Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomas at 2010-03-27 11:44:18
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (16%) free of 15 GB
Total RAM: 767 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:45, on 27.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Student DOG\StudentDOG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Dokumenty\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tomas.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StudentDOG] C:\Program Files\Student DOG\StudentDOG.exe -h
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate1ca21d1d7bce8e6) (gupdate1ca21d1d7bce8e6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6377 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll [2009-08-20 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2006-12-28 4579328]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-06-01 1501064]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-21 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-21 110696]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"StudentDOG"=C:\Program Files\Student DOG\StudentDOG.exe [2009-11-04 2195456]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-20 198160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-10-12 393216]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Tomas\Nabídka Start\Programy\Po spuštění
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"F:\Program Files\Sacred\Sacred.exe"="F:\Program Files\Sacred\Sacred.exe:*:Enabled:Sacred"
"F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d"
"F:\DNMP\prism3d.exe"="F:\DNMP\prism3d.exe:*:Enabled:prism3d"
"C:\WINDOWS\system32\winsys32.exe"="C:\WINDOWS\system32\winsys32.exe:*:Enabled:WINSYSTM"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0adf4191-d5c2-11de-ad1a-0013d3649401}]
shell\AutoRun\command - G:\Autorun.exe
======List of files/folders created in the last 1 months======
2010-03-27 11:44:18 ----D---- C:\rsit
2010-03-23 20:47:42 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-03-23 20:47:21 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-03-23 20:47:18 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-03-23 20:47:14 ----D---- C:\Program Files\Zone Labs
2010-03-23 20:46:42 ----D---- C:\WINDOWS\Internet Logs
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-03-23 20:46:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-03-23 13:12:32 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
2010-03-23 13:12:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-23 13:12:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-23 03:25:31 ----RASHD---- C:\autorun.inf
2010-03-19 18:00:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-03-19 18:00:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-19 17:58:01 ----D---- C:\Program Files\a-squared Free
2010-03-17 18:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2010-03-16 20:40:25 ----D---- C:\Program Files\Mixxx
2010-03-10 00:15:23 ----HD---- C:\WINDOWS\PIF
2010-03-01 16:59:07 ----D---- C:\Program Files\Microsoft IntelliType Pro
2010-03-01 14:11:05 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-03-01 02:59:14 ----D---- C:\Documents and Settings\Tomas\Data aplikací\foobar2000
2010-03-01 01:29:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
======List of files/folders modified in the last 1 months======
2010-03-27 11:44:33 ----D---- C:\WINDOWS\Prefetch
2010-03-27 11:37:40 ----D---- C:\WINDOWS\Temp
2010-03-27 11:24:19 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-27 01:51:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-26 20:49:42 ----D---- C:\Documents and Settings\Tomas\Data aplikací\AIMP
2010-03-26 20:49:34 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Skype
2010-03-26 20:23:17 ----D---- C:\Documents and Settings\Tomas\Data aplikací\skypePM
2010-03-26 09:12:55 ----D---- C:\WINDOWS
2010-03-26 09:11:30 ----HD---- C:\Config.Msi
2010-03-26 00:39:49 ----SHD---- C:\WINDOWS\Installer
2010-03-26 00:34:58 ----RD---- C:\Program Files
2010-03-25 12:12:24 ----D---- C:\WINDOWS\system32\Restore
2010-03-24 01:23:01 ----D---- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
2010-03-23 21:36:09 ----D---- C:\Program Files\Mozilla Firefox
2010-03-23 20:47:45 ----D---- C:\WINDOWS\system32
2010-03-23 20:41:27 ----D---- C:\WINDOWS\system32\drivers
2010-03-23 20:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-23 12:54:01 ----D---- C:\Program Files\HD Tune Pro
2010-03-23 03:25:00 ----SHD---- C:\RECYCLER
2010-03-21 00:48:56 ----D---- C:\Documents and Settings\Tomas\Data aplikací\uTorrent
2010-03-18 19:40:03 ----D---- C:\Program Files\Hide Real IP
2010-03-18 19:38:42 ----D---- C:\WINDOWS\Minidump
2010-03-17 18:09:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-17 18:09:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-17 11:29:29 ----HD---- C:\WINDOWS\inf
2010-03-04 21:16:18 ----D---- C:\Program Files\PopCap Games
2010-03-04 17:13:08 ----D---- C:\WINDOWS\Help
2010-03-02 13:18:36 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-01 17:01:25 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-01 17:00:39 ----SD---- C:\Documents and Settings\Tomas\Data aplikací\Microsoft
2010-03-01 17:00:36 ----SD---- C:\WINDOWS\Tasks
2010-03-01 16:59:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-01 16:59:10 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 14:50:37 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-01 01:28:42 ----D---- C:\WINDOWS\system32\config
2010-03-01 01:28:33 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys []
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S1 es137140;SB AudioPCI 64V; C:\WINDOWS\system32\DRIVERS\es137140.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Program Files\MSI\Live Update 3\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-21 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-30 75064]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca21d1d7bce8e6;Služba Google Update (gupdate1ca21d1d7bce8e6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-20 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Zdravím 
Na logu se pracuje, prosím o strpení.
Na logu se pracuje, prosím o strpení.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Doporučuji odinstalovat a-squared Free. Doporučuji odinstalovat:C:\Program Files\uTorrent\uTorrent.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
K čemu používáte jednotku G: 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte program, poté klikněte na Run Scan
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
-
Anubides
- Vzorný návštěvník
- Příspěvky: 142
- Registrován: 22 bře 2010 22:13
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
utorrent používám sporadicky, je primárně vypnutý, běží jen když ho chci využít.
a-squared free...proč odinstalace? Pomohl mi najít hodně havěti v PC...
Jednotka G: je emulační disk.¨
a-squared free...proč odinstalace? Pomohl mi najít hodně havěti v PC...
Jednotka G: je emulační disk.¨
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Již v PC Antispyware máte, proto ta odinstalace. Počkám na log z OTL.
-
Anubides
- Vzorný návštěvník
- Příspěvky: 142
- Registrován: 22 bře 2010 22:13
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
OTL logfile created on: 27.3.2010 12:24:52 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Tomas\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 391,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,30 Gb Total Space | 2,16 Gb Free Space | 15,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 233,76 Gb Total Space | 117,25 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive G: | 2,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 19,52 Gb Total Space | 12,99 Gb Free Space | 66,55% Space Free | Partition Type: FAT32
Drive I: | 18,80 Gb Total Space | 18,80 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: FANTOMAS
Current User Name: Tomas
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.03.27 12:24:28 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Dokumenty\Downloads\OTL.exe
PRC - [2010.03.22 18:51:30 | 000,530,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.11.22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009.11.22 15:42:50 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009.11.04 15:26:40 | 002,195,456 | ---- | M] () -- C:\Program Files\Student DOG\StudentDOG.exe
PRC - [2009.10.01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2009.08.13 10:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2009.07.21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.12.30 20:28:26 | 000,358,400 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.28 15:09:20 | 004,579,328 | ---- | M] () -- C:\Program Files\VIA\RAID\raid_tool.exe
PRC - [2006.11.17 04:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
========== Modules (SafeList) ==========
MOD - [2010.03.27 12:24:28 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Dokumenty\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009.11.22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009.10.01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2009.07.21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.07.29 18:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.02.22 06:18:39 | 010,231,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.11.25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.22 15:42:54 | 000,486,280 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009.10.17 21:12:05 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ACEDRV05.sys -- (ACEDRV05)
DRV - [2009.05.23 00:08:32 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2009.05.11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.02.17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.02.13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.06.10 10:31:30 | 000,017,920 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 3\Ntaccess.sys -- (WEBNTACCESS)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.03.08 13:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.17 19:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2001.08.17 21:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {a9f9f5dc-9ff8-4816-818d-acab118e6667}:1.300.306
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.3.3
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.URL: "http://search.freecause.com/search?fr=f ... e=60799&p="
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\K-Lite Codec Pack\Real\browserrecord\firefox\ext [2009.08.20 21:10:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.23 21:35:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.23 21:35:36 | 000,000,000 | ---D | M]
[2009.08.29 14:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Extensions
[2010.03.26 19:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions
[2010.03.26 01:37:23 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010.02.24 05:01:25 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.03.21 13:40:36 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.02.24 05:01:08 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010.01.30 14:06:22 | 000,000,000 | ---D | M] (Barn Buddy) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{a9f9f5dc-9ff8-4816-818d-acab118e6667}
[2010.03.21 13:40:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.02.21 00:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\check4change-owner@mozdev.org
[2010.02.24 05:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\noia2_option@kk.noia
[2010.03.18 19:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\personas@christopher.beard
[2009.09.22 17:18:00 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\searchplugins\qipsearch.xml
[2010.01.30 14:06:35 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\searchplugins\search-the-web.xml
[2010.02.18 14:06:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.16 01:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 01:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 01:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 01:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 01:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.03.19 18:34:03 | 000,380,707 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13116 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [StudentDOG] C:\Program Files\Student DOG\StudentDOG.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Microsoft\Wallpaper2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Microsoft\Wallpaper2.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.17 13:00:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.03.23 03:25:31 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.03.23 03:25:31 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008.10.04 08:40:41 | 000,410,888 | R--- | M] (Electronic Arts) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.10.04 08:40:19 | 000,000,000 | R--D | M] - G:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2008.10.04 08:40:40 | 005,867,008 | R--- | M] () - G:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2008.10.04 08:40:23 | 000,000,136 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.07.27 13:32:58 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010.03.23 03:25:34 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010.03.23 03:25:34 | 000,000,000 | RHSD | M] - I:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0adf4191-d5c2-11de-ad1a-0013d3649401}\Shell - "" = AutoRun
O33 - MountPoints2\{0adf4191-d5c2-11de-ad1a-0013d3649401}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008.10.04 08:40:41 | 000,410,888 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.03.27 12:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Dokumenty\Downloads
[2010.03.27 11:44:18 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.26 01:28:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tomas\Recent
[2010.03.24 02:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Plocha\TRF Foto
[2010.03.23 20:47:42 | 000,058,248 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.03.23 20:47:32 | 000,103,816 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.03.23 20:47:32 | 000,069,000 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.03.23 20:47:21 | 000,041,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.03.23 20:47:18 | 001,238,408 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.03.23 20:47:18 | 000,299,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.03.23 20:47:18 | 000,109,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.03.23 20:47:18 | 000,107,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.03.23 20:47:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010.03.23 20:47:15 | 000,486,280 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.03.23 20:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010.03.23 20:46:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010.03.23 20:46:41 | 000,227,720 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.03.23 20:46:41 | 000,112,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.03.23 20:46:40 | 000,621,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.03.23 13:12:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
[2010.03.23 13:12:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.23 13:12:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.03.23 13:12:19 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.23 13:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.23 03:25:31 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010.03.19 18:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.03.19 18:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.03.19 17:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2010.03.19 17:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Dokumenty\a-squared Free
[2010.03.16 20:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mixxx
[2010.03.10 00:15:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010.03.01 16:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2010.03.01 14:40:51 | 010,231,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010.03.01 14:40:51 | 010,231,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010.03.01 14:11:05 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010.03.01 14:11:02 | 014,757,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010.03.01 14:11:02 | 004,075,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010.03.01 14:11:02 | 002,646,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010.03.01 14:11:02 | 002,030,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010.03.01 14:11:01 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010.03.01 14:11:01 | 001,097,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010.03.01 14:11:01 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010.03.01 14:11:01 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010.03.01 02:59:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Data aplikací\foobar2000
[2010.03.01 01:29:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2010.02.25 14:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\CircleDock
[2009.09.20 12:36:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.09.20 12:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.08.22 14:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.08.20 21:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2008.01.17 13:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.01.17 13:00:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.03.27 12:02:49 | 000,000,739 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.03.27 12:02:49 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.27 12:02:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.03.27 11:50:02 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.27 11:26:04 | 000,275,952 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.03.27 11:24:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.27 11:24:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.27 11:23:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.27 11:23:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.27 11:23:28 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.27 01:51:40 | 009,437,184 | -H-- | M] () -- C:\Documents and Settings\Tomas\NTUSER.DAT
[2010.03.25 23:16:49 | 000,072,591 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\24716_376516348471_99917438471_3830638_8320263_n.jpg
[2010.03.25 00:54:35 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\Google Chrome.lnk
[2010.03.24 17:01:56 | 000,006,624 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Souhrn.rtf
[2010.03.24 01:48:58 | 000,023,833 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Hoff Finance Unor - březen.ods
[2010.03.23 20:48:20 | 000,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.03.23 20:47:46 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.03.20 18:29:14 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.20 02:17:11 | 000,198,268 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\SGA-HOFF.rtf
[2010.03.19 18:34:03 | 000,380,707 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.03.15 20:00:47 | 000,120,716 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\200802021447_setlist-sbit-mumbai.jpg
[2010.03.14 00:48:16 | 000,027,812 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Aurora_HighPoly.jpg
[2010.03.09 16:02:21 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\blank2.gif
[2010.03.06 18:20:51 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Excalion.doc
[2010.03.06 12:15:15 | 000,043,496 | ---- | M] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.05 21:33:23 | 000,309,248 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\Epilepsie a epileptické záchvaty patří k.doc
[2010.03.05 01:52:36 | 000,100,809 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Stížnost.jpeg
[2010.03.05 01:48:54 | 000,100,809 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\download.ashx.jpeg
[2010.03.04 21:14:29 | 000,027,709 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\3IOB.odt
[2010.03.04 13:16:34 | 000,002,432 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\New Database.odb
[2010.03.02 13:18:38 | 000,194,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.01 14:52:26 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Tomas\ntuser.ini
[2010.03.01 14:25:03 | 000,019,567 | ---- | M] () -- C:\WINDOWS\hpqins13.dat
[2010.03.01 14:07:11 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010.03.01 02:51:42 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\foobar2000.lnk
[2010.02.27 15:32:50 | 000,017,825 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\NB.odt
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.03.25 23:16:47 | 000,072,591 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\24716_376516348471_99917438471_3830638_8320263_n.jpg
[2010.03.24 16:58:25 | 000,006,624 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Souhrn.rtf
[2010.03.23 20:47:45 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.03.23 20:47:15 | 000,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.03.15 20:00:47 | 000,120,716 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\200802021447_setlist-sbit-mumbai.jpg
[2010.03.14 00:48:14 | 000,027,812 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Aurora_HighPoly.jpg
[2010.03.09 16:02:19 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\blank2.gif
[2010.03.06 16:00:57 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Excalion.doc
[2010.03.05 21:32:51 | 000,309,248 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\Epilepsie a epileptické záchvaty patří k.doc
[2010.03.05 01:52:35 | 000,100,809 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Stížnost.jpeg
[2010.03.05 01:48:54 | 000,100,809 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\download.ashx.jpeg
[2010.03.04 13:04:53 | 000,002,432 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\New Database.odb
[2010.03.01 17:00:56 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\AIMP2.lnk
[2010.03.01 14:53:26 | 804,835,328 | -HS- | C] () -- C:\hiberfil.sys
[2010.03.01 14:11:05 | 000,009,046 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.03.01 14:10:56 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.03.01 14:07:19 | 000,019,567 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2010.03.01 14:07:11 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010.03.01 02:51:35 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\foobar2000.lnk
[2010.02.28 19:40:38 | 020,371,048 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\bulanci.exe
[2010.02.27 15:32:50 | 000,017,825 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\NB.odt
[2010.02.27 02:27:30 | 000,027,709 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\3IOB.odt
[2010.02.25 23:43:46 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\Mozilla Firefox.lnk
[2009.11.27 13:10:36 | 000,004,821 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.09.24 23:23:18 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2009.09.04 20:43:03 | 000,000,169 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.08.31 23:15:59 | 000,138,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.08.25 23:49:54 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2009.08.22 18:17:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.06.02 14:53:24 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2008.06.02 14:49:08 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.06.02 14:49:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008.06.02 14:49:03 | 002,402,304 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2008.06.02 14:49:02 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.06.02 14:49:02 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.06.02 14:49:01 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.06.02 14:48:58 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.06.02 14:48:58 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.06.02 14:41:17 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.02 14:24:13 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.06.02 14:24:01 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
< End of report >
EXTRAS LOG:
OTL Extras logfile created on: 27.3.2010 12:24:52 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Tomas\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 391,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,30 Gb Total Space | 2,16 Gb Free Space | 15,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 233,76 Gb Total Space | 117,25 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive G: | 2,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 19,52 Gb Total Space | 12,99 Gb Free Space | 66,55% Space Free | Partition Type: FAT32
Drive I: | 18,80 Gb Total Space | 18,80 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: FANTOMAS
Current User Name: Tomas
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Metin2_CZ\metin2.bin" = C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2 -- ()
"F:\Program Files\Sacred\Sacred.exe" = F:\Program Files\Sacred\Sacred.exe:*:Enabled:Sacred -- File not found
"F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe" = F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred -- (studio II Software)
"E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe" = E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d -- File not found
"F:\DNMP\prism3d.exe" = F:\DNMP\prism3d.exe:*:Enabled:prism3d -- File not found
"C:\WINDOWS\system32\winsys32.exe" = C:\WINDOWS\system32\winsys32.exe:*:Enabled:WINSYSTM -- File not found
"C:\Program Files\Metin2_CZ\metin2client.bin" = C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp" = C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B6A9773-F8F8-4D3F-BCF0-029D2B87DB8A}" = Deus Ex - Invisible War
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}" = HP Print Diagnostic Utility
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2DBADDC3-574E-4CD1-A707-C8FC37CBA0F0}" = Sacred Gold
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{654E2C4D-B73A-4413-ADBD-0B690CF7E1B6}" = 5248
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A33E4E6D-75C4-4AB6-BD2E-E1D830DB2B2D}" = 74
"{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}" = NHL® 08
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CA8C4435-4DF7-4FEB-9C87-4AB93DE8FD7B}" = OpenOffice.org 2.3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D12631DE-39AA-47B7-9507-12BC741BD8E8}" = 14410
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9B3B577-26BD-4CB2-9072-8029AE097AFE}" = Quake Live Mozilla Plugin
"{DB7A82EA-3B5E-4942-ADAE-0E8B69989F80}" = 2936
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMP2" = AIMP2
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"a-squared Free_is1" = a-squared Free 4.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"Defraggler" = Defraggler (remove only)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Earth 2160_is1" = Earth 2160 1.3.7 CZ
"ESET Online Scanner" = ESET Online Scanner v3
"foobar2000" = foobar2000 v1.0
"Google Chrome" = Google Chrome
"HD Tune Pro_is1" = HD Tune Pro 3.10
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.8.5
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mixxx" = Mixxx 1.7.0
"MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.0
"Mozilla Firefox (3.6.2)" = Mozilla Firefox (3.6.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI Live Update 3" = MSI Live Update 3
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Scorpions WinCheater 2.07 (s databází 87)_is1" = Scorpions WinCheater
"Student DOG_is1" = Student DOG 1.8
"VirtualCloneDrive" = VirtualCloneDrive
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Worms Armageddon - New Edition" = Worms Armageddon - New Edition
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm" = ZoneAlarm
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.1.2010 4:40:04 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 13.1.2010 8:04:33 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 15.1.2010 20:03:15 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 16.1.2010 7:49:11 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 18.1.2010 7:42:17 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 19.1.2010 8:52:27 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 21.1.2010 7:51:47 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 24.1.2010 8:06:39 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 25.1.2010 9:34:09 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 28.1.2010 2:40:37 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
[ Application Events ]
Error - 13.1.2010 4:40:04 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 13.1.2010 8:04:33 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 15.1.2010 20:03:15 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 16.1.2010 7:49:11 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 18.1.2010 7:42:17 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 19.1.2010 8:52:27 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 21.1.2010 7:51:47 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 24.1.2010 8:06:39 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 25.1.2010 9:34:09 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 28.1.2010 2:40:37 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
[ System Events ]
Error - 25.3.2010 21:10:19 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 25.3.2010 21:12:55 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 26.3.2010 4:12:39 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
TrueVector Internet Monitor.
Error - 26.3.2010 4:12:39 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7000
Description = Služba TrueVector Internet Monitor neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 26.3.2010 20:48:51 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 26.3.2010 20:51:12 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 27.3.2010 6:24:35 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
TrueVector Internet Monitor.
Error - 27.3.2010 6:24:35 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7000
Description = Služba TrueVector Internet Monitor neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 27.3.2010 6:25:27 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba brány aplikačního rozhraní.
Error - 27.3.2010 6:25:33 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1053
< End of report >
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Tomas\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 391,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,30 Gb Total Space | 2,16 Gb Free Space | 15,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 233,76 Gb Total Space | 117,25 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive G: | 2,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 19,52 Gb Total Space | 12,99 Gb Free Space | 66,55% Space Free | Partition Type: FAT32
Drive I: | 18,80 Gb Total Space | 18,80 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: FANTOMAS
Current User Name: Tomas
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.03.27 12:24:28 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Dokumenty\Downloads\OTL.exe
PRC - [2010.03.22 18:51:30 | 000,530,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.11.22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2009.11.22 15:42:50 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009.11.04 15:26:40 | 002,195,456 | ---- | M] () -- C:\Program Files\Student DOG\StudentDOG.exe
PRC - [2009.10.01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2009.08.13 10:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2009.07.21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.12.30 20:28:26 | 000,358,400 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.28 15:09:20 | 004,579,328 | ---- | M] () -- C:\Program Files\VIA\RAID\raid_tool.exe
PRC - [2006.11.17 04:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
========== Modules (SafeList) ==========
MOD - [2010.03.27 12:24:28 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomas\Dokumenty\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009.11.22 15:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009.10.01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2009.07.21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.07.29 18:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2010.02.22 06:18:39 | 010,231,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.11.25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.22 15:42:54 | 000,486,280 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009.10.17 21:12:05 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ACEDRV05.sys -- (ACEDRV05)
DRV - [2009.05.23 00:08:32 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2009.05.11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.02.17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.02.13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.06.10 10:31:30 | 000,017,920 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 3\Ntaccess.sys -- (WEBNTACCESS)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.03.08 13:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.17 19:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2001.08.17 21:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {a9f9f5dc-9ff8-4816-818d-acab118e6667}:1.300.306
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.8
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.3.3
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..keyword.URL: "http://search.freecause.com/search?fr=f ... e=60799&p="
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\K-Lite Codec Pack\Real\browserrecord\firefox\ext [2009.08.20 21:10:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.23 21:35:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.23 21:35:36 | 000,000,000 | ---D | M]
[2009.08.29 14:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Extensions
[2010.03.26 19:56:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions
[2010.03.26 01:37:23 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010.02.24 05:01:25 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.03.21 13:40:36 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.02.24 05:01:08 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010.01.30 14:06:22 | 000,000,000 | ---D | M] (Barn Buddy) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{a9f9f5dc-9ff8-4816-818d-acab118e6667}
[2010.03.21 13:40:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.02.21 00:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\check4change-owner@mozdev.org
[2010.02.24 05:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\noia2_option@kk.noia
[2010.03.18 19:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\extensions\personas@christopher.beard
[2009.09.22 17:18:00 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\searchplugins\qipsearch.xml
[2010.01.30 14:06:35 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\Tomas\Data aplikací\Mozilla\Firefox\Profiles\g70v3kgz.default\searchplugins\search-the-web.xml
[2010.02.18 14:06:14 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.16 01:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 01:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 01:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 01:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 01:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.03.19 18:34:03 | 000,380,707 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13116 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [StudentDOG] C:\Program Files\Student DOG\StudentDOG.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Microsoft\Wallpaper2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tomas\Local Settings\Data aplikací\Microsoft\Wallpaper2.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.17 13:00:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.03.23 03:25:31 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.03.23 03:25:31 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008.10.04 08:40:41 | 000,410,888 | R--- | M] (Electronic Arts) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.10.04 08:40:19 | 000,000,000 | R--D | M] - G:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2008.10.04 08:40:40 | 005,867,008 | R--- | M] () - G:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2008.10.04 08:40:23 | 000,000,136 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009.07.27 13:32:58 | 000,000,000 | ---- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010.03.23 03:25:34 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010.03.23 03:25:34 | 000,000,000 | RHSD | M] - I:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0adf4191-d5c2-11de-ad1a-0013d3649401}\Shell - "" = AutoRun
O33 - MountPoints2\{0adf4191-d5c2-11de-ad1a-0013d3649401}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2008.10.04 08:40:41 | 000,410,888 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.03.27 12:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Dokumenty\Downloads
[2010.03.27 11:44:18 | 000,000,000 | ---D | C] -- C:\rsit
[2010.03.26 01:28:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tomas\Recent
[2010.03.24 02:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Plocha\TRF Foto
[2010.03.23 20:47:42 | 000,058,248 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.03.23 20:47:32 | 000,103,816 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.03.23 20:47:32 | 000,069,000 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.03.23 20:47:21 | 000,041,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.03.23 20:47:18 | 001,238,408 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.03.23 20:47:18 | 000,299,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.03.23 20:47:18 | 000,109,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.03.23 20:47:18 | 000,107,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.03.23 20:47:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010.03.23 20:47:15 | 000,486,280 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.03.23 20:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010.03.23 20:46:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010.03.23 20:46:41 | 000,227,720 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.03.23 20:46:41 | 000,112,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.03.23 20:46:40 | 000,621,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.03.23 13:12:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
[2010.03.23 13:12:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.23 13:12:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.03.23 13:12:19 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.23 13:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.03.23 03:25:31 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010.03.19 18:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.03.19 18:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2010.03.19 17:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2010.03.19 17:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Dokumenty\a-squared Free
[2010.03.16 20:40:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mixxx
[2010.03.10 00:15:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010.03.01 16:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2010.03.01 14:40:51 | 010,231,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010.03.01 14:40:51 | 010,231,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010.03.01 14:11:05 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010.03.01 14:11:02 | 014,757,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010.03.01 14:11:02 | 004,075,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010.03.01 14:11:02 | 002,646,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010.03.01 14:11:02 | 002,030,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010.03.01 14:11:01 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010.03.01 14:11:01 | 001,097,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010.03.01 14:11:01 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010.03.01 14:11:01 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010.03.01 02:59:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Data aplikací\foobar2000
[2010.03.01 01:29:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2010.02.25 14:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\CircleDock
[2009.09.20 12:36:37 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.09.20 12:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.08.22 14:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2009.08.20 21:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2008.01.17 13:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.01.17 13:00:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.03.27 12:02:49 | 000,000,739 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.03.27 12:02:49 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.27 12:02:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.03.27 11:50:02 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.27 11:26:04 | 000,275,952 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.03.27 11:24:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.27 11:24:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.27 11:23:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.27 11:23:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.27 11:23:28 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.27 01:51:40 | 009,437,184 | -H-- | M] () -- C:\Documents and Settings\Tomas\NTUSER.DAT
[2010.03.25 23:16:49 | 000,072,591 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\24716_376516348471_99917438471_3830638_8320263_n.jpg
[2010.03.25 00:54:35 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\Google Chrome.lnk
[2010.03.24 17:01:56 | 000,006,624 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Souhrn.rtf
[2010.03.24 01:48:58 | 000,023,833 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Hoff Finance Unor - březen.ods
[2010.03.23 20:48:20 | 000,422,437 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.03.23 20:47:46 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.03.20 18:29:14 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.20 02:17:11 | 000,198,268 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\SGA-HOFF.rtf
[2010.03.19 18:34:03 | 000,380,707 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.03.15 20:00:47 | 000,120,716 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\200802021447_setlist-sbit-mumbai.jpg
[2010.03.14 00:48:16 | 000,027,812 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Aurora_HighPoly.jpg
[2010.03.09 16:02:21 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\blank2.gif
[2010.03.06 18:20:51 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Excalion.doc
[2010.03.06 12:15:15 | 000,043,496 | ---- | M] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.05 21:33:23 | 000,309,248 | ---- | M] () -- C:\Documents and Settings\Tomas\Plocha\Epilepsie a epileptické záchvaty patří k.doc
[2010.03.05 01:52:36 | 000,100,809 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\Stížnost.jpeg
[2010.03.05 01:48:54 | 000,100,809 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\download.ashx.jpeg
[2010.03.04 21:14:29 | 000,027,709 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\3IOB.odt
[2010.03.04 13:16:34 | 000,002,432 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\New Database.odb
[2010.03.02 13:18:38 | 000,194,568 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.01 14:52:26 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Tomas\ntuser.ini
[2010.03.01 14:25:03 | 000,019,567 | ---- | M] () -- C:\WINDOWS\hpqins13.dat
[2010.03.01 14:07:11 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010.03.01 02:51:42 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\foobar2000.lnk
[2010.02.27 15:32:50 | 000,017,825 | ---- | M] () -- C:\Documents and Settings\Tomas\Dokumenty\NB.odt
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.03.25 23:16:47 | 000,072,591 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\24716_376516348471_99917438471_3830638_8320263_n.jpg
[2010.03.24 16:58:25 | 000,006,624 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Souhrn.rtf
[2010.03.23 20:47:45 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.03.23 20:47:15 | 000,422,437 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.03.15 20:00:47 | 000,120,716 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\200802021447_setlist-sbit-mumbai.jpg
[2010.03.14 00:48:14 | 000,027,812 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Aurora_HighPoly.jpg
[2010.03.09 16:02:19 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\blank2.gif
[2010.03.06 16:00:57 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Excalion.doc
[2010.03.05 21:32:51 | 000,309,248 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\Epilepsie a epileptické záchvaty patří k.doc
[2010.03.05 01:52:35 | 000,100,809 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\Stížnost.jpeg
[2010.03.05 01:48:54 | 000,100,809 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\download.ashx.jpeg
[2010.03.04 13:04:53 | 000,002,432 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\New Database.odb
[2010.03.01 17:00:56 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\AIMP2.lnk
[2010.03.01 14:53:26 | 804,835,328 | -HS- | C] () -- C:\hiberfil.sys
[2010.03.01 14:11:05 | 000,009,046 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.03.01 14:10:56 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.03.01 14:07:19 | 000,019,567 | ---- | C] () -- C:\WINDOWS\hpqins13.dat
[2010.03.01 14:07:11 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010.03.01 02:51:35 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\foobar2000.lnk
[2010.02.28 19:40:38 | 020,371,048 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\bulanci.exe
[2010.02.27 15:32:50 | 000,017,825 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\NB.odt
[2010.02.27 02:27:30 | 000,027,709 | ---- | C] () -- C:\Documents and Settings\Tomas\Dokumenty\3IOB.odt
[2010.02.25 23:43:46 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Tomas\Plocha\Mozilla Firefox.lnk
[2009.11.27 13:10:36 | 000,004,821 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.09.24 23:23:18 | 000,000,122 | ---- | C] () -- C:\WINDOWS\WA.INI
[2009.09.04 20:43:03 | 000,000,169 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.08.31 23:15:59 | 000,138,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.08.25 23:49:54 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2009.08.22 18:17:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.06.02 14:53:24 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2008.06.02 14:49:08 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.06.02 14:49:07 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008.06.02 14:49:03 | 002,402,304 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2008.06.02 14:49:02 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.06.02 14:49:02 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.06.02 14:49:01 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.06.02 14:48:58 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.06.02 14:48:58 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.06.02 14:41:17 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\Tomas\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.02 14:24:13 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.06.02 14:24:01 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
< End of report >
EXTRAS LOG:
OTL Extras logfile created on: 27.3.2010 12:24:52 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Tomas\Dokumenty\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 391,00 Mb Available Physical Memory | 51,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,30 Gb Total Space | 2,16 Gb Free Space | 15,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 233,76 Gb Total Space | 117,25 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive G: | 2,71 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 19,52 Gb Total Space | 12,99 Gb Free Space | 66,55% Space Free | Partition Type: FAT32
Drive I: | 18,80 Gb Total Space | 18,80 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: FANTOMAS
Current User Name: Tomas
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Metin2_CZ\metin2.bin" = C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2 -- ()
"F:\Program Files\Sacred\Sacred.exe" = F:\Program Files\Sacred\Sacred.exe:*:Enabled:Sacred -- File not found
"F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe" = F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred -- (studio II Software)
"E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe" = E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d -- File not found
"F:\DNMP\prism3d.exe" = F:\DNMP\prism3d.exe:*:Enabled:prism3d -- File not found
"C:\WINDOWS\system32\winsys32.exe" = C:\WINDOWS\system32\winsys32.exe:*:Enabled:WINSYSTM -- File not found
"C:\Program Files\Metin2_CZ\metin2client.bin" = C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp" = C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci -- File not found
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B6A9773-F8F8-4D3F-BCF0-029D2B87DB8A}" = Deus Ex - Invisible War
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}" = HP Print Diagnostic Utility
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 17
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2DBADDC3-574E-4CD1-A707-C8FC37CBA0F0}" = Sacred Gold
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{654E2C4D-B73A-4413-ADBD-0B690CF7E1B6}" = 5248
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A33E4E6D-75C4-4AB6-BD2E-E1D830DB2B2D}" = 74
"{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}" = NHL® 08
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CA8C4435-4DF7-4FEB-9C87-4AB93DE8FD7B}" = OpenOffice.org 2.3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D12631DE-39AA-47B7-9507-12BC741BD8E8}" = 14410
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9B3B577-26BD-4CB2-9072-8029AE097AFE}" = Quake Live Mozilla Plugin
"{DB7A82EA-3B5E-4942-ADAE-0E8B69989F80}" = 2936
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMP2" = AIMP2
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"a-squared Free_is1" = a-squared Free 4.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"Defraggler" = Defraggler (remove only)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Earth 2160_is1" = Earth 2160 1.3.7 CZ
"ESET Online Scanner" = ESET Online Scanner v3
"foobar2000" = foobar2000 v1.0
"Google Chrome" = Google Chrome
"HD Tune Pro_is1" = HD Tune Pro 3.10
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.8.5
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mixxx" = Mixxx 1.7.0
"MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.0
"Mozilla Firefox (3.6.2)" = Mozilla Firefox (3.6.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI Live Update 3" = MSI Live Update 3
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Scorpions WinCheater 2.07 (s databází 87)_is1" = Scorpions WinCheater
"Student DOG_is1" = Student DOG 1.8
"VirtualCloneDrive" = VirtualCloneDrive
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Worms Armageddon - New Edition" = Worms Armageddon - New Edition
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm" = ZoneAlarm
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.1.2010 4:40:04 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 13.1.2010 8:04:33 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 15.1.2010 20:03:15 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 16.1.2010 7:49:11 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 18.1.2010 7:42:17 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 19.1.2010 8:52:27 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 21.1.2010 7:51:47 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 24.1.2010 8:06:39 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 25.1.2010 9:34:09 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 28.1.2010 2:40:37 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
[ Application Events ]
Error - 13.1.2010 4:40:04 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 13.1.2010 8:04:33 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 15.1.2010 20:03:15 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 16.1.2010 7:49:11 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 18.1.2010 7:42:17 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 19.1.2010 8:52:27 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 21.1.2010 7:51:47 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 24.1.2010 8:06:39 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 25.1.2010 9:34:09 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
Error - 28.1.2010 2:40:37 | Computer Name = FANTOMAS | Source = Application Error | ID = 1000
Description = Chybující aplikace hpqtra08.exe, verze 90.0.146.0, chybující modul
hpqusg.dll, verze 90.0.146.0, adresa chyby 0x00025b48.
[ System Events ]
Error - 25.3.2010 21:10:19 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 25.3.2010 21:12:55 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 26.3.2010 4:12:39 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
TrueVector Internet Monitor.
Error - 26.3.2010 4:12:39 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7000
Description = Služba TrueVector Internet Monitor neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 26.3.2010 20:48:51 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 26.3.2010 20:51:12 | Computer Name = FANTOMAS | Source = DCOM | ID = 10010
Description = Server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 27.3.2010 6:24:35 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
TrueVector Internet Monitor.
Error - 27.3.2010 6:24:35 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7000
Description = Služba TrueVector Internet Monitor neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 27.3.2010 6:25:27 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba brány aplikačního rozhraní.
Error - 27.3.2010 6:25:33 | Computer Name = FANTOMAS | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1053
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\winsys32.exe
:Reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\winsys32.exe"=-
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
[REBOOT] -
Anubides
- Vzorný návštěvník
- Příspěvky: 142
- Registrován: 22 bře 2010 22:13
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
All processes killed
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\SET205.tmp moved successfully.
C:\WINDOWS\System32\SET209.tmp moved successfully.
C:\WINDOWS\System32\SET211.tmp moved successfully.
C:\WINDOWS\System32\SET258.tmp moved successfully.
C:\WINDOWS\002056_.tmp moved successfully.
C:\WINDOWS\004951_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
File\Folder C:\WINDOWS\system32\winsys32.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\WINDOWS\system32\winsys32.exe deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Tomas
->Temp folder emptied: 27173301 bytes
->Temporary Internet Files folder emptied: 526526 bytes
->Java cache emptied: 12118713 bytes
->FireFox cache emptied: 57528200 bytes
->Google Chrome cache emptied: 11150591 bytes
->Flash cache emptied: 45485 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 354780 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13498364 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 117,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Tomas
->Flash cache emptied: 0 bytes
Po fixu se mi neustále dokola spouští instalace HP Photosmart Essential..vypnul sem to skrze správce uloh.
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.1.37.3 log created on 03272010_130541
Files\Folders moved on Reboot...
C:\Documents and Settings\Tomas\Local Settings\Temp\~DF9ECB.tmp moved successfully.
File\Folder C:\WINDOWS\temp\ZLT06c75.TMP not found!
Registry entries deleted on Reboot...
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\SET205.tmp moved successfully.
C:\WINDOWS\System32\SET209.tmp moved successfully.
C:\WINDOWS\System32\SET211.tmp moved successfully.
C:\WINDOWS\System32\SET258.tmp moved successfully.
C:\WINDOWS\002056_.tmp moved successfully.
C:\WINDOWS\004951_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
File\Folder C:\WINDOWS\system32\winsys32.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\WINDOWS\system32\winsys32.exe deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Tomas
->Temp folder emptied: 27173301 bytes
->Temporary Internet Files folder emptied: 526526 bytes
->Java cache emptied: 12118713 bytes
->FireFox cache emptied: 57528200 bytes
->Google Chrome cache emptied: 11150591 bytes
->Flash cache emptied: 45485 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 354780 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13498364 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 117,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Tomas
->Flash cache emptied: 0 bytes
Po fixu se mi neustále dokola spouští instalace HP Photosmart Essential..vypnul sem to skrze správce uloh.
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.1.37.3 log created on 03272010_130541
Files\Folders moved on Reboot...
C:\Documents and Settings\Tomas\Local Settings\Temp\~DF9ECB.tmp moved successfully.
File\Folder C:\WINDOWS\temp\ZLT06c75.TMP not found!
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
Anubides
- Vzorný návštěvník
- Příspěvky: 142
- Registrován: 22 bře 2010 22:13
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
No naběhl rychleji, tak snad to už bude dobré. Zatím děkuji za mnohokrát za pomoc =)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
Anubides
- Vzorný návštěvník
- Příspěvky: 142
- Registrován: 22 bře 2010 22:13
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomas at 2010-03-27 13:59:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (18%) free of 15 GB
Total RAM: 767 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:24, on 27.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Student DOG\StudentDOG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\AIMP2\AIMP2.exe
F:\Dokumenty\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tomas.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StudentDOG] C:\Program Files\Student DOG\StudentDOG.exe -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate1ca21d1d7bce8e6) (gupdate1ca21d1d7bce8e6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 5837 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll [2009-08-20 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2006-12-28 4579328]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-06-01 1501064]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-21 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-21 110696]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"StudentDOG"=C:\Program Files\Student DOG\StudentDOG.exe [2009-11-04 2195456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-20 198160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-10-12 393216]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"F:\Program Files\Sacred\Sacred.exe"="F:\Program Files\Sacred\Sacred.exe:*:Enabled:Sacred"
"F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d"
"F:\DNMP\prism3d.exe"="F:\DNMP\prism3d.exe:*:Enabled:prism3d"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
======List of files/folders created in the last 1 months======
2010-03-27 13:05:41 ----D---- C:\_OTL
2010-03-27 11:44:18 ----D---- C:\rsit
2010-03-23 20:47:42 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-03-23 20:47:21 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-03-23 20:47:18 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-03-23 20:47:14 ----D---- C:\Program Files\Zone Labs
2010-03-23 20:46:42 ----D---- C:\WINDOWS\Internet Logs
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-03-23 20:46:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-03-23 13:12:32 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
2010-03-23 13:12:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-23 13:12:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-23 03:25:31 ----RASHD---- C:\autorun.inf
2010-03-19 18:00:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-03-19 18:00:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-19 17:58:01 ----D---- C:\Program Files\a-squared Free
2010-03-17 18:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2010-03-16 20:40:25 ----D---- C:\Program Files\Mixxx
2010-03-10 00:15:23 ----HD---- C:\WINDOWS\PIF
2010-03-01 16:59:07 ----D---- C:\Program Files\Microsoft IntelliType Pro
2010-03-01 14:11:05 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-03-01 02:59:14 ----D---- C:\Documents and Settings\Tomas\Data aplikací\foobar2000
2010-03-01 01:29:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
======List of files/folders modified in the last 1 months======
2010-03-27 13:44:44 ----D---- C:\Documents and Settings\Tomas\Data aplikací\AIMP
2010-03-27 13:24:49 ----HD---- C:\Config.Msi
2010-03-27 13:24:43 ----SHD---- C:\WINDOWS\Installer
2010-03-27 13:17:22 ----D---- C:\WINDOWS\Temp
2010-03-27 13:13:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-27 13:11:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-27 13:09:13 ----D---- C:\WINDOWS\system32\Restore
2010-03-27 13:09:12 ----SHD---- C:\System Volume Information
2010-03-27 13:05:43 ----D---- C:\WINDOWS\system32
2010-03-27 13:05:43 ----D---- C:\WINDOWS
2010-03-27 12:24:51 ----D---- C:\WINDOWS\Prefetch
2010-03-27 12:02:49 ----ASH---- C:\boot.ini
2010-03-27 12:02:49 ----A---- C:\WINDOWS\win.ini
2010-03-27 12:02:49 ----A---- C:\WINDOWS\system.ini
2010-03-27 12:01:21 ----D---- C:\WINDOWS\pss
2010-03-26 20:49:34 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Skype
2010-03-26 20:23:17 ----D---- C:\Documents and Settings\Tomas\Data aplikací\skypePM
2010-03-26 00:34:58 ----RD---- C:\Program Files
2010-03-24 01:23:01 ----D---- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
2010-03-23 21:36:09 ----D---- C:\Program Files\Mozilla Firefox
2010-03-23 20:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-23 20:41:27 ----D---- C:\WINDOWS\system32\drivers
2010-03-23 12:54:01 ----D---- C:\Program Files\HD Tune Pro
2010-03-23 03:25:00 ----SHD---- C:\RECYCLER
2010-03-21 00:48:56 ----D---- C:\Documents and Settings\Tomas\Data aplikací\uTorrent
2010-03-18 19:40:03 ----D---- C:\Program Files\Hide Real IP
2010-03-18 19:38:42 ----D---- C:\WINDOWS\Minidump
2010-03-17 18:09:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-17 18:09:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-17 11:29:29 ----HD---- C:\WINDOWS\inf
2010-03-04 21:16:18 ----D---- C:\Program Files\PopCap Games
2010-03-04 17:13:08 ----D---- C:\WINDOWS\Help
2010-03-02 13:18:36 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-01 17:01:25 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-01 17:00:39 ----SD---- C:\Documents and Settings\Tomas\Data aplikací\Microsoft
2010-03-01 17:00:36 ----SD---- C:\WINDOWS\Tasks
2010-03-01 16:59:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-01 16:59:10 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 14:50:37 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-01 01:28:42 ----D---- C:\WINDOWS\system32\config
2010-03-01 01:28:33 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys []
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S1 es137140;SB AudioPCI 64V; C:\WINDOWS\system32\DRIVERS\es137140.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Program Files\MSI\Live Update 3\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-21 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-30 75064]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca21d1d7bce8e6;Služba Google Update (gupdate1ca21d1d7bce8e6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-20 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Tomas at 2010-03-27 13:59:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (18%) free of 15 GB
Total RAM: 767 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:00:24, on 27.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Student DOG\StudentDOG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\AIMP2\AIMP2.exe
F:\Dokumenty\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tomas.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StudentDOG] C:\Program Files\Student DOG\StudentDOG.exe -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate1ca21d1d7bce8e6) (gupdate1ca21d1d7bce8e6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 5837 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll [2009-08-20 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2006-12-28 4579328]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-06-01 1501064]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-21 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-21 110696]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"StudentDOG"=C:\Program Files\Student DOG\StudentDOG.exe [2009-11-04 2195456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-20 198160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-10-12 393216]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"F:\Program Files\Sacred\Sacred.exe"="F:\Program Files\Sacred\Sacred.exe:*:Enabled:Sacred"
"F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d"
"F:\DNMP\prism3d.exe"="F:\DNMP\prism3d.exe:*:Enabled:prism3d"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
======List of files/folders created in the last 1 months======
2010-03-27 13:05:41 ----D---- C:\_OTL
2010-03-27 11:44:18 ----D---- C:\rsit
2010-03-23 20:47:42 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-03-23 20:47:21 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-03-23 20:47:18 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-03-23 20:47:14 ----D---- C:\Program Files\Zone Labs
2010-03-23 20:46:42 ----D---- C:\WINDOWS\Internet Logs
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-03-23 20:46:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-03-23 13:12:32 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
2010-03-23 13:12:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-23 13:12:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-23 03:25:31 ----RASHD---- C:\autorun.inf
2010-03-19 18:00:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-03-19 18:00:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-19 17:58:01 ----D---- C:\Program Files\a-squared Free
2010-03-17 18:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2010-03-16 20:40:25 ----D---- C:\Program Files\Mixxx
2010-03-10 00:15:23 ----HD---- C:\WINDOWS\PIF
2010-03-01 16:59:07 ----D---- C:\Program Files\Microsoft IntelliType Pro
2010-03-01 14:11:05 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-03-01 02:59:14 ----D---- C:\Documents and Settings\Tomas\Data aplikací\foobar2000
2010-03-01 01:29:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
======List of files/folders modified in the last 1 months======
2010-03-27 13:44:44 ----D---- C:\Documents and Settings\Tomas\Data aplikací\AIMP
2010-03-27 13:24:49 ----HD---- C:\Config.Msi
2010-03-27 13:24:43 ----SHD---- C:\WINDOWS\Installer
2010-03-27 13:17:22 ----D---- C:\WINDOWS\Temp
2010-03-27 13:13:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-27 13:11:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-27 13:09:13 ----D---- C:\WINDOWS\system32\Restore
2010-03-27 13:09:12 ----SHD---- C:\System Volume Information
2010-03-27 13:05:43 ----D---- C:\WINDOWS\system32
2010-03-27 13:05:43 ----D---- C:\WINDOWS
2010-03-27 12:24:51 ----D---- C:\WINDOWS\Prefetch
2010-03-27 12:02:49 ----ASH---- C:\boot.ini
2010-03-27 12:02:49 ----A---- C:\WINDOWS\win.ini
2010-03-27 12:02:49 ----A---- C:\WINDOWS\system.ini
2010-03-27 12:01:21 ----D---- C:\WINDOWS\pss
2010-03-26 20:49:34 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Skype
2010-03-26 20:23:17 ----D---- C:\Documents and Settings\Tomas\Data aplikací\skypePM
2010-03-26 00:34:58 ----RD---- C:\Program Files
2010-03-24 01:23:01 ----D---- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
2010-03-23 21:36:09 ----D---- C:\Program Files\Mozilla Firefox
2010-03-23 20:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-23 20:41:27 ----D---- C:\WINDOWS\system32\drivers
2010-03-23 12:54:01 ----D---- C:\Program Files\HD Tune Pro
2010-03-23 03:25:00 ----SHD---- C:\RECYCLER
2010-03-21 00:48:56 ----D---- C:\Documents and Settings\Tomas\Data aplikací\uTorrent
2010-03-18 19:40:03 ----D---- C:\Program Files\Hide Real IP
2010-03-18 19:38:42 ----D---- C:\WINDOWS\Minidump
2010-03-17 18:09:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-17 18:09:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-17 11:29:29 ----HD---- C:\WINDOWS\inf
2010-03-04 21:16:18 ----D---- C:\Program Files\PopCap Games
2010-03-04 17:13:08 ----D---- C:\WINDOWS\Help
2010-03-02 13:18:36 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-01 17:01:25 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-01 17:00:39 ----SD---- C:\Documents and Settings\Tomas\Data aplikací\Microsoft
2010-03-01 17:00:36 ----SD---- C:\WINDOWS\Tasks
2010-03-01 16:59:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-01 16:59:10 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 14:50:37 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-01 01:28:42 ----D---- C:\WINDOWS\system32\config
2010-03-01 01:28:33 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys []
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S1 es137140;SB AudioPCI 64V; C:\WINDOWS\system32\DRIVERS\es137140.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Program Files\MSI\Live Update 3\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-21 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-30 75064]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca21d1d7bce8e6;Služba Google Update (gupdate1ca21d1d7bce8e6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-20 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
-
Anubides
- Vzorný návštěvník
- Příspěvky: 142
- Registrován: 22 bře 2010 22:13
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Zdlouhavé nabíhání PC, mrkněte mi prosím na log, díky
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomas at 2010-03-27 14:50:43
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (18%) free of 15 GB
Total RAM: 767 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:51:21, on 27.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Student DOG\StudentDOG.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\Dokumenty\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tomas.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StudentDOG] C:\Program Files\Student DOG\StudentDOG.exe -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate1ca21d1d7bce8e6) (gupdate1ca21d1d7bce8e6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 5651 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll [2009-08-20 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2006-12-28 4579328]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-06-01 1501064]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-21 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-21 110696]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"StudentDOG"=C:\Program Files\Student DOG\StudentDOG.exe [2009-11-04 2195456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-20 198160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-10-12 393216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"F:\Program Files\Sacred\Sacred.exe"="F:\Program Files\Sacred\Sacred.exe:*:Enabled:Sacred"
"F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d"
"F:\DNMP\prism3d.exe"="F:\DNMP\prism3d.exe:*:Enabled:prism3d"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0adf4191-d5c2-11de-ad1a-0013d3649401}]
shell\AutoRun\command - G:\Autorun.exe
======List of files/folders created in the last 1 months======
2010-03-27 14:50:43 ----D---- C:\rsit
2010-03-23 20:47:42 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-03-23 20:47:21 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-03-23 20:47:18 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-03-23 20:47:14 ----D---- C:\Program Files\Zone Labs
2010-03-23 20:46:42 ----D---- C:\WINDOWS\Internet Logs
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-03-23 20:46:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-03-23 13:12:32 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
2010-03-23 13:12:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-23 13:12:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-23 03:25:31 ----RASHD---- C:\autorun.inf
2010-03-19 18:00:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-19 17:58:01 ----D---- C:\Program Files\a-squared Free
2010-03-17 18:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2010-03-16 20:40:25 ----D---- C:\Program Files\Mixxx
2010-03-10 00:15:23 ----HD---- C:\WINDOWS\PIF
2010-03-01 16:59:07 ----D---- C:\Program Files\Microsoft IntelliType Pro
2010-03-01 14:11:05 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-03-01 02:59:14 ----D---- C:\Documents and Settings\Tomas\Data aplikací\foobar2000
2010-03-01 01:29:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
======List of files/folders modified in the last 1 months======
2010-03-27 14:38:00 ----D---- C:\Program Files\Mozilla Firefox
2010-03-27 14:34:46 ----D---- C:\Documents and Settings\Tomas\Data aplikací\AIMP
2010-03-27 14:31:00 ----D---- C:\WINDOWS
2010-03-27 14:21:03 ----SHD---- C:\WINDOWS\Installer
2010-03-27 14:21:03 ----HD---- C:\Config.Msi
2010-03-27 14:19:17 ----ASH---- C:\boot.ini
2010-03-27 14:19:17 ----A---- C:\WINDOWS\win.ini
2010-03-27 14:19:17 ----A---- C:\WINDOWS\system.ini
2010-03-27 14:19:16 ----D---- C:\WINDOWS\pss
2010-03-27 14:18:19 ----D---- C:\WINDOWS\Temp
2010-03-27 14:14:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-27 14:03:44 ----RD---- C:\Program Files
2010-03-27 13:11:36 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-27 13:09:13 ----D---- C:\WINDOWS\system32\Restore
2010-03-27 13:09:12 ----SHD---- C:\System Volume Information
2010-03-27 13:05:43 ----D---- C:\WINDOWS\system32
2010-03-27 12:24:51 ----D---- C:\WINDOWS\Prefetch
2010-03-26 20:49:34 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Skype
2010-03-26 20:23:17 ----D---- C:\Documents and Settings\Tomas\Data aplikací\skypePM
2010-03-24 01:23:01 ----D---- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
2010-03-23 20:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-23 20:41:27 ----D---- C:\WINDOWS\system32\drivers
2010-03-23 12:54:01 ----D---- C:\Program Files\HD Tune Pro
2010-03-23 03:25:00 ----SHD---- C:\RECYCLER
2010-03-21 00:48:56 ----D---- C:\Documents and Settings\Tomas\Data aplikací\uTorrent
2010-03-18 19:40:03 ----D---- C:\Program Files\Hide Real IP
2010-03-18 19:38:42 ----D---- C:\WINDOWS\Minidump
2010-03-17 18:09:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-17 18:09:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-17 11:29:29 ----HD---- C:\WINDOWS\inf
2010-03-04 21:16:18 ----D---- C:\Program Files\PopCap Games
2010-03-04 17:13:08 ----D---- C:\WINDOWS\Help
2010-03-02 13:18:36 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-01 17:01:25 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-01 17:00:39 ----SD---- C:\Documents and Settings\Tomas\Data aplikací\Microsoft
2010-03-01 17:00:36 ----SD---- C:\WINDOWS\Tasks
2010-03-01 16:59:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-01 16:59:10 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 14:50:37 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-01 01:28:42 ----D---- C:\WINDOWS\system32\config
2010-03-01 01:28:33 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys []
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S1 es137140;SB AudioPCI 64V; C:\WINDOWS\system32\DRIVERS\es137140.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Program Files\MSI\Live Update 3\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-21 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-30 75064]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca21d1d7bce8e6;Služba Google Update (gupdate1ca21d1d7bce8e6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-20 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Tomas at 2010-03-27 14:50:43
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (18%) free of 15 GB
Total RAM: 767 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:51:21, on 27.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Student DOG\StudentDOG.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\Dokumenty\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Tomas.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StudentDOG] C:\Program Files\Student DOG\StudentDOG.exe -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate1ca21d1d7bce8e6) (gupdate1ca21d1d7bce8e6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 5651 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\K-Lite Codec Pack\Real\rpbrowserrecordplugin.dll [2009-08-20 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Tomas\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2006-12-28 4579328]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-06-01 1501064]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-21 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-21 110696]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"StudentDOG"=C:\Program Files\Student DOG\StudentDOG.exe [2009-11-04 2195456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-20 198160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2009-02-23 576000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomas^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-10-12 393216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"F:\Program Files\Sacred\Sacred.exe"="F:\Program Files\Sacred\Sacred.exe:*:Enabled:Sacred"
"F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="F:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe"="E:\Program Files\Duke Nukem - Manhattan Project\prism3d.exe:*:Enabled:prism3d"
"F:\DNMP\prism3d.exe"="F:\DNMP\prism3d.exe:*:Enabled:prism3d"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\Tomas\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0adf4191-d5c2-11de-ad1a-0013d3649401}]
shell\AutoRun\command - G:\Autorun.exe
======List of files/folders created in the last 1 months======
2010-03-27 14:50:43 ----D---- C:\rsit
2010-03-23 20:47:42 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-03-23 20:47:32 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-03-23 20:47:21 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-03-23 20:47:18 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-03-23 20:47:18 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-03-23 20:47:14 ----D---- C:\Program Files\Zone Labs
2010-03-23 20:46:42 ----D---- C:\WINDOWS\Internet Logs
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-03-23 20:46:41 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-03-23 20:46:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-03-23 13:12:32 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Malwarebytes
2010-03-23 13:12:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-23 13:12:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-23 03:25:31 ----RASHD---- C:\autorun.inf
2010-03-19 18:00:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-19 17:58:01 ----D---- C:\Program Files\a-squared Free
2010-03-17 18:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2010-03-16 20:40:25 ----D---- C:\Program Files\Mixxx
2010-03-10 00:15:23 ----HD---- C:\WINDOWS\PIF
2010-03-01 16:59:07 ----D---- C:\Program Files\Microsoft IntelliType Pro
2010-03-01 14:11:05 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-03-01 14:11:02 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-03-01 14:11:01 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-03-01 02:59:14 ----D---- C:\Documents and Settings\Tomas\Data aplikací\foobar2000
2010-03-01 01:29:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
======List of files/folders modified in the last 1 months======
2010-03-27 14:38:00 ----D---- C:\Program Files\Mozilla Firefox
2010-03-27 14:34:46 ----D---- C:\Documents and Settings\Tomas\Data aplikací\AIMP
2010-03-27 14:31:00 ----D---- C:\WINDOWS
2010-03-27 14:21:03 ----SHD---- C:\WINDOWS\Installer
2010-03-27 14:21:03 ----HD---- C:\Config.Msi
2010-03-27 14:19:17 ----ASH---- C:\boot.ini
2010-03-27 14:19:17 ----A---- C:\WINDOWS\win.ini
2010-03-27 14:19:17 ----A---- C:\WINDOWS\system.ini
2010-03-27 14:19:16 ----D---- C:\WINDOWS\pss
2010-03-27 14:18:19 ----D---- C:\WINDOWS\Temp
2010-03-27 14:14:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-27 14:03:44 ----RD---- C:\Program Files
2010-03-27 13:11:36 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-27 13:09:13 ----D---- C:\WINDOWS\system32\Restore
2010-03-27 13:09:12 ----SHD---- C:\System Volume Information
2010-03-27 13:05:43 ----D---- C:\WINDOWS\system32
2010-03-27 12:24:51 ----D---- C:\WINDOWS\Prefetch
2010-03-26 20:49:34 ----D---- C:\Documents and Settings\Tomas\Data aplikací\Skype
2010-03-26 20:23:17 ----D---- C:\Documents and Settings\Tomas\Data aplikací\skypePM
2010-03-24 01:23:01 ----D---- C:\Documents and Settings\Tomas\Data aplikací\OpenOffice.org2
2010-03-23 20:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-23 20:41:27 ----D---- C:\WINDOWS\system32\drivers
2010-03-23 12:54:01 ----D---- C:\Program Files\HD Tune Pro
2010-03-23 03:25:00 ----SHD---- C:\RECYCLER
2010-03-21 00:48:56 ----D---- C:\Documents and Settings\Tomas\Data aplikací\uTorrent
2010-03-18 19:40:03 ----D---- C:\Program Files\Hide Real IP
2010-03-18 19:38:42 ----D---- C:\WINDOWS\Minidump
2010-03-17 18:09:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-17 18:09:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-17 11:29:29 ----HD---- C:\WINDOWS\inf
2010-03-04 21:16:18 ----D---- C:\Program Files\PopCap Games
2010-03-04 17:13:08 ----D---- C:\WINDOWS\Help
2010-03-02 13:18:36 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-01 17:01:25 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-01 17:00:39 ----SD---- C:\Documents and Settings\Tomas\Data aplikací\Microsoft
2010-03-01 17:00:36 ----SD---- C:\WINDOWS\Tasks
2010-03-01 16:59:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-01 16:59:10 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 14:50:37 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-01 01:28:42 ----D---- C:\WINDOWS\system32\config
2010-03-01 01:28:33 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ACEDRV05;ACEDRV05; \??\C:\WINDOWS\system32\drivers\ACEDRV05.sys []
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-04-17 42496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S1 es137140;SB AudioPCI 64V; C:\WINDOWS\system32\DRIVERS\es137140.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Program Files\MSI\Live Update 3\NTACCESS.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-21 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-30 75064]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1ca21d1d7bce8e6;Služba Google Update (gupdate1ca21d1d7bce8e6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-20 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?