 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011.08.17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 12:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.08.09 12:57:10 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011.08.04 08:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2011.08.04 08:20:38 | 000,061,936 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2011.08.04 08:20:38 | 000,039,824 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2011.08.04 08:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005.12.21 09:16:34 | 000,470,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.30 12:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.17 17:17:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.10.08 15:33:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011.12.26 21:21:20 | 000,000,000 | ---D | M]
[2011.10.08 15:45:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011.12.27 16:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default\extensions
[2011.10.08 21:37:00 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default\searchplugins\daemon-search.xml
[2011.10.08 21:31:25 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default\searchplugins\qip-search.xml
[2011.12.30 12:59:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZC1XVG64.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZC1XVG64.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011.12.30 12:59:04 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.17 17:32:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.29 02:11:36 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2011.09.29 02:11:36 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2011.09.29 02:11:36 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2011.09.29 02:11:36 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2011.09.29 02:11:36 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011.09.29 02:11:36 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
O1 HOSTS File: ([2011.10.09 19:01:55 | 000,000,815 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003..\Run: [] File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-776561741-1844237615-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EEA5318A-953A-4625-A5C0-BFB75BA616AA}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.08 15:03:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.12.31 11:23:11 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011.12.30 13:05:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011.12.30 13:03:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011.12.30 13:02:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011.12.30 12:58:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.12.30 12:56:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.12.30 12:49:15 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.12.30 12:47:41 | 000,265,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdbg2.dll
[2011.12.30 12:47:41 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqmapi.dll
[2011.12.30 12:47:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
[2011.12.30 12:47:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
[2011.12.30 12:47:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
[2011.12.30 11:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.30 11:36:00 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.30 09:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011.12.30 09:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.12.30 09:24:26 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.12.29 10:37:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\InstallShield Installation Information
[2011.12.29 10:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Unreal Tournament 3
[2011.12.28 11:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\4 Elements
[2011.12.26 21:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Nokia Suite
[2011.12.26 21:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2011.12.26 21:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nokia
[2011.12.26 21:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011.12.26 21:20:46 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2011.12.26 21:20:45 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2011.12.26 21:20:44 | 000,023,168 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2011.12.26 21:20:43 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2011.12.26 21:08:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2011.12.26 21:08:05 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2011.12.26 21:08:05 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011.12.26 15:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\ALI213
[2011.12.26 15:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Red Faction Armageddon
[2011.12.24 15:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\ANNO 2070
[2011.12.24 14:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ANNO 2070
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.12.31 11:28:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.31 11:23:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011.12.31 11:16:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.30 16:04:36 | 000,051,186 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\room_v3.dat
[2011.12.30 13:15:59 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.30 13:07:37 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.30 13:02:07 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.12.30 12:30:04 | 000,012,374 | ---- | M] () -- C:\WINDOWS\Notepad2.ini
[2011.12.30 09:35:00 | 000,484,136 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.30 09:35:00 | 000,080,532 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.29 10:37:17 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Unreal Tournament 3.lnk
[2011.12.28 11:37:01 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements.lnk
[2011.12.27 12:15:20 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements 2.exe.lnk
[2011.12.26 15:51:00 | 000,000,019 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011.12.26 15:32:46 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Red Faction Armageddon.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.31 11:28:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.30 13:02:07 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.12.30 12:47:41 | 000,008,370 | ---- | C] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2011.12.29 10:37:17 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Unreal Tournament 3.lnk
[2011.12.28 11:37:01 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\4 Elements.lnk
[2011.12.26 15:32:46 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Red Faction Armageddon.lnk
[2011.12.17 15:41:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2011.12.03 15:42:46 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.20 14:25:15 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.11.20 14:25:15 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.11.14 21:30:53 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe Uložit pro web 12.0 Prefs
[2011.11.05 20:11:02 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2011.10.19 19:36:42 | 000,000,019 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2011.10.13 21:40:18 | 000,082,936 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.10.13 15:45:37 | 000,000,285 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.10.10 20:59:20 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.10.10 20:59:19 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011.10.10 13:38:31 | 000,051,186 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\room_v3.dat
[2011.10.09 14:58:52 | 000,257,024 | ---- | C] () -- C:\WINDOWS\Notepad2.exe
[2011.10.09 14:58:52 | 000,012,374 | ---- | C] () -- C:\WINDOWS\Notepad2.ini
[2011.10.08 21:52:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.10.08 19:25:00 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2011.10.08 17:56:16 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.10.08 17:56:16 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.10.08 17:56:16 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.10.08 16:54:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.10.08 16:51:35 | 003,455,472 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.08 15:26:00 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.10.08 15:04:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.10.08 15:00:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.05.21 05:01:00 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010.01.12 04:35:44 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008.10.28 16:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.12.04 18:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.02.28 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.02.28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.02.28 13:00:00 | 000,484,136 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.02.28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.02.28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.02.28 13:00:00 | 000,080,532 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.02.28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.02.28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.02.28 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.02.28 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.02.28 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.02.28 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.10.08 21:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011.10.08 15:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.10.25 18:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011.12.02 12:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2011.10.25 19:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011.10.25 19:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.12.11 20:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2011.11.06 21:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011.11.20 14:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011.12.17 15:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2011.11.27 20:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2011.10.21 12:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011.10.08 20:18:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.11.06 20:24:41 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011.10.15 20:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2011.12.17 17:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.minecraft
[2011.10.22 20:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Activision
[2011.12.24 14:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ANNO 2070
[2011.10.08 21:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
[2011.10.08 15:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ESET
[2011.12.17 15:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameRanger
[2011.10.08 21:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GHISLER
[2011.10.10 12:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2011.12.26 21:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2011.10.10 20:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PunkBuster
[2011.10.08 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QIP
[2011.10.08 21:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QipGuard
[2011.11.08 17:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2011.12.22 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ubisoft
[2011.12.30 14:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2011.11.20 12:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VitySoft
========== Purity Check ==========
========== Custom Scans ==========
< netsvc >
< MD5 for: ATAPI.SYS >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006.02.28 13:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.02.28 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.02.28 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2006.02.28 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.02.28 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.02.28 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%*.* /U /s >
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[40 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011.12.15 14:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011.10.08 21:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011.10.08 15:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.10.25 18:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011.10.09 17:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.11.09 19:24:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.10.08 21:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011.12.02 12:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2011.10.25 19:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011.10.08 17:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2011.10.08 17:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2011.10.25 19:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.12.11 20:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2011.11.06 21:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011.10.10 20:46:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SecuROM
[2011.12.30 09:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011.12.30 09:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype Extras
[2011.11.20 14:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011.10.08 15:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011.12.17 15:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2011.11.27 20:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2011.10.21 12:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011.10.08 16:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011.10.08 20:18:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.11.06 20:24:41 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.03.01 23:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java.exe
[2010.03.01 23:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 23:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 23:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 23:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 23:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 23:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 23:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 23:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 23:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\unpack200.exe
[2011.10.25 18:58:11 | 042,330,360 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NokiaSoftwareUpdaterSetup_SK.exe
[2011.10.25 18:59:27 | 003,351,812 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\msxml6Exec.exe
[2011.10.25 18:59:27 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\Sleep.exe
[2011.10.25 18:59:28 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\Sleep2008.exe
[2011.10.25 18:59:28 | 004,697,562 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2011.10.25 18:59:26 | 003,203,453 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\vcredistExec.exe
[2011.12.26 21:20:02 | 091,665,264 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer.exe
[2011.12.26 21:20:12 | 000,126,464 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\InstallerService.exe
[2011.12.26 21:20:12 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\InstallerServiceExec.exe
[2011.12.26 21:20:12 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\IsPinned.exe
[2011.12.26 21:20:20 | 000,046,656 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\pcswpc.exe
[2011.12.26 21:20:20 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\RepairMplatform.exe
[2011.12.26 21:20:20 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\Run_XML6_SP1.exe
[2011.12.26 21:20:20 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\WMF11Runx86.exe
[2011.12.26 21:20:24 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
[2011.05.21 05:01:00 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\WLMerger.exe
< %APPDATA%\*. >
[2011.12.17 17:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.minecraft
[2011.10.22 20:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Activision
[2011.11.08 23:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2011.11.08 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe Mini Bridge CS5
[2011.12.24 14:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ANNO 2070
[2011.10.08 21:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
[2011.12.14 22:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\dvdcss
[2011.10.08 15:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ESET
[2011.12.17 15:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameRanger
[2011.10.08 21:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GHISLER
[2011.10.08 15:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Identities
[2011.10.08 15:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InstallShield
[2011.12.29 10:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InstallShield Installation Information
[2011.10.08 16:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2011.12.28 09:53:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2011.10.08 15:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2011.11.06 21:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NVIDIA
[2011.10.10 12:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2011.12.26 21:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2011.10.10 20:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PunkBuster
[2011.10.08 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QIP
[2011.10.08 21:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QipGuard
[2011.10.10 15:50:22 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data\SecuROM
[2011.12.31 11:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Skype
[2011.12.31 11:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\skypePM
[2011.11.08 17:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.10.08 15:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sun
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2011.12.22 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ubisoft
[2011.12.30 14:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2011.11.20 12:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VitySoft
[2011.10.08 20:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vlc
[2011.10.08 20:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Winamp
[2011.10.09 09:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinRAR
< %APPDATA%\*.exe /s >
[2011.08.16 15:42:01 | 001,449,696 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\Owner\Application Data\GameRanger\GameRanger\GameRanger.exe
[2011.12.29 10:27:56 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Documents and Settings\Owner\Application Data\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe
[2011.11.06 21:33:37 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.17 22:46:25 | 000,835,440 | R--- | M] () -- C:\Documents and Settings\Owner\Application Data\PunkBuster\pbsetup\pbsvc.exe
[2010.12.21 18:37:24 | 000,191,360 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\QipGuard\QipGuard.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.10.08 21:36:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2011.10.08 16:50:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.10.08 16:50:48 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.10.08 16:50:48 | 000,913,408 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.12.30 09:35:00 | 000,080,532 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.12.30 09:35:00 | 000,484,136 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.12.30 09:34:59 | 000,555,394 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.12.30 13:15:59 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %userprofile%\Plocha\*.* >
< %userprofile%\Desktop\*.* >
[2011.11.30 10:38:59 | 891,894,617 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\24 HIER+10THEMES NA NOKIA N8-SYMBIAN S^3.rar
[2011.12.27 12:15:20 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements 2.exe.lnk
[2011.12.28 11:37:01 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements.lnk
[2011.10.08 20:31:00 | 000,000,551 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Cabal.lnk
[2011.10.13 15:32:24 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Crysis 2.lnk
[2011.12.03 15:48:40 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Dead Island.lnk
[2011.10.13 13:04:39 | 000,625,882 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Dochadzka.jpg
[2011.10.08 21:28:28 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Garena.lnk
[2011.12.17 17:34:28 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Minecraft-psycho-project.jar.lnk
[2011.11.22 16:09:21 | 000,028,987 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\net2ftp-1321954963.rar
[2011.12.08 19:40:06 | 000,175,713 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\net2ftp-1323368883.zip
[2011.11.30 08:50:49 | 1306,028,491 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Nokia N8,E7,C7,C6-01 Symbian^3(OS 9.zip
[2011.12.31 11:23:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011.11.14 21:49:20 | 007,856,235 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Podklad.psd
[2011.05.17 18:37:23 | 000,012,922 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Port.xlsx
[2011.10.08 20:29:23 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\realmlist.lnk
[2011.12.26 15:32:46 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Red Faction Armageddon.lnk
[2011.10.18 20:36:57 | 001,424,485 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Rozvrh - Neparny tyzden.jpg
[2011.10.18 20:37:02 | 001,320,394 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Rozvrh - parny tyzden.jpg
[2011.11.27 18:17:25 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\spojenie.php
[2011.10.23 15:56:51 | 000,016,896 | -HS- | M] () -- C:\Documents and Settings\Owner\Desktop\Thumbs.db
[2011.12.08 19:52:21 | 000,039,994 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Výstřižek.JPG
[2011.10.08 20:28:41 | 000,000,564 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\World of Warcraft.lnk
[2011.08.31 14:30:37 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Wow servery.txt
< %ALLUSERSPROFILE%\Plocha\*.* >
< %ALLUSERSPROFILE%\Desktop\*.* >
[2011.12.22 22:26:29 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ANNO 2070.lnk
[2011.10.08 15:44:56 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011.12.29 10:37:17 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Unreal Tournament 3.lnk
< *crack* /s >
[2009.03.08 09:59:14 | 000,163,840 | ---- | M] () -- \Program Files\Garena Classic\plugins\UI\AvoidCrackPlugin.dll
< *keygen* /s >
< *loader* /s >
[2011.10.08 21:35:31 | 000,003,208 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\49090P8N\ajax-loader[1].gif
[2011.10.09 16:58:01 | 000,007,879 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\49090P8N\bundleloader[1].js
[2011.10.09 16:58:02 | 000,000,693 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6PK5QJKP\downloaderror[1].js
[2011.10.09 16:58:02 | 000,001,174 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6PK5QJKP\downloader[1].js
[2011.11.24 20:02:38 | 000,003,208 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UDMVODC1\ajax_loader[1].gif
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2011.09.01 12:13:30 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel6\loader.gif
[2006.02.28 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:44 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:46 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *KMSEmulator* /s >
< *activator* /s >
[2011.11.06 20:26:05 | 000,001,913 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2012\All functions\TuneUp Program Deactivator.lnk
[2011.11.06 18:02:49 | 000,006,368 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6PK5QJKP\ProgramDeactivator_64x64-hover[1].png
[2011.11.06 18:30:46 | 000,006,373 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UDMVODC1\ProgramDeactivator_64x64[1].png
[2011.11.02 20:26:04 | 000,327,488 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\ProgramDeactivator.exe
[2011.11.02 20:29:22 | 000,102,720 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe
[2009.09.25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_16.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_32.png
[2009.09.25 14:00:00 | 000,004,597 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_48.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_64.png
[2009.09.25 14:00:00 | 000,002,616 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel2\iconProgramDeactivator.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\ProgramDeactivator\icon_ProgramDeactivator_32.png
< *serial* /s >
[2011.10.09 16:58:01 | 000,001,193 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UDMVODC1\serialize[1].js
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.02.28 13:00:00 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2011.10.08 19:24:52 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.30 09:34:50 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 17:43:57 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.12 14:29:59 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.12 14:28:43 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2011.10.12 14:30:43 | 002,647,040 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011.10.12 14:30:47 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.12 14:32:24 | 000,009,216 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2011.12.30 09:32:13 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.30 09:32:12 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.12.30 09:32:19 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2003.08.01 11:54:06 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serialui.dll.mui
[2008.04.13 23:10:22 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.13 23:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.02.28 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.02.28 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006.02.28 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.02.28 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.13 23:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
< *AutoRearm* /s >
< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"egui" = "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice -- [2011.09.06 17:16:16 | 003,076,144 | ---- | M] (ESET)
"RTHDCPL" = RTHDCPL.EXE -- [2011.10.14 18:58:12 | 020,064,872 | ---- | M] (Realtek Semiconductor Corp.)
"NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup -- [2008.04.14 04:42:34 | 000,033,280 | ---- | M] (Microsoft Corporation)
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.04.18 17:30:48 | 015,146,376 | R--- | M] (Skype Technologies S.A.)
< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.31 11:28:35 | 000,000,512 | ---- | M] () MD5=41D3971CCAB5C79993F3D12ED227F78D -- C:\PhysicalMBR.bin
< End of report >
a pardon ze mi to posielam az dneska ale nemohol som uz vcera za pc tu je OTL.txt:
OTL logfile created on: 31.12.2011 11:26:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
3,50 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 78,12% Memory free
5,34 Gb Paging File | 4,76 Gb Available in Paging File | 89,26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 77,03 Gb Free Space | 77,03% Space Free | Partition Type: NTFS
Drive D: | 365,75 Gb Total Space | 188,14 Gb Free Space | 51,44% Space Free | Partition Type: NTFS
Computer Name: PETER-FB54314A9 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.12.31 11:23:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011.12.30 12:59:04 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.12.30 11:36:02 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\trend micro\Owner.exe
PRC - [2011.11.02 20:29:20 | 001,479,488 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2011.11.02 20:29:20 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011.09.06 17:16:42 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011.09.06 17:16:16 | 003,076,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011.08.03 12:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.30 12:59:02 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.09.05 18:05:06 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
MOD - [2011.03.16 13:29:27 | 000,381,952 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.11.02 20:29:20 | 001,479,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.10.27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.09.26 08:05:32 | 008,158,720 | ---- | M] () [On_Demand | Stopped] -- d:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe -- (wampmysqld)
SRV - [2011.09.26 07:50:40 | 000,018,432 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- d:\wamp\bin\apache\apache2.2.21\bin\httpd.exe -- (wampapache)
SRV - [2011.09.06 17:16:42 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.08.03 12:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
========== Driver Services (SafeList) ==========
DRV - [2011.12.17 15:06:09 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2011.11.20 14:25:15 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.11.20 14:25:15 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.10.31 15:00:20 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.10.18 19:53:14 | 006,439,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011.10.08 21:36:58 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.10.08 15:29:35 | 000,016,376 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2011.08.24 19:39:38 | 000,323,816 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011.08.17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 12:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.08.09 12:57:10 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011.08.04 08:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2011.08.04 08:20:38 | 000,061,936 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2011.08.04 08:20:38 | 000,039,824 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2011.08.04 08:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005.12.21 09:16:34 | 000,470,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.30 12:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.17 17:17:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.10.08 15:33:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011.12.26 21:21:20 | 000,000,000 | ---D | M]
[2011.10.08 15:45:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011.12.27 16:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default\extensions
[2011.10.08 21:37:00 | 000,002,055 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default\searchplugins\daemon-search.xml
[2011.10.08 21:31:25 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\zc1xvg64.default\searchplugins\qip-search.xml
[2011.12.30 12:59:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZC1XVG64.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZC1XVG64.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011.12.30 12:59:04 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.17 17:32:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.29 02:11:36 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2011.09.29 02:11:36 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2011.09.29 02:11:36 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2011.09.29 02:11:36 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2011.09.29 02:11:36 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011.09.29 02:11:36 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml
O1 HOSTS File: ([2011.10.09 19:01:55 | 000,000,815 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003..\Run: [] File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-776561741-1844237615-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EEA5318A-953A-4625-A5C0-BFB75BA616AA}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.08 15:03:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.12.31 11:23:11 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011.12.30 13:05:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011.12.30 13:03:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011.12.30 13:02:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011.12.30 12:58:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.12.30 12:56:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.12.30 12:49:15 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.12.30 12:47:41 | 000,265,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdbg2.dll
[2011.12.30 12:47:41 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqmapi.dll
[2011.12.30 12:47:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
[2011.12.30 12:47:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
[2011.12.30 12:47:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
[2011.12.30 11:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.12.30 11:36:00 | 000,000,000 | ---D | C] -- C:\rsit
[2011.12.30 09:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011.12.30 09:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.12.30 09:24:26 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.12.29 10:37:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\InstallShield Installation Information
[2011.12.29 10:37:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Unreal Tournament 3
[2011.12.28 11:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\4 Elements
[2011.12.26 21:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Nokia Suite
[2011.12.26 21:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2011.12.26 21:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nokia
[2011.12.26 21:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011.12.26 21:20:46 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2011.12.26 21:20:45 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2011.12.26 21:20:44 | 000,023,168 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2011.12.26 21:20:43 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2011.12.26 21:08:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2011.12.26 21:08:05 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2011.12.26 21:08:05 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2011.12.26 15:35:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\ALI213
[2011.12.26 15:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Red Faction Armageddon
[2011.12.24 15:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\ANNO 2070
[2011.12.24 14:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ANNO 2070
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.12.31 11:28:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.31 11:23:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011.12.31 11:16:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.30 16:04:36 | 000,051,186 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\room_v3.dat
[2011.12.30 13:15:59 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.30 13:07:37 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.30 13:02:07 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.12.30 12:30:04 | 000,012,374 | ---- | M] () -- C:\WINDOWS\Notepad2.ini
[2011.12.30 09:35:00 | 000,484,136 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.30 09:35:00 | 000,080,532 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.29 10:37:17 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Unreal Tournament 3.lnk
[2011.12.28 11:37:01 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements.lnk
[2011.12.27 12:15:20 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements 2.exe.lnk
[2011.12.26 15:51:00 | 000,000,019 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011.12.26 15:32:46 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Red Faction Armageddon.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.31 11:28:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.12.30 13:02:07 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.12.30 12:47:41 | 000,008,370 | ---- | C] () -- C:\WINDOWS\System32\IE8Eula.rtf
[2011.12.29 10:37:17 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Unreal Tournament 3.lnk
[2011.12.28 11:37:01 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\4 Elements.lnk
[2011.12.26 15:32:46 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Red Faction Armageddon.lnk
[2011.12.17 15:41:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2011.12.03 15:42:46 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.20 14:25:15 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.11.20 14:25:15 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.11.14 21:30:53 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe Uložit pro web 12.0 Prefs
[2011.11.05 20:11:02 | 000,016,836 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2011.10.19 19:36:42 | 000,000,019 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2011.10.13 21:40:18 | 000,082,936 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.10.13 15:45:37 | 000,000,285 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.10.10 20:59:20 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.10.10 20:59:19 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011.10.10 13:38:31 | 000,051,186 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\room_v3.dat
[2011.10.09 14:58:52 | 000,257,024 | ---- | C] () -- C:\WINDOWS\Notepad2.exe
[2011.10.09 14:58:52 | 000,012,374 | ---- | C] () -- C:\WINDOWS\Notepad2.ini
[2011.10.08 21:52:40 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.10.08 19:25:00 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2011.10.08 17:56:16 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.10.08 17:56:16 | 000,280,276 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.10.08 17:56:16 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.10.08 16:54:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.10.08 16:51:35 | 003,455,472 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.08 15:26:00 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.10.08 15:04:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.10.08 15:00:56 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.05.21 05:01:00 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010.01.12 04:35:44 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008.10.28 16:40:48 | 000,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.12.04 18:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.02.28 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.02.28 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.02.28 13:00:00 | 000,484,136 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.02.28 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.02.28 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.02.28 13:00:00 | 000,080,532 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.02.28 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.02.28 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.02.28 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.02.28 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.02.28 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.02.28 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.10.08 21:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011.10.08 15:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.10.25 18:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011.12.02 12:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2011.10.25 19:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011.10.25 19:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.12.11 20:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2011.11.06 21:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011.11.20 14:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011.12.17 15:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2011.11.27 20:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2011.10.21 12:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011.10.08 20:18:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.11.06 20:24:41 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011.10.15 20:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2011.12.17 17:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.minecraft
[2011.10.22 20:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Activision
[2011.12.24 14:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ANNO 2070
[2011.10.08 21:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
[2011.10.08 15:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ESET
[2011.12.17 15:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameRanger
[2011.10.08 21:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GHISLER
[2011.10.10 12:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2011.12.26 21:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2011.10.10 20:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PunkBuster
[2011.10.08 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QIP
[2011.10.08 21:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QipGuard
[2011.11.08 17:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2011.12.22 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ubisoft
[2011.12.30 14:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2011.11.20 12:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VitySoft
========== Purity Check ==========
========== Custom Scans ==========
< netsvc >
< MD5 for: ATAPI.SYS >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:42:14 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=23043C91A0F9DFB4B9E9F87B680863B4 -- C:\WINDOWS\system32\autochk.exe
[2006.02.28 13:00:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.02.28 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.02.28 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.02.28 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2006.02.28 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.02.28 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.02.28 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.02.28 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %systemroot%*.* /U /s >
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[40 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2011.12.15 14:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011.10.08 21:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011.10.08 15:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011.10.25 18:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2011.10.09 17:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.11.09 19:24:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.10.08 21:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011.12.02 12:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2011.10.25 19:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011.10.08 17:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2011.10.08 17:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2011.10.25 19:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011.12.11 20:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2011.11.06 21:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011.10.10 20:46:44 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\SecuROM
[2011.12.30 09:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2011.12.30 09:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype Extras
[2011.11.20 14:33:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011.10.08 15:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011.12.17 15:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2011.11.27 20:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2011.10.21 12:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011.10.08 16:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011.10.08 20:18:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.11.06 20:24:41 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.03.01 23:44:10 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java-rmi.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\java.exe
[2010.03.01 23:44:10 | 000,059,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javacpl.exe
[2010.03.01 23:44:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaw.exe
[2010.03.01 23:44:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\javaws.exe
[2010.03.01 23:44:12 | 000,079,648 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jbroker.exe
[2010.03.01 23:44:12 | 000,023,328 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jp2launcher.exe
[2010.03.01 23:44:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqs.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jqsnotify.exe
[2010.03.01 23:44:12 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jucheck.exe
[2010.03.01 23:44:12 | 000,055,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jureg.exe
[2010.03.01 23:44:14 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\jusched.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\keytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\kinit.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\klist.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ktab.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\orbd.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\pack200.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\policytool.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmid.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\rmiregistry.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\servertool.exe
[2010.03.01 23:44:14 | 000,030,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\ssvagent.exe
[2010.03.01 23:44:14 | 000,033,568 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\tnameserv.exe
[2010.03.01 23:44:14 | 000,132,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\All Users\Application Data\Adobe\CS5\jre\bin\unpack200.exe
[2011.10.25 18:58:11 | 042,330,360 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\NokiaSoftwareUpdaterSetup_SK.exe
[2011.10.25 18:59:27 | 003,351,812 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\msxml6Exec.exe
[2011.10.25 18:59:27 | 000,036,864 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\Sleep.exe
[2011.10.25 18:59:28 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\Sleep2008.exe
[2011.10.25 18:59:28 | 004,697,562 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\vcredist2008Exec.exe
[2011.10.25 18:59:26 | 003,203,453 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Installations\{C96AA90C-9DE0-4C37-92F2-49CC3FE8C330}\Installer\CommonCustomActions\vcredistExec.exe
[2011.12.26 21:20:02 | 091,665,264 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer.exe
[2011.12.26 21:20:12 | 000,126,464 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\InstallerService.exe
[2011.12.26 21:20:12 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\InstallerServiceExec.exe
[2011.12.26 21:20:12 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\IsPinned.exe
[2011.12.26 21:20:20 | 000,046,656 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\pcswpc.exe
[2011.12.26 21:20:20 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\RepairMplatform.exe
[2011.12.26 21:20:20 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\Run_XML6_SP1.exe
[2011.12.26 21:20:20 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\WMF11Runx86.exe
[2011.12.26 21:20:24 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
[2011.05.21 05:01:00 | 000,194,152 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\All Users\Application Data\NVIDIA\Updatus\WLMerger.exe
< %APPDATA%\*. >
[2011.12.17 17:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.minecraft
[2011.10.22 20:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Activision
[2011.11.08 23:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2011.11.08 17:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Adobe Mini Bridge CS5
[2011.12.24 14:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ANNO 2070
[2011.10.08 21:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite
[2011.12.14 22:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\dvdcss
[2011.10.08 15:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ESET
[2011.12.17 15:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GameRanger
[2011.10.08 21:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GHISLER
[2011.10.08 15:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Identities
[2011.10.08 15:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InstallShield
[2011.12.29 10:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InstallShield Installation Information
[2011.10.08 16:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2011.12.28 09:53:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2011.10.08 15:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2011.11.06 21:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\NVIDIA
[2011.10.10 12:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Opera
[2011.12.26 21:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2011.10.10 20:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PunkBuster
[2011.10.08 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QIP
[2011.10.08 21:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QipGuard
[2011.10.10 15:50:22 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Owner\Application Data\SecuROM
[2011.12.31 11:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Skype
[2011.12.31 11:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\skypePM
[2011.11.08 17:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.10.08 15:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Sun
[2011.11.06 20:25:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2011.12.22 22:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Ubisoft
[2011.12.30 14:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\uTorrent
[2011.11.20 12:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VitySoft
[2011.10.08 20:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\vlc
[2011.10.08 20:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Winamp
[2011.10.09 09:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WinRAR
< %APPDATA%\*.exe /s >
[2011.08.16 15:42:01 | 001,449,696 | ---- | M] (GameRanger Technologies) -- C:\Documents and Settings\Owner\Application Data\GameRanger\GameRanger\GameRanger.exe
[2011.12.29 10:27:56 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Documents and Settings\Owner\Application Data\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe
[2011.11.06 21:33:37 | 000,038,784 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.17 22:46:25 | 000,835,440 | R--- | M] () -- C:\Documents and Settings\Owner\Application Data\PunkBuster\pbsetup\pbsvc.exe
[2010.12.21 18:37:24 | 000,191,360 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\QipGuard\QipGuard.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.10.08 21:36:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2011.10.08 16:50:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.10.08 16:50:48 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.10.08 16:50:48 | 000,913,408 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.12.30 09:35:00 | 000,080,532 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.12.30 09:35:00 | 000,484,136 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.12.30 09:34:59 | 000,555,394 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.12.30 13:15:59 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %userprofile%\Plocha\*.* >
< %userprofile%\Desktop\*.* >
[2011.11.30 10:38:59 | 891,894,617 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\24 HIER+10THEMES NA NOKIA N8-SYMBIAN S^3.rar
[2011.12.27 12:15:20 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements 2.exe.lnk
[2011.12.28 11:37:01 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\4 Elements.lnk
[2011.10.08 20:31:00 | 000,000,551 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Cabal.lnk
[2011.10.13 15:32:24 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Crysis 2.lnk
[2011.12.03 15:48:40 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Dead Island.lnk
[2011.10.13 13:04:39 | 000,625,882 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Dochadzka.jpg
[2011.10.08 21:28:28 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Garena.lnk
[2011.12.17 17:34:28 | 000,000,980 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Minecraft-psycho-project.jar.lnk
[2011.11.22 16:09:21 | 000,028,987 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\net2ftp-1321954963.rar
[2011.12.08 19:40:06 | 000,175,713 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\net2ftp-1323368883.zip
[2011.11.30 08:50:49 | 1306,028,491 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Nokia N8,E7,C7,C6-01 Symbian^3(OS 9.zip
[2011.12.31 11:23:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011.11.14 21:49:20 | 007,856,235 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Podklad.psd
[2011.05.17 18:37:23 | 000,012,922 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Port.xlsx
[2011.10.08 20:29:23 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\realmlist.lnk
[2011.12.26 15:32:46 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Red Faction Armageddon.lnk
[2011.10.18 20:36:57 | 001,424,485 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Rozvrh - Neparny tyzden.jpg
[2011.10.18 20:37:02 | 001,320,394 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Rozvrh - parny tyzden.jpg
[2011.11.27 18:17:25 | 000,000,363 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\spojenie.php
[2011.10.23 15:56:51 | 000,016,896 | -HS- | M] () -- C:\Documents and Settings\Owner\Desktop\Thumbs.db
[2011.12.08 19:52:21 | 000,039,994 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Výstřižek.JPG
[2011.10.08 20:28:41 | 000,000,564 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\World of Warcraft.lnk
[2011.08.31 14:30:37 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Wow servery.txt
< %ALLUSERSPROFILE%\Plocha\*.* >
< %ALLUSERSPROFILE%\Desktop\*.* >
[2011.12.22 22:26:29 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ANNO 2070.lnk
[2011.10.08 15:44:56 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011.12.29 10:37:17 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Unreal Tournament 3.lnk
< *crack* /s >
[2009.03.08 09:59:14 | 000,163,840 | ---- | M] () -- \Program Files\Garena Classic\plugins\UI\AvoidCrackPlugin.dll
< *keygen* /s >
< *loader* /s >
[2011.10.08 21:35:31 | 000,003,208 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\49090P8N\ajax-loader[1].gif
[2011.10.09 16:58:01 | 000,007,879 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\49090P8N\bundleloader[1].js
[2011.10.09 16:58:02 | 000,000,693 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6PK5QJKP\downloaderror[1].js
[2011.10.09 16:58:02 | 000,001,174 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6PK5QJKP\downloader[1].js
[2011.11.24 20:02:38 | 000,003,208 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UDMVODC1\ajax_loader[1].gif
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2011.09.01 12:13:30 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.05.31 02:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel6\loader.gif
[2006.02.28 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:44 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:46 | 000,278,016 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:41:54 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *KMSEmulator* /s >
< *activator* /s >
[2011.11.06 20:26:05 | 000,001,913 | ---- | M] () -- \Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2012\All functions\TuneUp Program Deactivator.lnk
[2011.11.06 18:02:49 | 000,006,368 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\6PK5QJKP\ProgramDeactivator_64x64-hover[1].png
[2011.11.06 18:30:46 | 000,006,373 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UDMVODC1\ProgramDeactivator_64x64[1].png
[2011.11.02 20:26:04 | 000,327,488 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\ProgramDeactivator.exe
[2011.11.02 20:29:22 | 000,102,720 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe
[2009.09.25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\deinstallation_programDeactivator_40x40.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_16.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_32.png
[2009.09.25 14:00:00 | 000,004,597 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_48.png
[2009.09.25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\icon_ProgramDeactivator_64.png
[2009.09.25 14:00:00 | 000,002,616 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel2\iconProgramDeactivator.png
[2009.09.25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\Integrator\images\panel6\ProgramDeactivator_16x16.png
[2009.09.25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files\TuneUp Utilities 2012\data\ProgramDeactivator\icon_ProgramDeactivator_32.png
< *serial* /s >
[2011.10.09 16:58:01 | 000,001,193 | ---- | M] () -- \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UDMVODC1\serialize[1].js
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.02.28 13:00:00 | 000,064,896 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2011.10.08 19:24:52 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.30 09:34:50 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.10.08 17:43:57 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.12 14:29:59 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.12 14:28:43 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2011.10.12 14:30:43 | 002,647,040 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\993f89ba22499c379d2a9dd25d13cd94\System.Runtime.Serialization.ni.dll
[2011.10.12 14:30:47 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\bed774dde4b62ed1d2d55c2d1769d600\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.12 14:32:24 | 000,009,216 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\3a2ab56bb224b871516526753985ff69\System.Xml.Serialization.ni.dll
[2011.12.30 09:32:13 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.12.30 09:32:12 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.12.30 09:32:19 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2003.08.01 11:54:06 | 000,005,632 | ---- | M] () -- \WINDOWS\mui\FALLBACK\041b\serialui.dll.mui
[2008.04.13 23:10:22 | 000,028,288 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.13 23:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.02.28 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.02.28 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006.02.28 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.02.28 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.13 23:45:46 | 000,064,512 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
< *AutoRearm* /s >
< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"egui" = "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice -- [2011.09.06 17:16:16 | 003,076,144 | ---- | M] (ESET)
"RTHDCPL" = RTHDCPL.EXE -- [2011.10.14 18:58:12 | 020,064,872 | ---- | M] (Realtek Semiconductor Corp.)
"NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup -- [2008.04.14 04:42:34 | 000,033,280 | ---- | M] (Microsoft Corporation)
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.04.18 17:30:48 | 015,146,376 | R--- | M] (Skype Technologies S.A.)
< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.31 11:28:35 | 000,000,512 | ---- | M] () MD5=41D3971CCAB5C79993F3D12ED227F78D -- C:\PhysicalMBR.bin
< End of report >
Re: Preventivna kontrola
a tu je Extras.txt:
OTL Extras logfile created on: 31.12.2011 11:26:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
3,50 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 78,12% Memory free
5,34 Gb Paging File | 4,76 Gb Available in Paging File | 89,26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 77,03 Gb Free Space | 77,03% Space Free | Partition Type: NTFS
Drive D: | 365,75 Gb Total Space | 188,14 Gb Free Space | 51,44% Space Free | Partition Type: NTFS
Computer Name: PETER-FB54314A9 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\uTorrent\uTorrent.exe" = D:\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"D:\Hry\Transformers\Binaries\TWFC.exe" = D:\Hry\Transformers\Binaries\TWFC.exe:*:Enabled:Transformers(TM) - War for Cybertron(TM) -- ()
"D:\Hry\Anno 1404\Anno4.exe" = D:\Hry\Anno 1404\Anno4.exe:*:Enabled:ANNO 1404 -- (Related Designs)
"D:\Hry\Anno 1404\tools\Anno4Web.exe" = D:\Hry\Anno 1404\tools\Anno4Web.exe:*:Enabled:Web ANNO 1404 -- ()
"D:\Hry\Anno 1404\tools\Benchmark.exe" = D:\Hry\Anno 1404\tools\Benchmark.exe:*:Enabled:Anno 1404 Setup Benchmark -- ()
"D:\Hry\Anno 2070\InitEngine.exe" = D:\Hry\Anno 2070\InitEngine.exe:*:Disabled:ANNO 2070 -- ()
"D:\Hry\Anno 2070\AutoPatcher.exe" = D:\Hry\Anno 2070\AutoPatcher.exe:*:Disabled:ANNO 2070 -- (Related Designs Software)
"D:\Hry\Anno 2070\Anno5.exe" = D:\Hry\Anno 2070\Anno5.exe:*:Disabled:ANNO 2070 -- ()
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Disabled:Ubisoft Game Launcher -- ()
"D:\Hry\Unreal Tournament 3\Binaries\UT3.exe" = D:\Hry\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1373D2A4-694D-44B4-8372-620336827A5A}" = ESET Smart Security
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Activision(R)
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{518A54AE-002F-406F-BB48-620676AB9960}" = Anno 1404
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Slovak
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Garena Classic 2011" = Garena Classic 2011
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IE7-LIP" = Windows Internet Explorer 7 Language Interface Pack (SKY)
"ie8" = Windows Internet Explorer 8
"InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Transformers(TM) - War for Cybertron(TM)
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 sk)" = Mozilla Firefox 9.0.1 (x86 sk)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Suite" = Nokia Suite
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.60.1185" = Opera 11.60
"PunkBusterSvc" = PunkBuster Services
"Red Faction Armageddon" = Red Faction Armageddon
"STANDARD" = Microsoft Office Standard 2007
"Super Ovladač_is1" = Super Ovladač
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WampServer 2_is1" = WampServer 2.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"QIP Infium" = QIP Infium 3.0.9042
"QipGuard" = QIP Internet Guardian
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6.11.2011 11:03:14 | Computer Name = PETER-FB54314A9 | Source = MsiInstaller | ID = 1013
Description = Produkt: NVIDIA PhysX -- Installation terminated
Error - 9.11.2011 14:24:46 | Computer Name = PETER-FB54314A9 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie photoshop.exe, verzia 12.0.0.0, zlyhanie modulu
msvcr90.dll, verzia 9.0.30729.4148, adresa zlyhania 0x0005bea4.
Error - 9.11.2011 14:25:41 | Computer Name = PETER-FB54314A9 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie photoshop.exe, verzia 12.0.0.0, zlyhanie modulu
msvcr90.dll, verzia 9.0.30729.4148, adresa zlyhania 0x0005bea4.
Error - 9.11.2011 14:34:30 | Computer Name = PETER-FB54314A9 | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> (OS 10048)Zvyčajne
je povolené len jedno použitie každej adresy (protokolu, sieťovej adresy, portu)
soketu. : make_sock: could not bind to address 0.0.0.0:80 .
Error - 9.11.2011 14:34:30 | Computer Name = PETER-FB54314A9 | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> no listening
sockets available, shutting down .
Error - 9.11.2011 14:34:30 | Computer Name = PETER-FB54314A9 | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Unable
to open logs .
[ System Events ]
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
< End of report >
OTL Extras logfile created on: 31.12.2011 11:26:16 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
3,50 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 78,12% Memory free
5,34 Gb Paging File | 4,76 Gb Available in Paging File | 89,26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 77,03 Gb Free Space | 77,03% Space Free | Partition Type: NTFS
Drive D: | 365,75 Gb Total Space | 188,14 Gb Free Space | 51,44% Space Free | Partition Type: NTFS
Computer Name: PETER-FB54314A9 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"D:\uTorrent\uTorrent.exe" = D:\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"D:\Hry\Transformers\Binaries\TWFC.exe" = D:\Hry\Transformers\Binaries\TWFC.exe:*:Enabled:Transformers(TM) - War for Cybertron(TM) -- ()
"D:\Hry\Anno 1404\Anno4.exe" = D:\Hry\Anno 1404\Anno4.exe:*:Enabled:ANNO 1404 -- (Related Designs)
"D:\Hry\Anno 1404\tools\Anno4Web.exe" = D:\Hry\Anno 1404\tools\Anno4Web.exe:*:Enabled:Web ANNO 1404 -- ()
"D:\Hry\Anno 1404\tools\Benchmark.exe" = D:\Hry\Anno 1404\tools\Benchmark.exe:*:Enabled:Anno 1404 Setup Benchmark -- ()
"D:\Hry\Anno 2070\InitEngine.exe" = D:\Hry\Anno 2070\InitEngine.exe:*:Disabled:ANNO 2070 -- ()
"D:\Hry\Anno 2070\AutoPatcher.exe" = D:\Hry\Anno 2070\AutoPatcher.exe:*:Disabled:ANNO 2070 -- (Related Designs Software)
"D:\Hry\Anno 2070\Anno5.exe" = D:\Hry\Anno 2070\Anno5.exe:*:Disabled:ANNO 2070 -- ()
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Disabled:Ubisoft Game Launcher -- ()
"D:\Hry\Unreal Tournament 3\Binaries\UT3.exe" = D:\Hry\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3 -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1373D2A4-694D-44B4-8372-620336827A5A}" = ESET Smart Security
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Activision(R)
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{518A54AE-002F-406F-BB48-620676AB9960}" = Anno 1404
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90120000-0010-041B-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Slovak) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Slovak
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Garena Classic 2011" = Garena Classic 2011
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IE7-LIP" = Windows Internet Explorer 7 Language Interface Pack (SKY)
"ie8" = Windows Internet Explorer 8
"InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Transformers(TM) - War for Cybertron(TM)
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 sk)" = Mozilla Firefox 9.0.1 (x86 sk)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Suite" = Nokia Suite
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.60.1185" = Opera 11.60
"PunkBusterSvc" = PunkBuster Services
"Red Faction Armageddon" = Red Faction Armageddon
"STANDARD" = Microsoft Office Standard 2007
"Super Ovladač_is1" = Super Ovladač
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WampServer 2_is1" = WampServer 2.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"QIP Infium" = QIP Infium 3.0.9042
"QipGuard" = QIP Internet Guardian
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6.11.2011 11:03:14 | Computer Name = PETER-FB54314A9 | Source = MsiInstaller | ID = 1013
Description = Produkt: NVIDIA PhysX -- Installation terminated
Error - 9.11.2011 14:24:46 | Computer Name = PETER-FB54314A9 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie photoshop.exe, verzia 12.0.0.0, zlyhanie modulu
msvcr90.dll, verzia 9.0.30729.4148, adresa zlyhania 0x0005bea4.
Error - 9.11.2011 14:25:41 | Computer Name = PETER-FB54314A9 | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie photoshop.exe, verzia 12.0.0.0, zlyhanie modulu
msvcr90.dll, verzia 9.0.30729.4148, adresa zlyhania 0x0005bea4.
Error - 9.11.2011 14:34:30 | Computer Name = PETER-FB54314A9 | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> (OS 10048)Zvyčajne
je povolené len jedno použitie každej adresy (protokolu, sieťovej adresy, portu)
soketu. : make_sock: could not bind to address 0.0.0.0:80 .
Error - 9.11.2011 14:34:30 | Computer Name = PETER-FB54314A9 | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> no listening
sockets available, shutting down .
Error - 9.11.2011 14:34:30 | Computer Name = PETER-FB54314A9 | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Unable
to open logs .
[ System Events ]
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
Error - 30.12.2011 4:24:04 | Computer Name = PETER-FB54314A9 | Source = Service Control Manager | ID = 7023
Description = Služba Application Management bola ukončená s nasledujúcou chybou:
%%126
< End of report >
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Preventivna kontrola
V pohodě, každý přece máme svůj osobní život. 
Pročisti si Plochu - velikost adresáře C:\Documents and Settings\Owner\Desktop by měla být maximálně +/- 300 MB, jinak se Ti bude systém zpomalovat.
Tak pokud jsi provedl vše, co jsem Ti psal, dáme se do opravy pomocí OTL.
Znovu spusť OTL.
Pročisti si Plochu - velikost adresáře C:\Documents and Settings\Owner\Desktop by měla být maximálně +/- 300 MB, jinak se Ti bude systém zpomalovat. Tak pokud jsi provedl vše, co jsem Ti psal, dáme se do opravy pomocí OTL. Znovu spusť OTL.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):
Kód: Vybrat vše
:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]
:Services
JavaQuickStarterService
SwitchBoard
:OTL
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
O3 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKU\S-1-5-21-776561741-1844237615-1801674531-1003..\Run: [] File not found
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[40 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-- Klikni na tlačítko [Opravit].
- Po dokončení skenu se objeví log, ten mi sem vlož.
- Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Preventivna kontrola
Ok tak plocha ma teraz +- 50 MB a tu je log z OTL:
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33778 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Owner
->Temp folder emptied: 82908172 bytes
->Temporary Internet Files folder emptied: 260045371 bytes
->Java cache emptied: 33032 bytes
->FireFox cache emptied: 1100138625 bytes
->Opera cache emptied: 3810647 bytes
->Flash cache emptied: 209569 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2533208 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 383,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Owner
->Flash cache emptied: 0 bytes
User: UpdatusUser
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== OTL ==========
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1061.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1108.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP249.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP249.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6C4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71C.tmp\System.Windows.Forms.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7F8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8E2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP93C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E8.tmp\Microsoft.PowerShell.GraphicalHost.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE20.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI10.tmp deleted successfully.
C:\WINDOWS\Installer\MSI15.tmp deleted successfully.
C:\WINDOWS\Installer\MSI161.tmp deleted successfully.
C:\WINDOWS\Installer\MSI19F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1A0.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1A1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1D4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI212.tmp deleted successfully.
C:\WINDOWS\Installer\MSI213.tmp deleted successfully.
C:\WINDOWS\Installer\MSI214.tmp deleted successfully.
C:\WINDOWS\Installer\MSI215.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI64.tmp deleted successfully.
C:\WINDOWS\Installer\MSI65.tmp deleted successfully.
C:\WINDOWS\Installer\MSI66.tmp deleted successfully.
C:\WINDOWS\Installer\MSIAF.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB0.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB1.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB2.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB3.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB4.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB5.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB6.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB7.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB8.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB9.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBA.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBB.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBC.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBD.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBE.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBF.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC0.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC1.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC2.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC3.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC4.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC5.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC6.tmp deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
OTL by OldTimer - Version 3.2.31.0 log created on 01012012_140634
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33778 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Owner
->Temp folder emptied: 82908172 bytes
->Temporary Internet Files folder emptied: 260045371 bytes
->Java cache emptied: 33032 bytes
->FireFox cache emptied: 1100138625 bytes
->Opera cache emptied: 3810647 bytes
->Flash cache emptied: 209569 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2533208 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 383,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Owner
->Flash cache emptied: 0 bytes
User: UpdatusUser
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== OTL ==========
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-776561741-1844237615-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1061.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1108.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP249.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP249.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6C4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71C.tmp\System.Windows.Forms.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7F8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8E2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP93C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E8.tmp\Microsoft.PowerShell.GraphicalHost.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAA3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE20.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI10.tmp deleted successfully.
C:\WINDOWS\Installer\MSI15.tmp deleted successfully.
C:\WINDOWS\Installer\MSI161.tmp deleted successfully.
C:\WINDOWS\Installer\MSI19F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1A0.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1A1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1D4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI212.tmp deleted successfully.
C:\WINDOWS\Installer\MSI213.tmp deleted successfully.
C:\WINDOWS\Installer\MSI214.tmp deleted successfully.
C:\WINDOWS\Installer\MSI215.tmp deleted successfully.
C:\WINDOWS\Installer\MSI25.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI64.tmp deleted successfully.
C:\WINDOWS\Installer\MSI65.tmp deleted successfully.
C:\WINDOWS\Installer\MSI66.tmp deleted successfully.
C:\WINDOWS\Installer\MSIAF.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB0.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB1.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB2.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB3.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB4.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB5.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB6.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB7.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB8.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB9.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBA.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBB.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBC.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBD.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBE.tmp deleted successfully.
C:\WINDOWS\Installer\MSIBF.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC0.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC1.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC2.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC3.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC4.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC5.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC6.tmp deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
OTL by OldTimer - Version 3.2.31.0 log created on 01012012_140634
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Preventivna kontrola
Super. 
OTL provedlo, co mělo, takže jen dočistíme...
Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.
TFC http://oldtimer.geekstogo.com/TFC.exe
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
CCleaner doporučuji používat cca jednou za týden.
... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.
OTL provedlo, co mělo, takže jen dočistíme... Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí. TFC http://oldtimer.geekstogo.com/TFC.exe
- Stáhni a spusť.
- Klikni na Start a potvrď OK.
- Program uklidí a může (nemusí) restartovat PC.
- Po použití utilitu smaž.
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
- Panel čistič
- Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
- Panel registry
- Klikni na Hledej problémy.
- Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
- Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
- Panel nástroje
- Zde můžeš odinstalovat nepotřebné programy.
CCleaner doporučuji používat cca jednou za týden.... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Preventivna kontrola
Ok tak dakujem za pomoc a rady Stastny novy rok prajem
Stastny novy rok prajem -
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Preventivna kontrola
Není vůbec zač a rádo se stalo. 
Přeji pěkný den 
a i Tobě klidný vstup do Nového roku 2012. Ať je lepší, než ten poslední. 
Přeji pěkný den a i Tobě klidný vstup do Nového roku 2012. Ať je lepší, než ten poslední. --- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Přispějete na provoz fóra?