Prosim o kontrolu, problemy pri spustenem thunderbirdu

Zpráva

lukashajek · #1 Příspěvek od **lukashajek** » 02 srp 2012 19:42

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lukas Hajek at 2012-08-02 20:40:41
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 46 GB (60%) free of 76 GB
Total RAM: 3071 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:40:49, on 2.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lukas Hajek\Plocha\RSIT.exe
C:\Program Files\trend micro\Lukas Hajek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ActiveHelper Support Panel.lnk = C:\Program Files\ActiveHelper Support Panel\ActiveHelper Support Panel.exe
O4 - Startup: BootLogXP.lnk = C:\Program Files\Greatis\RegRunSuite\BootLogXP.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.cz/buxus/docs/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8264 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-10-23 962560]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-12 4112384]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-07-12 81920]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-23 620152]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-02-23 3451496]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-07 1848648]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-08-10 421888]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2003-10-14 581632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

C:\Documents and Settings\Lukas Hajek\Nabídka Start\Programy\Po spuštění
ActiveHelper Support Panel.lnk - C:\Program Files\ActiveHelper Support Panel\ActiveHelper Support Panel.exe
BootLogXP.lnk - C:\Program Files\Greatis\RegRunSuite\BootLogXP.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-07-23 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\telc\web\sources\joomlasoft\xampplite\mysql\bin\mysqld.exe"="F:\telc\web\sources\joomlasoft\xampplite\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"F:\telc\web\sources\joomlasoft\xampplite\apache\bin\apache.exe"="F:\telc\web\sources\joomlasoft\xampplite\apache\bin\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Documents and Settings\Lukas Hajek\Plocha\aoe\age2_x1.exe"="C:\Documents and Settings\Lukas Hajek\Plocha\aoe\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Documents and Settings\Lukas Hajek\Plocha\aoe\empires2.exe"="C:\Documents and Settings\Lukas Hajek\Plocha\aoe\empires2.exe:*:Enabled:Age of Empires II"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Disabled:DNA"
"C:\Program Files\Cycling '74\Max 5.0\Max.exe"="C:\Program Files\Cycling '74\Max 5.0\Max.exe:*:Disabled:MaxMSP"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\aoe\age2_x1.exe"="F:\aoe\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\apache\bin\httpd.exe"="F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\mysql\bin\mysqld.exe"="F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\mysql\bin\mysqld.exe:*:Enabled:mysqld"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - "J:\WD SmartWare.exe" autoplay=true

======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

======List of files/folders created in the last 3 months======

2012-08-01 14:12:34 ----D---- C:\Program Files\CCleaner
2012-08-01 11:54:44 ----SHD---- C:\Config.Msi
2012-07-11 21:42:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 21:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-11 21:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 21:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 21:39:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-04 16:02:03 ----D---- C:\Documents and Settings\Lukas Hajek\Data aplikací\WebsiteChat
2012-07-02 18:04:33 ----D---- C:\Documents and Settings\Lukas Hajek\Data aplikací\LiveChat
2012-06-14 16:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2707511$
2012-06-14 16:20:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2685939$
2012-06-14 16:17:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2012-06-04 21:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2718704$
2012-05-12 21:08:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-05-12 21:00:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-05-12 20:59:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-05-12 20:58:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-05-03 12:45:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-05-03 12:45:00 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of files/folders modified in the last 3 months======

2012-08-02 20:40:47 ----D---- C:\Program Files\trend micro
2012-08-02 20:40:31 ----D---- C:\WINDOWS\Prefetch
2012-08-02 19:15:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-08-02 19:15:48 ----D---- C:\Documents and Settings\Lukas Hajek\Data aplikací\Skype
2012-08-02 19:15:48 ----D---- C:\Documents and Settings\Lukas Hajek\Data aplikací\FileZilla
2012-08-02 19:15:48 ----D---- C:\Documents and Settings\Lukas Hajek\Data aplikací\BitTorrent
2012-08-02 19:14:55 ----D---- C:\WINDOWS\Debug
2012-08-02 19:14:55 ----D---- C:\WINDOWS
2012-08-02 19:14:54 ----D---- C:\WINDOWS\Minidump
2012-08-02 19:14:46 ----D---- C:\WINDOWS\Temp
2012-08-02 15:04:11 ----D---- C:\Program Files\Mozilla Firefox
2012-08-01 14:39:15 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-08-01 14:12:34 ----RD---- C:\Program Files
2012-08-01 11:54:46 ----D---- C:\Program Files\Common Files
2012-08-01 11:54:45 ----SHD---- C:\WINDOWS\Installer
2012-08-01 11:54:45 ----D---- C:\Program Files\Adobe
2012-07-31 19:26:31 ----D---- C:\Documents and Settings\Lukas Hajek\Data aplikací\Adobe
2012-07-27 17:19:31 ----A---- C:\WINDOWS\NeroDigital.ini
2012-07-27 11:04:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2012-07-19 17:07:31 ----D---- C:\Program Files\Mozilla Thunderbird
2012-07-12 21:12:24 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-12 18:22:29 ----D---- C:\WINDOWS\system32
2012-07-11 21:42:44 ----HD---- C:\WINDOWS\inf
2012-07-11 21:42:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 21:42:18 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 21:39:52 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-02 18:04:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-06-27 15:59:45 ----D---- C:\WINDOWS\Help
2012-06-15 09:33:03 ----D---- C:\WINDOWS\Microsoft.NET
2012-06-15 09:33:00 ----RSD---- C:\WINDOWS\assembly
2012-06-14 16:27:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-06-14 16:27:10 ----D---- C:\WINDOWS\WinSxS
2012-06-14 16:21:39 ----D---- C:\Program Files\Internet Explorer
2012-06-14 16:21:15 ----D---- C:\WINDOWS\ie8updates
2012-06-14 16:20:47 ----D---- C:\WINDOWS\system32\drivers
2012-06-08 16:25:48 ----A---- C:\WINDOWS\system32\shell32.dll
2012-06-05 17:49:58 ----N---- C:\WINDOWS\system32\msxml6.dll
2012-06-05 17:49:57 ----A---- C:\WINDOWS\system32\msxml3.dll
2012-06-04 06:32:38 ----A---- C:\WINDOWS\system32\schannel.dll
2012-06-02 15:19:44 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2012-06-02 15:19:38 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-06-02 15:19:38 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-06-02 15:19:34 ----A---- C:\WINDOWS\system32\wups2.dll
2012-06-02 15:19:34 ----A---- C:\WINDOWS\system32\wups.dll
2012-06-02 15:19:34 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2012-06-02 15:19:34 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-06-02 15:19:34 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2012-06-02 15:19:34 ----A---- C:\WINDOWS\system32\cdm.dll
2012-06-02 15:19:24 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-06-02 15:19:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-05-31 15:22:06 ----A---- C:\WINDOWS\system32\crypt32.dll
2012-05-16 17:09:43 ----A---- C:\WINDOWS\system32\wininet.dll
2012-05-12 21:08:18 ----D---- C:\WINDOWS\system32\XPSViewer
2012-05-11 20:14:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2012-05-11 16:44:10 ----N---- C:\WINDOWS\system32\occache.dll
2012-05-11 16:44:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2012-05-11 16:44:10 ----A---- C:\WINDOWS\system32\url.dll
2012-05-11 16:44:10 ----A---- C:\WINDOWS\system32\mstime.dll
2012-05-11 16:44:10 ----A---- C:\WINDOWS\system32\mshtmled.dll
2012-05-11 16:44:10 ----A---- C:\WINDOWS\system32\mshtml.dll
2012-05-11 16:44:09 ----N---- C:\WINDOWS\system32\jsproxy.dll
2012-05-11 16:44:09 ----N---- C:\WINDOWS\system32\iepeers.dll
2012-05-11 16:44:09 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2012-05-11 16:44:09 ----A---- C:\WINDOWS\system32\msfeeds.dll
2012-05-11 16:44:09 ----A---- C:\WINDOWS\system32\licmgr10.dll
2012-05-11 16:44:09 ----A---- C:\WINDOWS\system32\iertutil.dll
2012-05-11 16:44:08 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2012-05-11 13:38:19 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2012-05-05 05:14:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2012-05-05 05:14:53 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 saskutil;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2003-05-09 33248]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-06-20 25244]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-07-04 100256]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-07-12 2459968]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-08-20 593152]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 Parclass;Parclass; C:\WINDOWS\System32\Drivers\Parclass.sys [2003-02-10 20272]
S3 a4trk4ls;a4trk4ls; C:\WINDOWS\system32\drivers\a4trk4ls.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2008-03-13 57536]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2008-03-13 72000]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 regguard;RegGuard; \??\C:\WINDOWS\system32\Drivers\regguard.sys []
S3 sasenum;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-02-23 42184]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-12 114755]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-11-07 654848]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
S4 ATMsrvc;ATM Service; C:\WINDOWS\System32\ATMsrvc.exe [2000-05-24 15360]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 02 srp 2012 19:50

Log je celkem OK. Zkuste vyčistit CCleanerem: http://forum.viry.cz/viewtopic.php?f=46&t=7478 . O jaké problémy se jedná?

lukashajek · #3 Příspěvek od **lukashajek** » 03 srp 2012 09:01

clenerem jsem cistil tesne pred generovanim logu. Posledni mesic pri spustenem TB se mi jakoby zasekne maximalizovany ve predu i kdyz pres nej mam okno s jinym programem a porad jsem v prostredi TB a nemuzu pracovat v okne programu ktere je nahore. Musim ctrl+alt+del a prepnou na program. Dekuji za napovedu.

#4 Příspěvek od **Rudy** » 03 srp 2012 17:09

Zkuste TB reinstalovat. Virový problém to nebude, spíš samotného TB, nebo bude nějaký konflikt.

#5 Příspěvek od **motji** » 31 srp 2012 15:56

Jak to tu vypadá?

lukashajek · #6 Příspěvek od **lukashajek** » 31 srp 2012 16:06

no jelikoz to vir neni, tak lze tema asi uzavrit. Problemy bohuzel pretrvavaji. Neni to asi TB protoze se mi to stave u vsech moznych aplikaci, ze najedou nejdou ovladat mysi a musim na ne prepnout pres spravce uloh.

#7 Příspěvek od **motji** » 31 srp 2012 17:21

To se Vám stává odkdy?

lukashajek · #8 Příspěvek od **lukashajek** » 31 srp 2012 17:29

asi tak posledni mesic, nic noveho jsem neinstaloval...aspon si nevzpominam (mozna nejake aktualizace). Nevim jestli to s tim souvisi, ale bezici aplikace si berou strasne moc z pameti. Treba FF ma ted 335 MB a to mam otevreno 5 oken. Thunderbird 110 mb.

#9 Příspěvek od **motji** » 31 srp 2012 17:35

S tím FF je to normální, to je takový malý žrout

.
Ale mrkneme raději po těch virech

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

lukashajek · #10 Příspěvek od **lukashajek** » 31 srp 2012 18:32

OTL Extras logfile created on: 31.8.2012 18:48:48 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Lukas Hajek\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 63,98% Memory free
4,35 Gb Paging File | 3,37 Gb Available in Paging File | 77,43% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 34,39 Gb Free Space | 46,15% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 15,10 Gb Free Space | 20,26% Space Free | Partition Type: NTFS

Computer Name: LUKASHAJEK | User Name: Lukas Hajek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\telc\web\sources\joomlasoft\xampplite\mysql\bin\mysqld.exe" = F:\telc\web\sources\joomlasoft\xampplite\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()
"F:\telc\web\sources\joomlasoft\xampplite\apache\bin\apache.exe" = F:\telc\web\sources\joomlasoft\xampplite\apache\bin\apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Documents and Settings\Lukas Hajek\Plocha\aoe\age2_x1.exe" = C:\Documents and Settings\Lukas Hajek\Plocha\aoe\age2_x1.exe:*:Enabled:Age of Empires II Expansion
"C:\Documents and Settings\Lukas Hajek\Plocha\aoe\empires2.exe" = C:\Documents and Settings\Lukas Hajek\Plocha\aoe\empires2.exe:*:Enabled:Age of Empires II
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Disabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\Cycling '74\Max 5.0\Max.exe" = C:\Program Files\Cycling '74\Max 5.0\Max.exe:*:Disabled:MaxMSP -- (Cycling '74)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- ()
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"F:\aoe\age2_x1.exe" = F:\aoe\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\apache\bin\httpd.exe" = F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\mysql\bin\mysqld.exe" = F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\mysql\bin\mysqld.exe:*:Enabled:mysqld -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01FDF9B7-9C5C-444C-AB5E-86BA45A4A39C}" = Adobe Creative Suite 3 Design Premium
"{035AB2F4-A32D-4F09-A5F9-B8492027884E}" = AHV content for Acrobat and Flash
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0ED7929C-D44B-46AE-97F3-B9B148F989D6}" = Adobe InDesign CS3
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series" = Canon iP3600 series Printer Driver
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 17
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A7A90CE-7B2A-48FE-95F1-D87E0B65783C}" = Sonic Scenarist
"{3D80E2F2-03F9-44BD-B152-1DE8C9CFECAB}" = PDF Settings
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54F8E385-FABD-4DE3-AC7A-9000D5725992}" = Adobe Flash Video Encoder
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E2B2A24-E7D1-4183-84B1-7CCB6795F521}" = Adobe Flash CS3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{688EF2CE-F209-4B82-B75B-C370819B06DB}" = Max 5.0.1
"{68B5CF89-DC64-45E9-8E9E-4938B4EA812E}" = Adobe Illustrator CS3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2FF776F-2160-4FFA-AC53-818FBEDC12B3}" = Adobe Setup
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B944FA21-81AF-4A77-8328-CE4F4CC51029}" = Nero 8 Demo
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CA7C7C73-32C4-4A98-BF09-D41F7602DE04}" = Adobe SING CS3
"{cddcbbf1-2703-46bc-938b-bcc81a1eeaaa}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D127F550-E5B6-43B2-9169-C43921184C55}" = Adobe Extension Manager CS3
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EF179095-572B-460E-BF28-842E3CB755AC}" = Adobe MotionPicture Color Files
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Type Manager 4.1" = Adobe Type Manager 4.1
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_dd78348730168e091cb096fe182e420" = Adobe Creative Suite 3 Design Premium
"avast" = avast! Free Antivirus
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCE SP Trial Version" = CCE SP Trial Version
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup_is1" = MozBackup 1.4.7
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"Mozilla Thunderbird 14.0 (x86 cs)" = Mozilla Thunderbird 14.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"PSPad editor_is1" = PSPad editor
"Registrace uživatele zařízení Canon iP3600 series" = Registrace uživatele zařízení Canon iP3600 series
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-329068152-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"FileZilla Client" = FileZilla Client 3.5.3

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 25.11.2008 17:51:19 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 25.11.2008 17:52:06 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 25.11.2008 17:52:08 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 25.11.2008 18:35:22 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 25.11.2008 18:36:15 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 25.11.2008 18:38:09 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 24.5.2009 5:49:14 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 5.11.2009 6:44:57 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 9.11.2009 11:44:10 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

Error - 13.11.2009 15:56:16 | Computer Name = LUKASHAJEK | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 23.8.2012 8:45:17 | Computer Name = LUKASHAJEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 10.1.4.38, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.8.2012 6:36:20 | Computer Name = LUKASHAJEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 10.1.4.38, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.8.2012 13:11:58 | Computer Name = LUKASHAJEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 10.1.4.38, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.8.2012 13:12:02 | Computer Name = LUKASHAJEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 10.1.4.38, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.8.2012 13:18:13 | Computer Name = LUKASHAJEK | Source = nview_info | ID = 11141121
Description =

Error - 27.8.2012 13:59:10 | Computer Name = LUKASHAJEK | Source = Application Error | ID = 1000
Description = Chybující aplikace dreamweaver.exe, verze 9.0.0.3453, chybující modul
dreamweaver.exe, verze 9.0.0.3453, adresa chyby 0x008e11b7.

Error - 30.8.2012 11:41:22 | Computer Name = LUKASHAJEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Photoshop.exe, verze 10.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.8.2012 11:41:51 | Computer Name = LUKASHAJEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace thunderbird.exe, verze 14.0.0.4577, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.8.2012 7:20:04 | Computer Name = LUKASHAJEK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 10.1.4.38, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.8.2012 13:25:19 | Computer Name = LUKASHAJEK | Source = Application Error | ID = 1000
Description = Chybující aplikace dreamweaver.exe, verze 9.0.0.3453, chybující modul
dreamweaver.exe, verze 9.0.0.3453, adresa chyby 0x008e11b7.

[ System Events ]
Error - 20.8.2012 4:00:28 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 20.8.2012 5:37:27 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 20.8.2012 13:28:55 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 21.8.2012 14:02:37 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 22.8.2012 9:16:26 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 23.8.2012 4:17:08 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 27.8.2012 4:42:51 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 29.8.2012 3:34:51 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 30.8.2012 8:52:09 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 31.8.2012 2:45:30 | Computer Name = LUKASHAJEK | Source = Service Control Manager | ID = 7000
Description = Služba ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## neuspěla
při spuštění v důsledku následující chyby: %%2

< End of report >

lukashajek · #11 Příspěvek od **lukashajek** » 31 srp 2012 18:33

OTL logfile created on: 31.8.2012 18:48:48 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Lukas Hajek\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 63,98% Memory free
4,35 Gb Paging File | 3,37 Gb Available in Paging File | 77,43% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 34,39 Gb Free Space | 46,15% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 15,10 Gb Free Space | 20,26% Space Free | Partition Type: NTFS

Computer Name: LUKASHAJEK | User Name: Lukas Hajek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.08.31 18:47:51 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lukas Hajek\Dokumenty\Stažené soubory\OTL.exe
PRC - [2012.08.07 17:57:43 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.07.19 17:07:19 | 000,400,352 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2011.09.10 11:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\apache\bin\httpd.exe
PRC - [2011.09.09 19:46:11 | 008,158,720 | ---- | M] () -- F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\mysql\bin\mysqld.exe
PRC - [2011.02.23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.10.11 05:17:45 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009.07.07 03:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.07 11:01:32 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007.09.20 16:35:40 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.09.20 16:35:10 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2007.04.19 05:54:05 | 016,083,128 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe
PRC - [2006.10.23 00:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2003.12.08 18:35:14 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
PRC - [2003.10.23 10:37:46 | 000,962,560 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

========== Modules (No Company Name) ==========

MOD - [2012.08.31 10:29:19 | 001,805,824 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12083100\algo.dll
MOD - [2012.08.30 21:12:28 | 001,805,824 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12083001\algo.dll
MOD - [2012.08.09 14:44:35 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012.08.07 17:57:42 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.07.19 17:07:21 | 001,936,352 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2012.07.19 17:07:21 | 000,162,784 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.07.19 17:07:21 | 000,021,984 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2011.09.09 19:46:11 | 008,158,720 | ---- | M] () -- F:\___joomlasoft\xampp-win32-1.7.7-VC9\xampp\mysql\bin\mysqld.exe
MOD - [2011.02.23 16:04:14 | 000,144,672 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll
MOD - [2007.02.21 03:48:18 | 002,322,432 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Resources.dll
MOD - [2007.02.21 03:23:32 | 000,233,472 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\JSExtensions\TSL.dll
MOD - [2007.02.21 03:23:30 | 000,442,368 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\Workspace.dll
MOD - [2007.02.21 03:23:26 | 000,196,608 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\JSExtensions\MM.dll
MOD - [2007.02.21 03:23:22 | 000,176,128 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\JSExtensions\DWfile.dll
MOD - [2007.02.21 03:23:20 | 000,192,512 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\JSExtensions\SWFFile.dll
MOD - [2007.02.21 03:22:42 | 000,139,264 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\libcurl.dll
MOD - [2007.02.21 03:22:32 | 000,073,728 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\NetIO.dll
MOD - [2007.02.21 03:22:26 | 000,143,360 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\CoreTypes.dll
MOD - [2007.02.21 03:11:00 | 000,159,744 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\ssleay32.dll
MOD - [2007.02.21 03:10:58 | 000,843,776 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\libeay32.dll
MOD - [2007.02.21 03:09:14 | 000,094,208 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\plug-ins\BMP Import Export.x32
MOD - [2006.05.14 15:44:00 | 000,070,144 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.07 17:57:43 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.02.23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2007.11.07 11:01:32 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)
SRV - [2000.05.24 16:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\ATMsrvc.exe -- (ATMsrvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a3suwfxa)
DRV - [2011.02.23 15:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.02.23 15:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.02.23 15:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.02.23 15:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.02.23 15:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.02.23 15:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.02.23 15:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.07.23 13:47:23 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (saskutil)
DRV - [2010.07.23 13:47:23 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010.07.23 13:47:23 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (sasenum)
DRV - [2009.05.27 18:53:19 | 000,029,584 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\regguard.sys -- (regguard)
DRV - [2008.08.14 21:57:55 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.03.13 13:51:52 | 000,057,536 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2008.03.13 13:50:02 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2008.02.29 03:37:50 | 000,093,232 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2003.06.20 12:18:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.BAK -- (Aspi32)
DRV - [2003.05.09 07:00:56 | 000,033,248 | ---- | M] (Sonic Focus, Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sf.sys -- (sf)
DRV - [2003.02.10 15:30:04 | 000,020,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\PARCLASS.SYS -- (Parclass)
DRV - [2002.09.20 20:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-329068152-1580818891-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-329068152-1580818891-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-329068152-1580818891-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-329068152-1580818891-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.07 17:57:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.16 17:07:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 20:35:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010.09.12 18:11:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla\Extensions
[2010.09.12 18:11:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.08.08 19:20:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla\Firefox\Profiles\r6phlahc.default\extensions
[2010.06.25 12:17:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla\Firefox\Profiles\r6phlahc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.09 12:07:32 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla\Firefox\Profiles\r6phlahc.default\extensions\piclens@cooliris.com
[2011.11.25 19:20:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.07 17:57:43 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.08.29 23:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012.01.19 10:47:04 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.19 10:47:04 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.01.19 10:47:04 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.19 10:47:04 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.19 10:47:04 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.05 22:08:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-329068152-1580818891-839522115-1004\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-329068152-1580818891-839522115-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKU\S-1-5-21-329068152-1580818891-839522115-1004..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\Lukas Hajek\Nabídka Start\Programy\Po spuštění\ActiveHelper Support Panel.lnk = File not found
O4 - Startup: C:\Documents and Settings\Lukas Hajek\Nabídka Start\Programy\Po spuštění\BootLogXP.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-1580818891-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-329068152-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-329068152-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-329068152-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.cz/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0C7A340-E839-49D0-BBE2-B9BBC53802C1}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\USERINIT.EXE (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.11.06 16:00:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.08.22 18:43:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lukas Hajek\Plocha\worryteam
[2012.08.13 14:22:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.13 12:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lukas Hajek\Local Settings\Data aplikací\Temp
[2012.08.09 14:44:35 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.02 19:14:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lukas Hajek\Recent
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.08.31 18:56:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.31 15:59:07 | 001,169,424 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\com_jevents_2.2.5.zip
[2012.08.31 11:08:36 | 000,025,087 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\pkg_articleautomanager_v2.0.1_J1.7-2.5.zip
[2012.08.31 08:45:13 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
[2012.08.31 08:44:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.31 08:44:04 | 3219,906,560 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.31 08:44:04 | 2017,722,365 | ---- | M] () -- C:\LogFile.Etl
[2012.08.30 16:13:19 | 001,096,365 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\atp_poukay copy.pdf
[2012.08.30 16:12:35 | 003,356,942 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\atp_poukay.psd
[2012.08.30 14:51:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.29 19:05:58 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.08.29 15:42:18 | 000,879,613 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\Benzinka.png
[2012.08.29 15:04:36 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\joomlasites.lnk
[2012.08.29 10:34:17 | 007,665,640 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\RD_ALBRECTICE_03.psd
[2012.08.16 10:13:03 | 002,212,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.15 19:50:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.09 23:02:06 | 000,220,699 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\skovajsa2012-3.jpg
[2012.08.09 14:44:35 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.09 14:44:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.09 14:42:51 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2012.08.03 15:55:14 | 000,000,082 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Plocha\Industrial Gallery - CHCEŠ VÝSTAVU.URL
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.08.31 18:56:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.31 15:59:07 | 001,169,424 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\com_jevents_2.2.5.zip
[2012.08.31 11:08:35 | 000,025,087 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\pkg_articleautomanager_v2.0.1_J1.7-2.5.zip
[2012.08.30 16:13:18 | 001,096,365 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\atp_poukay copy.pdf
[2012.08.30 16:09:53 | 003,356,942 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\atp_poukay.psd
[2012.08.29 19:05:19 | 000,032,659 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\obrazova_dokumentace_projektu.2.jpg
[2012.08.29 19:02:32 | 000,074,834 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\04-obrazova_dokumentace_projektu02.jpg
[2012.08.29 15:42:17 | 000,879,613 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\Benzinka.png
[2012.08.29 15:04:36 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\joomlasites.lnk
[2012.08.29 10:34:16 | 007,665,640 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\RD_ALBRECTICE_03.psd
[2012.08.15 19:48:14 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.08.09 23:02:05 | 000,220,699 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\skovajsa2012-3.jpg
[2012.08.09 14:42:51 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader X.lnk
[2012.08.09 14:42:51 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2012.08.03 15:55:14 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Plocha\Industrial Gallery - CHCEŠ VÝSTAVU.URL
[2012.07.02 18:04:24 | 000,000,037 | -HS- | C] () -- C:\Documents and Settings\Lukas Hajek\Local Settings\Data aplikací\16917658654e8da2d20df458.29884616
[2012.02.16 10:14:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2008.02.03 17:47:14 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2007.11.19 12:28:19 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Local Settings\Data aplikací\fusioncache.dat
[2007.11.15 14:16:33 | 000,095,744 | ---- | C] () -- C:\Documents and Settings\Lukas Hajek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.06 20:52:09 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache

========== LOP Check ==========

[2010.03.17 11:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.05.14 15:11:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.08.31 16:39:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2008.02.13 20:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2008.01.23 23:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2007.11.06 22:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PACE Anti-Piracy
[2009.12.21 17:25:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Western Digital
[2008.05.16 09:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Arduino
[2011.02.10 17:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\avidemux
[2012.08.02 19:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\BitTorrent
[2008.05.06 12:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Cycling '74
[2008.08.14 21:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\DAEMON Tools
[2008.08.30 15:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\DNA
[2012.08.30 18:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\FileZilla
[2012.07.02 18:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\LiveChat
[2007.11.06 22:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\PACE Anti-Piracy
[2008.02.16 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Regrun
[2009.12.16 10:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Thinstall
[2010.09.12 18:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Thunderbird
[2008.01.28 15:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\TrojanHunter
[2008.06.29 10:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Uniblue
[2012.07.11 16:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\WebsiteChat
[2010.08.29 11:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Western Digital

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007.09.20 16:35:10 | 000,202,024 | ---- | M] (Nero AG)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004.08.04 01:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: CSRSS.EXE >
[2006.03.02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490E6E57E54FAF5F23F658EA188405A1 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008.04.14 05:22:17 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: FASTFAT.SYS >
[2006.03.02 14:00:00 | 000,143,360 | ---- | M] (Microsoft Corporation) MD5=3117F595E9615E04F05A54FC15A03B20 -- C:\WINDOWS\$NtServicePackUninstall$\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\ServicePackFiles\i386\fastfat.sys
[2008.04.13 21:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) MD5=38D332A6D56AF32635675F132548343E -- C:\WINDOWS\system32\drivers\fastfat.sys

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.09.06 12:40:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTFS.SYS >
[2007.02.09 13:23:36 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=05AB81909514BFD69CBB1F2C147CF6B9 -- C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[2007.02.09 13:10:35 | 000,574,464 | ---- | M] (Microsoft Corporation) MD5=19A811EF5F1ED5C926A028CE107FF1AF -- C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ServicePackFiles\i386\ntfs.sys
[2008.04.13 21:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004.08.03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS
[2006.03.02 14:00:00 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2006.03.02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2006.03.02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=21B6FAA88044A41640E03EBB68BE93E8 -- C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2005.06.11 02:17:13 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=AD3D9D191AEA7B5445FE1D82FFBB4788 -- C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
[2008.04.14 05:22:48 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
[2005.06.11 01:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\USERINIT.EXE
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2008.10.09 07:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD99.DLL
[2008.10.09 07:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP99.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2008.04.14 05:21:36 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008.04.14 05:21:36 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008.04.14 05:21:36 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008.04.14 05:21:36 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008.04.14 05:21:36 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008.04.14 05:21:36 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008.04.14 05:21:36 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2003.06.20 12:18:00 | 000,025,244 | ---- | M] (Adaptec) -- C:\WINDOWS\system32\drivers\aspi32.BAK
[2004.07.17 11:36:24 | 000,064,352 | ---- | M] () -- C:\WINDOWS\system32\drivers\ativmc20.cod
[2008.04.14 05:21:37 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008.04.14 05:21:37 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008.04.14 05:21:37 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008.04.14 05:21:37 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008.04.14 05:21:37 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008.04.14 05:21:38 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004.07.18 00:55:24 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfS2.cty
[2006.03.02 14:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2006.03.02 14:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
[2004.07.17 11:35:00 | 000,067,866 | ---- | M] () -- C:\WINDOWS\system32\drivers\netwlan5.img
[2008.04.14 05:21:55 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008.04.14 05:22:04 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.08.14 21:57:55 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2012.08.30 14:51:30 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >
[2007.11.06 16:43:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007.11.06 16:43:58 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.11.06 16:43:58 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\spool\PRINTERS\*.tmp files -> C:\WINDOWS\system32\spool\PRINTERS\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2007.11.06 16:48:29 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2010.09.12 20:03:21 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\QTSBandwidthCache

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\ARM\Reader_10.1.0\30589\AcrobatUpdater.exe
[2012.01.03 09:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\ARM\Reader_10.1.0\30589\AdobeARM.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\ARM\Reader_10.1.0\30589\AdobeARMHelper.exe
[2012.01.03 09:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\ARM\Reader_10.1.0\30589\ReaderUpdater.exe
[2010.11.16 09:44:30 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA0000000001}\setup.exe
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2012.08.30 16:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Adobe
[2007.11.13 20:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Ahead
[2007.11.06 20:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Apple Computer
[2008.05.16 09:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Arduino
[2011.02.10 17:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\avidemux
[2012.08.02 19:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\BitTorrent
[2008.02.14 19:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\CyberLink
[2008.05.06 12:18:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Cycling '74
[2008.08.14 21:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\DAEMON Tools
[2008.08.30 15:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\DNA
[2010.12.19 17:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\dvdcss
[2012.08.30 18:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\FileZilla
[2009.03.12 16:55:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Google
[2008.01.08 15:56:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Help
[2007.11.06 17:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Identities
[2012.07.02 18:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\LiveChat
[2007.11.06 21:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Macromedia
[2009.11.16 10:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Malwarebytes
[2012.08.13 12:40:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Microsoft
[2009.05.23 22:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla
[2007.11.18 15:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Nero
[2007.11.06 22:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\PACE Anti-Piracy
[2008.04.03 12:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\PSpad
[2008.02.16 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Regrun
[2012.08.29 20:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Skype
[2011.08.04 11:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\skypePM
[2007.11.06 22:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Sun
[2009.05.25 15:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\SUPERAntiSpyware.com
[2008.01.24 16:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Talkback
[2009.12.16 10:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Thinstall
[2010.09.12 18:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Thunderbird
[2008.01.28 15:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\TrojanHunter
[2008.02.02 11:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\U3
[2008.06.29 10:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Uniblue
[2008.04.26 11:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\vlc
[2012.07.11 16:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\WebsiteChat
[2010.08.29 11:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Western Digital
[2007.11.17 20:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lukas Hajek\Data aplikací\WinRAR

< %APPDATA%\*.* >
[2007.11.06 16:48:29 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Lukas Hajek\Data aplikací\desktop.ini

< %APPDATA%\*.exe /s >
[2012.02.06 14:07:28 | 000,425,984 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla\Firefox\Profiles\r6phlahc.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
[2012.02.06 14:07:28 | 000,545,792 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Data aplikací\Mozilla\Firefox\Profiles\r6phlahc.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
[2006.05.23 19:05:50 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Lukas Hajek\Data aplikací\U3\temp\cleanup.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-08-15 17:51:07

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.31 18:56:23 | 000,000,512 | ---- | M] () MD5=DA62E461ECD0709589CCD051E53D7967 -- C:\PhysicalMBR.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 1281 bytes -> C:\Program Files\Common Files\Microsoft Shared:RuptKa8AYzw4kyadQt4AwMD3
@Alternate Data Stream - 1209 bytes -> C:\Documents and Settings\All Users\Data aplikací\Microsoft:ksSUsjZlqsG5GTVMo2BqO
@Alternate Data Stream - 1154 bytes -> C:\Documents and Settings\All Users\Data aplikací\Microsoft:7QVzxPeekAsfFwMiRq0rWvT
@Alternate Data Stream - 1125 bytes -> C:\Documents and Settings\Lukas Hajek\Cookies:0Xj8JhIA9doa3spDEKRO5S2B

< End of report >

#12 Příspěvek od **motji** » 31 srp 2012 22:09

Něco se mi tam nelíbí.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

lukashajek · #13 Příspěvek od **lukashajek** » 03 zář 2012 09:54

log v priloze. dekuji za kontrolu.

#14 Příspěvek od **motji** » 03 zář 2012 10:42

Co TB?

lukashajek · #15 Příspěvek od **lukashajek** » 03 zář 2012 10:47

Dobry den, bohuzel stale to blbne. Zkusil jsem promazat postu (mela 4gb), ale nepomohlo to. Asi to neni problem TB, ale systemu. Pravdepodobne budu muset preinstalovat XP. Dekuji za pomoc.

VIRY.CZ

Prosim o kontrolu, problemy pri spustenem thunderbirdu

Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu

Re: Prosim o kontrolu, problemy pri spustenem thunderbirdu