Trpím chvílema zvýšenou odezvou internetu, nemám tušení co by s tím mohlo být, Děkuji za pomoc.
Logfile of random's system information tool 1.06 (written by random/random)
Run by - at 2010-04-14 21:10:37
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 6 GB (17%) free of 33 GB
Total RAM: 2045 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:10:50, on 14.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\-.DDDCB357B989433\Plocha\RSIT.exe
C:\Program Files\trend micro\-.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{1907E228-CD7C-487D-B321-42CF0BBED0DA}: NameServer = 213.250.192.1,213.250.194.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1907E228-CD7C-487D-B321-42CF0BBED0DA}: NameServer = 213.250.192.1,213.250.194.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1907E228-CD7C-487D-B321-42CF0BBED0DA}: NameServer = 213.250.192.1,213.250.194.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 5633 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\PCConfidential.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-03 18085888]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
C:\Documents and Settings\-.DDDCB357B989433\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"E:\PROGRAMY\HLSW\hlsw.exe"="E:\PROGRAMY\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\HRY\cod = 2\CoD2MP_s.exe"="E:\HRY\cod = 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"E:\HRY\TonyHawkProSkaterAmericanWestaland\Game\THAW.exe"="E:\HRY\TonyHawkProSkaterAmericanWestaland\Game\THAW.exe:*:Enabled:Tony Hawk's American Wasteland"
"E:\PROGRAMY\ICQ6.5\ICQ.exe"="E:\PROGRAMY\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\IALauncher.exe"="C:\Documents and Settings\-.DDDCB357B989433\Plocha\IALauncher.exe:*:Enabled: "
"E:\HRY\cod - installed\CoD2MP_s.exe"="E:\HRY\cod - installed\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"E:\PROGRAMY\Xfire\Xfire.exe"="E:\PROGRAMY\Xfire\Xfire.exe:*:Enabled:Xfire"
"E:\HRY\Kopie - WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="E:\HRY\Kopie - WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\HRY\Kopie - WoW - 3.2\Launcher.exe"="E:\HRY\Kopie - WoW - 3.2\Launcher.exe:*:Enabled:Blizzard Launcher"
"E:\HRY\WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="E:\HRY\WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\HRY\WoW - 3.2\Launcher.exe"="E:\HRY\WoW - 3.2\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Cod5\CoDWaW.exe"="G:\Cod5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Cod5\CoDWaWmp.exe"="G:\Cod5\CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plugin Manager\skypePM.exe"="C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\HRY\Cod5\CoDWaW.exe"="E:\HRY\Cod5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Phone\Skype.exe"="C:\Documents and Settings\-.DDDCB357B989433\Plocha\Phone\Skype.exe:*:Enabled:Skype"
"E:\HRY\WoW-3.2.2\Launcher.exe"="E:\HRY\WoW-3.2.2\Launcher.exe:*:Enabled:Launcher.exe"
"E:\HRY\v4\MMV4.exe"="E:\HRY\v4\MMV4.exe:*:Enabled:MMV4"
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe"="C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-04-14 21:10:37 ----D---- C:\rsit
2010-04-14 21:10:37 ----D---- C:\Program Files\trend micro
2010-04-14 14:52:55 ----D---- C:\WINDOWS\LastGood
2010-04-11 16:51:26 ----D---- C:\Tmp
2010-04-11 02:06:37 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
2010-04-11 01:21:19 ----A---- C:\WINDOWS\system32\MPG4C32.dll
2010-04-10 12:57:53 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-07 17:04:36 ----D---- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Publish Providers
2010-04-07 16:27:23 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll
2010-04-07 16:27:23 ----N---- C:\WINDOWS\system32\dbmsgnet.dll
2010-04-07 16:26:11 ----D---- C:\Program Files\Microsoft SQL Server
2010-04-07 16:25:57 ----D---- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Sony
2010-04-07 16:25:09 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sony
2010-03-31 12:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-30 08:55:28 ----RA---- C:\WINDOWS\system32\xmltok.dll
2010-03-30 08:55:28 ----RA---- C:\WINDOWS\system32\xmlparse.dll
2010-03-30 08:55:28 ----RA---- C:\WINDOWS\system32\xmlinst.exe
2010-03-30 08:55:28 ----RA---- C:\WINDOWS\system32\VB5DB.DLL
2010-03-30 08:55:28 ----RA---- C:\WINDOWS\system32\msxml3a.dll
2010-03-30 08:55:27 ----D---- C:\Program Files\Ubi Soft
2010-03-29 08:15:20 ----A---- C:\WINDOWS\system32\frapsvid.dll
2010-03-26 21:00:50 ----A---- C:\WINDOWS\system32\xfcodec.dll
2010-03-20 13:34:34 ----D---- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\teamspeak2
2010-03-20 00:31:15 ----D---- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Ventrilo
======List of files/folders modified in the last 1 months======
2010-04-14 21:10:38 ----D---- C:\WINDOWS\Temp
2010-04-14 21:10:37 ----RD---- C:\Program Files
2010-04-14 21:02:47 ----D---- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Xfire
2010-04-14 20:53:19 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-04-14 20:48:24 ----HD---- C:\WINDOWS\inf
2010-04-14 20:47:41 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 20:47:41 ----D---- C:\WINDOWS
2010-04-14 20:38:26 ----D---- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Skype
2010-04-14 14:52:54 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-13 21:12:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-13 20:45:11 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-13 19:23:05 ----D---- C:\WINDOWS\system32
2010-04-12 21:03:43 ----D---- C:\WINDOWS\Prefetch
2010-04-11 16:50:13 ----SHD---- C:\Config.Msi
2010-04-11 16:50:13 ----SD---- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Microsoft
2010-04-11 16:50:12 ----SHD---- C:\WINDOWS\Installer
2010-04-11 16:26:12 ----SH---- C:\boot.ini
2010-04-11 16:26:12 ----A---- C:\WINDOWS\win.ini
2010-04-11 16:26:12 ----A---- C:\WINDOWS\system.ini
2010-04-11 16:26:10 ----D---- C:\WINDOWS\pss
2010-04-11 00:49:28 ----D---- C:\WINDOWS\system32\MAGIX
2010-04-11 00:47:21 ----D---- C:\Program Files\NCH Software
2010-04-11 00:47:04 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-07 16:27:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-07 16:25:54 ----RSD---- C:\WINDOWS\assembly
2010-04-07 16:23:46 ----D---- C:\WINDOWS\WinSxS
2010-04-07 15:46:07 ----D---- C:\Documents and Settings
2010-04-07 14:54:40 ----D---- C:\WINDOWS\system32\drivers
2010-04-02 23:35:43 ----D---- C:\Program Files\Mozilla Firefox
2010-03-31 12:19:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 12:19:13 ----D---- C:\Program Files\Internet Explorer
2010-03-30 17:09:39 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-03-29 20:22:27 ----A---- C:\WINDOWS\game.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2010-02-07 2915944]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-03 5030912]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-12-18 119552]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-02-06 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-04-14 214520]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp rozšíření vzhledu; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2010-02-07 304528]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; E:\PROGRAMY\sony_vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; E:\PROGRAMY\sony_vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-13 306432]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim a kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosim a kontrolu logu
Zdravím 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte program, poté klikněte na Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Prosim a kontrolu logu
Dobrý den
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosim a kontrolu logu
Logy z OTL ? Co máte na mysli ?
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosim a kontrolu logu
Caroprd111 píše:Zdravím
- Spusťte program, poté klikněte na Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Prosim a kontrolu logu
OTL logfile created on: 14.4.2010 21:24:45 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\-.DDDCB357B989433\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,10 Gb Total Space | 5,60 Gb Free Space | 17,44% Space Free | Partition Type: NTFS
Drive D: | 54,30 Gb Total Space | 52,49 Gb Free Space | 96,67% Space Free | Partition Type: NTFS
Drive E: | 146,49 Gb Total Space | 84,23 Gb Free Space | 57,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 232,88 Gb Total Space | 198,11 Gb Free Space | 85,07% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DDDCB357B989433
Current User Name: -
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.14 21:24:39 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
PRC - [2010.04.02 23:35:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.09.29 13:03:46 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.09.29 13:02:52 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2007.12.07 15:08:02 | 021,686,568 | R--- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe
PRC - [2004.08.18 11:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.04.14 21:24:39 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
MOD - [2008.12.26 01:08:00 | 001,507,328 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2008.12.26 01:08:00 | 000,286,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrscs.dll
MOD - [2008.12.26 01:08:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2004.08.18 11:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.02.13 00:46:30 | 000,306,432 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.07 00:00:18 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2009.09.29 13:11:10 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.09.29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.12.20 11:41:56 | 000,029,440 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\PROGRAMY\sony_vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\PROGRAMY\sony_vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
========== Driver Services (SafeList) ==========
DRV - [2010.02.07 00:00:19 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2009.09.29 13:05:54 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.09.29 13:02:58 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.09.29 12:56:32 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.02.03 18:22:00 | 005,030,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.12.26 01:08:00 | 006,301,344 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.12.18 01:09:12 | 000,119,552 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.08.05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2006.01.04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.01.07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {86009AEF-9162-4EBC-B698-FF71D7B6B049}:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.11 00:52:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.11 00:52:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.04.07 14:54:20 | 000,000,000 | ---D | M]
[2010.02.06 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Mozilla\Extensions
[2010.04.14 17:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Mozilla\Firefox\Profiles\gk74tuwv.default\extensions
[2010.02.14 17:23:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Mozilla\Firefox\Profiles\gk74tuwv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.14 17:10:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.03 08:24:19 | 000,000,000 | ---D | M] (SeekService) -- C:\Program Files\Mozilla Firefox\extensions\{86009AEF-9162-4EBC-B698-FF71D7B6B049}
[2010.03.30 17:34:15 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.30 17:34:15 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.30 17:34:15 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.30 17:34:15 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.30 17:34:15 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2004.08.18 11:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - Startup: C:\Documents and Settings\-.DDDCB357B989433\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plocha3D\desktopwallpaper0.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plocha3D\desktopwallpaper0.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.03 18:13:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.14 21:24:18 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
[2010.04.14 21:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.14 21:10:37 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.14 14:52:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.04.11 16:51:26 | 000,000,000 | ---D | C] -- C:\Tmp
[2010.04.11 02:06:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2010.04.11 01:21:19 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MPG4C32.dll
[2010.04.10 12:57:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.04.07 17:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Sony Media Libraries
[2010.04.07 17:04:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Publish Providers
[2010.04.07 17:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\Sony
[2010.04.07 17:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Moje Videa
[2010.04.07 16:27:23 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsqlgc.dll
[2010.04.07 16:27:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsgnet.dll
[2010.04.07 16:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010.04.07 16:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Sony
[2010.04.07 16:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sony
[2010.04.06 14:37:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\bulánci
[2010.03.30 08:55:28 | 000,140,488 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2010.03.30 08:55:28 | 000,115,016 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2010.03.30 08:55:28 | 000,089,360 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2010.03.30 08:55:28 | 000,026,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlinst.exe
[2010.03.30 08:55:28 | 000,024,576 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.03.30 08:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010.03.29 08:15:20 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2010.03.20 13:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\instalacky
[2010.03.20 13:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\teamspeak2
[2010.03.20 13:34:29 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2010.03.20 00:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Ventrilo
[2008.12.12 17:00:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2008.12.12 17:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.09.08 18:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.09.08 18:10:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.14 21:24:39 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
[2010.04.14 21:10:30 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\RSIT.exe
[2010.04.14 20:53:33 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.14 20:53:20 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.04.14 14:51:45 | 000,206,492 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.14 14:51:31 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2010.04.14 14:51:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.14 14:51:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.14 14:51:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.13 21:12:46 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\NTUSER.DAT
[2010.04.13 20:45:11 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.13 20:45:09 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.13 19:12:13 | 000,904,704 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_1.doc
[2010.04.13 19:10:51 | 000,520,462 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_2.pdf
[2010.04.13 19:10:47 | 000,145,301 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_3.pdf
[2010.04.13 19:09:16 | 001,415,295 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Pohony.pdf
[2010.04.11 21:57:43 | 004,814,014 | -H-- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\IconCache.db
[2010.04.11 16:43:59 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Fraps.lnk
[2010.04.11 16:26:12 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.04.11 16:26:12 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.11 16:26:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.04.11 01:29:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.08 15:53:20 | 000,009,944 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.sfk
[2010.04.08 15:41:46 | 001,264,544 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.wav
[2010.04.07 17:03:52 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Register Vegas.htm
[2010.04.07 16:27:31 | 000,453,226 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.07 16:27:31 | 000,450,108 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.07 16:27:31 | 000,086,926 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.07 16:27:31 | 000,075,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.07 16:27:30 | 001,030,676 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.07 16:25:17 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Vegas 7.0.lnk
[2010.04.05 19:47:11 | 000,000,387 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Konung 2.lnk
[2010.03.30 21:38:52 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Zástupce - Ventrilo.lnk
[2010.03.30 17:35:26 | 000,400,896 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Vyvody Integrovany obvodu.doc
[2010.03.29 20:22:27 | 000,000,177 | ---- | M] () -- C:\WINDOWS\game.ini
[2010.03.29 08:15:20 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2010.03.26 21:00:50 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.03.20 13:34:29 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.14 21:10:27 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\RSIT.exe
[2010.04.13 19:12:11 | 000,904,704 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_1.doc
[2010.04.13 19:10:51 | 000,520,462 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_2.pdf
[2010.04.13 19:10:47 | 000,145,301 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_3.pdf
[2010.04.13 19:09:13 | 001,415,295 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Pohony.pdf
[2010.04.11 16:43:59 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Fraps.lnk
[2010.04.11 01:27:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.08 15:41:46 | 000,009,944 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.sfk
[2010.04.08 15:41:35 | 001,264,544 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.wav
[2010.04.07 17:03:52 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Register Vegas.htm
[2010.04.07 16:25:17 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Vegas 7.0.lnk
[2010.04.05 19:47:11 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Konung 2.lnk
[2010.04.02 12:19:48 | 000,000,527 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Wow.lnk
[2010.03.30 21:38:54 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Zástupce - Ventrilo.lnk
[2010.03.30 17:35:26 | 000,400,896 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Vyvody Integrovany obvodu.doc
[2010.03.30 08:55:28 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2010.03.30 08:55:28 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2010.03.30 08:55:28 | 000,035,840 | R--- | C] () -- C:\WINDOWS\System32\comdlg32.oca
[2010.03.30 08:55:28 | 000,029,184 | R--- | C] () -- C:\WINDOWS\System32\MSINET.oca
[2010.03.26 21:00:50 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.03.06 20:35:54 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ezsid.dat
[2010.02.21 02:03:54 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\recorder.DLL
[2010.02.07 12:53:46 | 000,000,177 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.02.06 22:20:07 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.02.06 01:50:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2010.02.06 01:40:57 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.06 01:40:55 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.06 01:28:25 | 000,000,350 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.02.04 01:07:57 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.02.04 01:07:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.02.04 00:56:58 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010.02.04 00:56:58 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010.02.04 00:56:56 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010.02.04 00:56:47 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010.02.04 00:19:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\ntuser.ini
[2010.02.04 00:19:04 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\ntuser.dat.LOG
[2010.02.04 00:19:02 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\NTUSER.DAT
[2009.01.20 21:37:53 | 000,179,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:05EE1EEF
< End of report >
OTL Extras logfile created on: 14.4.2010 21:24:45 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\-.DDDCB357B989433\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,10 Gb Total Space | 5,60 Gb Free Space | 17,44% Space Free | Partition Type: NTFS
Drive D: | 54,30 Gb Total Space | 52,49 Gb Free Space | 96,67% Space Free | Partition Type: NTFS
Drive E: | 146,49 Gb Total Space | 84,23 Gb Free Space | 57,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 232,88 Gb Total Space | 198,11 Gb Free Space | 85,07% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DDDCB357B989433
Current User Name: -
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"E:\PROGRAMY\HLSW\hlsw.exe" = E:\PROGRAMY\HLSW\hlsw.exe:*:Enabled:hlsw -- File not found
"E:\HRY\cod = 2\CoD2MP_s.exe" = E:\HRY\cod = 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- File not found
"E:\HRY\TonyHawkProSkaterAmericanWestaland\Game\THAW.exe" = E:\HRY\TonyHawkProSkaterAmericanWestaland\Game\THAW.exe:*:Enabled:Tony Hawk's American Wasteland -- (Aspyr Media, Inc.)
"E:\PROGRAMY\ICQ6.5\ICQ.exe" = E:\PROGRAMY\ICQ6.5\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\IALauncher.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\IALauncher.exe:*:Enabled: -- ()
"E:\HRY\cod - installed\CoD2MP_s.exe" = E:\HRY\cod - installed\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"E:\PROGRAMY\Xfire\Xfire.exe" = E:\PROGRAMY\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"E:\HRY\Kopie - WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = E:\HRY\Kopie - WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"E:\HRY\Kopie - WoW - 3.2\Launcher.exe" = E:\HRY\Kopie - WoW - 3.2\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"E:\HRY\WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = E:\HRY\WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\HRY\WoW - 3.2\Launcher.exe" = E:\HRY\WoW - 3.2\Launcher.exe:*:Enabled:Blizzard Launcher -- ()
"G:\Cod5\CoDWaW.exe" = G:\Cod5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop -- File not found
"G:\Cod5\CoDWaWmp.exe" = G:\Cod5\CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer -- File not found
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plugin Manager\skypePM.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"E:\HRY\Cod5\CoDWaW.exe" = E:\HRY\Cod5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop -- (Activision Blizzard, Inc.)
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Phone\Skype.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\Phone\Skype.exe:*:Enabled:Skype -- File not found
"E:\HRY\WoW-3.2.2\Launcher.exe" = E:\HRY\WoW-3.2.2\Launcher.exe:*:Enabled:Launcher.exe -- (Blizzard Entertainment)
"E:\HRY\v4\MMV4.exe" = E:\HRY\v4\MMV4.exe:*:Enabled:MMV4 -- (Codemasters)
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F9129B6-C438-4CCB-80CB-A97E9F3B6B8C}" = Taksi Desktop Video Recorder v0.765
"{85C70286-A56F-4834-BD24-B34EB76A93A2}" = ESET NOD32 Antivirus
"{864785DF-6D78-4A38-B66F-845BC5741843}" = liteCAM Evaluation
"{878D2EB2-2D55-42A9-955E-1E08F28529FD}" = Sony Media Manager 2.2
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AACB8468-5B29-4384-960B-3C1F5B5E056C}" = ArtRage 2 Starter Edition
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1 - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2189623-6851-4A1A-B9EE-6B8C2DA7F1AA}" = Konung 2 CZ
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D34D82E0-4600-407B-9478-8506C1DD1029}" = Nero 7 Essentials
"{DFB951D6-4270-42D8-B4B7-AA4B01911DC3}" = Sony Vegas 7.0
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{EDEFAF73-AC38-42E9-9003-25EC33E171CC}" = Bloodmoon
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALZip_is1" = ALZip
"CryptextNT4" = Cryptext (Remove Only)
"Death Illustrated 0.6 beta" = Death Illustrated 0.6 beta
"Easy MP3 Sound Recorder_is1" = Easy MP3 Sound Recorder version 3.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 1155] [2007-05-12]
"Fraps" = Fraps
"GameParkClient_is1" = GamePark
"GT Interactive - Driver" = GT Interactive - Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Registrace uživatele zařízení Canon MP160" = Registrace uživatele zařízení Canon MP160
"Stoked Rider" = Stoked Rider Free Trial
"TagMachine" = TagMachine
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Xfire" = Xfire (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NCsoft-AionEU" = Aion
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.4.2010 13:11:24 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.4.2010 14:40:49 | Computer Name = DDDCB357B989433 | Source = Application Error | ID = 1000
Description = Chybující aplikace thaw.exe, verze 1.0.1.0, chybující modul thaw.exe,
verze 1.0.1.0, adresa chyby 0x00129429.
Error - 9.4.2010 12:15:49 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.4.2010 12:16:17 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 8:45:44 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 9:58:19 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bulanci.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 17:53:38 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace taskmgr.exe, verze 5.1.2600.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 17:54:01 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CoD2MP_s.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.4.2010 13:02:26 | Computer Name = DDDCB357B989433 | Source = Application Error | ID = 1000
Description = Chybující aplikace thaw.exe, verze 1.0.1.0, chybující modul thaw.exe,
verze 1.0.1.0, adresa chyby 0x00129429.
Error - 12.4.2010 10:43:54 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CoD2MP_s.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 29.3.2010 4:28:51 | Computer Name = DDDCB357B989433 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 29.3.2010 4:28:56 | Computer Name = DDDCB357B989433 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 3.4.2010 7:14:07 | Computer Name = DDDCB357B989433 | Source = Print | ID = 6161
Description = Tisk dokumentu Microsoft Word - Dokument1 (vlastník: -) na tiskárně
Canon MP160 Printer se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru
(bajty): 8014132 Počet vytištěných bajtů: 614124 Celkový počet stran v dokumentu:
36 Počet vytištěných stran: 0 Klientský počítač: \\DDDCB357B989433 Kód chyby Win32,
vrácený tiskovým procesorem: 13 (0xd)
Error - 10.4.2010 19:26:59 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7022
Description = Služba NVIDIA Display Driver Service přestala během spouštění reagovat.
Error - 10.4.2010 19:27:30 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby NVSvc.
Error - 11.4.2010 10:23:57 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby UMWdf jako uživatel NT AUTHORITY\LocalService se
se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).
Error - 11.4.2010 10:23:57 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7000
Description = Služba Windows User Mode Driver Framework neuspěla při spuštění v
důsledku následující chyby: %%1069
Error - 13.4.2010 13:18:38 | Computer Name = DDDCB357B989433 | Source = Print | ID = 6161
Description = Tisk dokumentu Pohony.pdf (vlastník: -) na tiskárně Canon MP160 Printer
se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru (bajty): 4980736
Počet
vytištěných bajtů: 3187312 Celkový počet stran v dokumentu: 11 Počet vytištěných
stran: 0 Klientský počítač: \\DDDCB357B989433 Kód chyby Win32, vrácený tiskovým procesorem:
13 (0xd)
Error - 13.4.2010 13:21:25 | Computer Name = DDDCB357B989433 | Source = Print | ID = 6161
Description = Tisk dokumentu Pohony.pdf (vlastník: -) na tiskárně Canon MP160 Printer
se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru (bajty): 5001908
Počet
vytištěných bajtů: 4006752 Celkový počet stran v dokumentu: 11 Počet vytištěných
stran: 0 Klientský počítač: \\DDDCB357B989433 Kód chyby Win32, vrácený tiskovým procesorem:
13 (0xd)
< End of report >
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\-.DDDCB357B989433\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,10 Gb Total Space | 5,60 Gb Free Space | 17,44% Space Free | Partition Type: NTFS
Drive D: | 54,30 Gb Total Space | 52,49 Gb Free Space | 96,67% Space Free | Partition Type: NTFS
Drive E: | 146,49 Gb Total Space | 84,23 Gb Free Space | 57,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 232,88 Gb Total Space | 198,11 Gb Free Space | 85,07% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DDDCB357B989433
Current User Name: -
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.14 21:24:39 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
PRC - [2010.04.02 23:35:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.09.29 13:03:46 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.09.29 13:02:52 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2007.12.07 15:08:02 | 021,686,568 | R--- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe
PRC - [2004.08.18 11:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.04.14 21:24:39 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
MOD - [2008.12.26 01:08:00 | 001,507,328 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2008.12.26 01:08:00 | 000,286,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrscs.dll
MOD - [2008.12.26 01:08:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2004.08.18 11:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.02.13 00:46:30 | 000,306,432 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.07 00:00:18 | 000,304,528 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2009.09.29 13:11:10 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.09.29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.12.20 11:41:56 | 000,029,440 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\PROGRAMY\sony_vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\PROGRAMY\sony_vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
========== Driver Services (SafeList) ==========
DRV - [2010.02.07 00:00:19 | 002,915,944 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2009.09.29 13:05:54 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.09.29 13:02:58 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.09.29 12:56:32 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.02.03 18:22:00 | 005,030,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.12.26 01:08:00 | 006,301,344 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.12.18 01:09:12 | 000,119,552 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.08.05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2006.01.04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.01.07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {86009AEF-9162-4EBC-B698-FF71D7B6B049}:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.11 00:52:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.11 00:52:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.04.07 14:54:20 | 000,000,000 | ---D | M]
[2010.02.06 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Mozilla\Extensions
[2010.04.14 17:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Mozilla\Firefox\Profiles\gk74tuwv.default\extensions
[2010.02.14 17:23:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Mozilla\Firefox\Profiles\gk74tuwv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.14 17:10:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.03 08:24:19 | 000,000,000 | ---D | M] (SeekService) -- C:\Program Files\Mozilla Firefox\extensions\{86009AEF-9162-4EBC-B698-FF71D7B6B049}
[2010.03.30 17:34:15 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.30 17:34:15 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.30 17:34:15 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.30 17:34:15 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.30 17:34:15 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2004.08.18 11:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - Startup: C:\Documents and Settings\-.DDDCB357B989433\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plocha3D\desktopwallpaper0.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plocha3D\desktopwallpaper0.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.03 18:13:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.14 21:24:18 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
[2010.04.14 21:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.14 21:10:37 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.14 14:52:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.04.11 16:51:26 | 000,000,000 | ---D | C] -- C:\Tmp
[2010.04.11 02:06:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2010.04.11 01:21:19 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MPG4C32.dll
[2010.04.10 12:57:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.04.07 17:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Sony Media Libraries
[2010.04.07 17:04:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Publish Providers
[2010.04.07 17:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\Sony
[2010.04.07 17:04:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Moje Videa
[2010.04.07 16:27:23 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsqlgc.dll
[2010.04.07 16:27:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsgnet.dll
[2010.04.07 16:26:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010.04.07 16:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Sony
[2010.04.07 16:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sony
[2010.04.06 14:37:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\bulánci
[2010.03.30 08:55:28 | 000,140,488 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2010.03.30 08:55:28 | 000,115,016 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2010.03.30 08:55:28 | 000,089,360 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2010.03.30 08:55:28 | 000,026,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlinst.exe
[2010.03.30 08:55:28 | 000,024,576 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.03.30 08:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010.03.29 08:15:20 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2010.03.20 13:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\instalacky
[2010.03.20 13:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\teamspeak2
[2010.03.20 13:34:29 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2010.03.20 00:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\-.DDDCB357B989433\Data aplikací\Ventrilo
[2008.12.12 17:00:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2008.12.12 17:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.09.08 18:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2008.09.08 18:10:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.14 21:24:39 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\OTL.exe
[2010.04.14 21:10:30 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\RSIT.exe
[2010.04.14 20:53:33 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.14 20:53:20 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.04.14 14:51:45 | 000,206,492 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.14 14:51:31 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2010.04.14 14:51:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.14 14:51:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.14 14:51:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.13 21:12:46 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\NTUSER.DAT
[2010.04.13 20:45:11 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.13 20:45:09 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.13 19:12:13 | 000,904,704 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_1.doc
[2010.04.13 19:10:51 | 000,520,462 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_2.pdf
[2010.04.13 19:10:47 | 000,145,301 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_3.pdf
[2010.04.13 19:09:16 | 001,415,295 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Pohony.pdf
[2010.04.11 21:57:43 | 004,814,014 | -H-- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\IconCache.db
[2010.04.11 16:43:59 | 000,000,529 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Fraps.lnk
[2010.04.11 16:26:12 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.04.11 16:26:12 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.11 16:26:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.04.11 01:29:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.08 15:53:20 | 000,009,944 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.sfk
[2010.04.08 15:41:46 | 001,264,544 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.wav
[2010.04.07 17:03:52 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Register Vegas.htm
[2010.04.07 16:27:31 | 000,453,226 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.07 16:27:31 | 000,450,108 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.07 16:27:31 | 000,086,926 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.07 16:27:31 | 000,075,976 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.07 16:27:30 | 001,030,676 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.07 16:25:17 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Vegas 7.0.lnk
[2010.04.05 19:47:11 | 000,000,387 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Konung 2.lnk
[2010.03.30 21:38:52 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Zástupce - Ventrilo.lnk
[2010.03.30 17:35:26 | 000,400,896 | ---- | M] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Vyvody Integrovany obvodu.doc
[2010.03.29 20:22:27 | 000,000,177 | ---- | M] () -- C:\WINDOWS\game.ini
[2010.03.29 08:15:20 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2010.03.26 21:00:50 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.03.20 13:34:29 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.14 21:10:27 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\RSIT.exe
[2010.04.13 19:12:11 | 000,904,704 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_1.doc
[2010.04.13 19:10:51 | 000,520,462 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_2.pdf
[2010.04.13 19:10:47 | 000,145,301 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Elektricke stroje_DC_3.pdf
[2010.04.13 19:09:13 | 001,415,295 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Pohony.pdf
[2010.04.11 16:43:59 | 000,000,529 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Fraps.lnk
[2010.04.11 01:27:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.08 15:41:46 | 000,009,944 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.sfk
[2010.04.08 15:41:35 | 001,264,544 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Stopa 1 nahrát 1.wav
[2010.04.07 17:03:52 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Dokumenty\Register Vegas.htm
[2010.04.07 16:25:17 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Vegas 7.0.lnk
[2010.04.05 19:47:11 | 000,000,387 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Konung 2.lnk
[2010.04.02 12:19:48 | 000,000,527 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Wow.lnk
[2010.03.30 21:38:54 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Zástupce - Ventrilo.lnk
[2010.03.30 17:35:26 | 000,400,896 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Plocha\Vyvody Integrovany obvodu.doc
[2010.03.30 08:55:28 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2010.03.30 08:55:28 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2010.03.30 08:55:28 | 000,035,840 | R--- | C] () -- C:\WINDOWS\System32\comdlg32.oca
[2010.03.30 08:55:28 | 000,029,184 | R--- | C] () -- C:\WINDOWS\System32\MSINET.oca
[2010.03.26 21:00:50 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.03.06 20:35:54 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ezsid.dat
[2010.02.21 02:03:54 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\recorder.DLL
[2010.02.07 12:53:46 | 000,000,177 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.02.06 22:20:07 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.02.06 01:50:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2010.02.06 01:40:57 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.06 01:40:55 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.06 01:28:25 | 000,000,350 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2010.02.04 01:07:57 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.02.04 01:07:57 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.02.04 00:56:58 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2010.02.04 00:56:58 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2010.02.04 00:56:56 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2010.02.04 00:56:47 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2010.02.04 00:19:05 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\ntuser.ini
[2010.02.04 00:19:04 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\ntuser.dat.LOG
[2010.02.04 00:19:02 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\-.DDDCB357B989433\NTUSER.DAT
[2009.01.20 21:37:53 | 000,179,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:05EE1EEF
< End of report >
OTL Extras logfile created on: 14.4.2010 21:24:45 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\-.DDDCB357B989433\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,10 Gb Total Space | 5,60 Gb Free Space | 17,44% Space Free | Partition Type: NTFS
Drive D: | 54,30 Gb Total Space | 52,49 Gb Free Space | 96,67% Space Free | Partition Type: NTFS
Drive E: | 146,49 Gb Total Space | 84,23 Gb Free Space | 57,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 232,88 Gb Total Space | 198,11 Gb Free Space | 85,07% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DDDCB357B989433
Current User Name: -
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"E:\PROGRAMY\HLSW\hlsw.exe" = E:\PROGRAMY\HLSW\hlsw.exe:*:Enabled:hlsw -- File not found
"E:\HRY\cod = 2\CoD2MP_s.exe" = E:\HRY\cod = 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- File not found
"E:\HRY\TonyHawkProSkaterAmericanWestaland\Game\THAW.exe" = E:\HRY\TonyHawkProSkaterAmericanWestaland\Game\THAW.exe:*:Enabled:Tony Hawk's American Wasteland -- (Aspyr Media, Inc.)
"E:\PROGRAMY\ICQ6.5\ICQ.exe" = E:\PROGRAMY\ICQ6.5\ICQ.exe:*:Enabled:ICQ -- (ICQ, LLC.)
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\IALauncher.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\IALauncher.exe:*:Enabled: -- ()
"E:\HRY\cod - installed\CoD2MP_s.exe" = E:\HRY\cod - installed\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"E:\PROGRAMY\Xfire\Xfire.exe" = E:\PROGRAMY\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"E:\HRY\Kopie - WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = E:\HRY\Kopie - WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"E:\HRY\Kopie - WoW - 3.2\Launcher.exe" = E:\HRY\Kopie - WoW - 3.2\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"E:\HRY\WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = E:\HRY\WoW - 3.2\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\HRY\WoW - 3.2\Launcher.exe" = E:\HRY\WoW - 3.2\Launcher.exe:*:Enabled:Blizzard Launcher -- ()
"G:\Cod5\CoDWaW.exe" = G:\Cod5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop -- File not found
"G:\Cod5\CoDWaWmp.exe" = G:\Cod5\CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer -- File not found
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plugin Manager\skypePM.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"E:\HRY\Cod5\CoDWaW.exe" = E:\HRY\Cod5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop -- (Activision Blizzard, Inc.)
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Phone\Skype.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\Phone\Skype.exe:*:Enabled:Skype -- File not found
"E:\HRY\WoW-3.2.2\Launcher.exe" = E:\HRY\WoW-3.2.2\Launcher.exe:*:Enabled:Launcher.exe -- (Blizzard Entertainment)
"E:\HRY\v4\MMV4.exe" = E:\HRY\v4\MMV4.exe:*:Enabled:MMV4 -- (Codemasters)
"C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe" = C:\Documents and Settings\-.DDDCB357B989433\Plocha\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F9129B6-C438-4CCB-80CB-A97E9F3B6B8C}" = Taksi Desktop Video Recorder v0.765
"{85C70286-A56F-4834-BD24-B34EB76A93A2}" = ESET NOD32 Antivirus
"{864785DF-6D78-4A38-B66F-845BC5741843}" = liteCAM Evaluation
"{878D2EB2-2D55-42A9-955E-1E08F28529FD}" = Sony Media Manager 2.2
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AACB8468-5B29-4384-960B-3C1F5B5E056C}" = ArtRage 2 Starter Edition
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1 - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2189623-6851-4A1A-B9EE-6B8C2DA7F1AA}" = Konung 2 CZ
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D34D82E0-4600-407B-9478-8506C1DD1029}" = Nero 7 Essentials
"{DFB951D6-4270-42D8-B4B7-AA4B01911DC3}" = Sony Vegas 7.0
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{EDEFAF73-AC38-42E9-9003-25EC33E171CC}" = Bloodmoon
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALZip_is1" = ALZip
"CryptextNT4" = Cryptext (Remove Only)
"Death Illustrated 0.6 beta" = Death Illustrated 0.6 beta
"Easy MP3 Sound Recorder_is1" = Easy MP3 Sound Recorder version 3.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 1155] [2007-05-12]
"Fraps" = Fraps
"GameParkClient_is1" = GamePark
"GT Interactive - Driver" = GT Interactive - Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Registrace uživatele zařízení Canon MP160" = Registrace uživatele zařízení Canon MP160
"Stoked Rider" = Stoked Rider Free Trial
"TagMachine" = TagMachine
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Xfire" = Xfire (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NCsoft-AionEU" = Aion
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.4.2010 13:11:24 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.4.2010 14:40:49 | Computer Name = DDDCB357B989433 | Source = Application Error | ID = 1000
Description = Chybující aplikace thaw.exe, verze 1.0.1.0, chybující modul thaw.exe,
verze 1.0.1.0, adresa chyby 0x00129429.
Error - 9.4.2010 12:15:49 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.4.2010 12:16:17 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 8:45:44 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace konung2.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 9:58:19 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bulanci.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 17:53:38 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace taskmgr.exe, verze 5.1.2600.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.4.2010 17:54:01 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CoD2MP_s.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.4.2010 13:02:26 | Computer Name = DDDCB357B989433 | Source = Application Error | ID = 1000
Description = Chybující aplikace thaw.exe, verze 1.0.1.0, chybující modul thaw.exe,
verze 1.0.1.0, adresa chyby 0x00129429.
Error - 12.4.2010 10:43:54 | Computer Name = DDDCB357B989433 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CoD2MP_s.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 29.3.2010 4:28:51 | Computer Name = DDDCB357B989433 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 29.3.2010 4:28:56 | Computer Name = DDDCB357B989433 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.
Error - 3.4.2010 7:14:07 | Computer Name = DDDCB357B989433 | Source = Print | ID = 6161
Description = Tisk dokumentu Microsoft Word - Dokument1 (vlastník: -) na tiskárně
Canon MP160 Printer se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru
(bajty): 8014132 Počet vytištěných bajtů: 614124 Celkový počet stran v dokumentu:
36 Počet vytištěných stran: 0 Klientský počítač: \\DDDCB357B989433 Kód chyby Win32,
vrácený tiskovým procesorem: 13 (0xd)
Error - 10.4.2010 19:26:59 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7022
Description = Služba NVIDIA Display Driver Service přestala během spouštění reagovat.
Error - 10.4.2010 19:27:30 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby NVSvc.
Error - 11.4.2010 10:23:57 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby UMWdf jako uživatel NT AUTHORITY\LocalService se
se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%5 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).
Error - 11.4.2010 10:23:57 | Computer Name = DDDCB357B989433 | Source = Service Control Manager | ID = 7000
Description = Služba Windows User Mode Driver Framework neuspěla při spuštění v
důsledku následující chyby: %%1069
Error - 13.4.2010 13:18:38 | Computer Name = DDDCB357B989433 | Source = Print | ID = 6161
Description = Tisk dokumentu Pohony.pdf (vlastník: -) na tiskárně Canon MP160 Printer
se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru (bajty): 4980736
Počet
vytištěných bajtů: 3187312 Celkový počet stran v dokumentu: 11 Počet vytištěných
stran: 0 Klientský počítač: \\DDDCB357B989433 Kód chyby Win32, vrácený tiskovým procesorem:
13 (0xd)
Error - 13.4.2010 13:21:25 | Computer Name = DDDCB357B989433 | Source = Print | ID = 6161
Description = Tisk dokumentu Pohony.pdf (vlastník: -) na tiskárně Canon MP160 Printer
se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru (bajty): 5001908
Počet
vytištěných bajtů: 4006752 Celkový počet stran v dokumentu: 11 Počet vytištěných
stran: 0 Klientský počítač: \\DDDCB357B989433 Kód chyby Win32, vrácený tiskovým procesorem:
13 (0xd)
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosim a kontrolu logu
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2010.02.06 01:50:37 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:05EE1EEF
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
[REBOOT]
Re: Prosim a kontrolu logu
Tu je
All processes killed
========== OTL ==========
C:\WINDOWS\LastGood(2).Tmp\INF(2) folder deleted successfully.
C:\WINDOWS\LastGood(2).Tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\drivers\PciBus.sys moved successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:05EE1EEF deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: -
->Temp folder emptied: 41352341 bytes
->Temporary Internet Files folder emptied: 1988309 bytes
->Java cache emptied: 20999400 bytes
->FireFox cache emptied: 84575306 bytes
->Flash cache emptied: 4106 bytes
User: -.DDDCB357B989433
->Temp folder emptied: 138763399 bytes
->Temporary Internet Files folder emptied: 109358762 bytes
->FireFox cache emptied: 79099654 bytes
->Flash cache emptied: 63806 bytes
User: Administrator
->Temp folder emptied: 314 bytes
->Temporary Internet Files folder emptied: 158831 bytes
User: Administrator.18DF3731F8914A2
->Temp folder emptied: 2253062 bytes
->Temporary Internet Files folder emptied: 3919418 bytes
->FireFox cache emptied: 89271054 bytes
->Flash cache emptied: 15918 bytes
User: All Users
User: All Users.WINDOWS
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: dominik
->Temp folder emptied: 1468702 bytes
->Temporary Internet Files folder emptied: 1047659447 bytes
->FireFox cache emptied: 87385321 bytes
->Flash cache emptied: 2096904 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2535148 bytes
User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1387882 bytes
User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26291285 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23863144 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 683,00 mb
[EMPTYFLASH]
User: -
->Flash cache emptied: 0 bytes
User: -.DDDCB357B989433
->Flash cache emptied: 0 bytes
User: Administrator
User: Administrator.18DF3731F8914A2
->Flash cache emptied: 0 bytes
User: All Users
User: All Users.WINDOWS
User: Default User
User: Default User.WINDOWS
User: dominik
->Flash cache emptied: 0 bytes
User: LocalService
User: LocalService.NT AUTHORITY
User: LocalService.NT AUTHORITY.000
User: NetworkService
User: NetworkService.NT AUTHORITY
User: NetworkService.NT AUTHORITY.000
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.1.1 log created on 04142010_213425
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
C:\WINDOWS\LastGood(2).Tmp\INF(2) folder deleted successfully.
C:\WINDOWS\LastGood(2).Tmp folder deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\drivers\PciBus.sys moved successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:05EE1EEF deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: -
->Temp folder emptied: 41352341 bytes
->Temporary Internet Files folder emptied: 1988309 bytes
->Java cache emptied: 20999400 bytes
->FireFox cache emptied: 84575306 bytes
->Flash cache emptied: 4106 bytes
User: -.DDDCB357B989433
->Temp folder emptied: 138763399 bytes
->Temporary Internet Files folder emptied: 109358762 bytes
->FireFox cache emptied: 79099654 bytes
->Flash cache emptied: 63806 bytes
User: Administrator
->Temp folder emptied: 314 bytes
->Temporary Internet Files folder emptied: 158831 bytes
User: Administrator.18DF3731F8914A2
->Temp folder emptied: 2253062 bytes
->Temporary Internet Files folder emptied: 3919418 bytes
->FireFox cache emptied: 89271054 bytes
->Flash cache emptied: 15918 bytes
User: All Users
User: All Users.WINDOWS
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: dominik
->Temp folder emptied: 1468702 bytes
->Temporary Internet Files folder emptied: 1047659447 bytes
->FireFox cache emptied: 87385321 bytes
->Flash cache emptied: 2096904 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2535148 bytes
User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1387882 bytes
User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26291285 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23863144 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 683,00 mb
[EMPTYFLASH]
User: -
->Flash cache emptied: 0 bytes
User: -.DDDCB357B989433
->Flash cache emptied: 0 bytes
User: Administrator
User: Administrator.18DF3731F8914A2
->Flash cache emptied: 0 bytes
User: All Users
User: All Users.WINDOWS
User: Default User
User: Default User.WINDOWS
User: dominik
->Flash cache emptied: 0 bytes
User: LocalService
User: LocalService.NT AUTHORITY
User: LocalService.NT AUTHORITY.000
User: NetworkService
User: NetworkService.NT AUTHORITY
User: NetworkService.NT AUTHORITY.000
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.1.1 log created on 04142010_213425
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosim a kontrolu logu
Super, zase všechno při starém. Děkuji mnohokrát
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosim a kontrolu logu
Stáhněte a použijte http://oldtimer.geekstogo.com/TFC.exe Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
Doinstalujte SP3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100 V logu nevidím firewall, doinstalujte 
Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Přispějete na provoz fóra?